Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
172.234.206.58

Network
172.234.0.0/16

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://172.234.206.58:8761/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
172-234-206-58.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 09:38:23 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:38:23.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 2122389247,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS63949",
   "city" : "Chicago",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 09:38:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "172.234.192.0/18"
   },
   "host" : [
      "172-234-206-58"
   ],
   "hostname" : [
      "172-234-206-58.ip.linodeusercontent.com"
   ],
   "ip" : "172.234.206.58",
   "ipv6" : "false",
   "latitude" : "41.8874",
   "location" : "41.8874,-87.6318",
   "longitude" : "-87.6318",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8761,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "172-234-206-58.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "172.234.0.0/16",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
45.79.147.229

Network
45.79.128.0/19

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://45.79.147.229:8761/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
45-79-147-229.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 09:20:58 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:20:58.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 831353001,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS63949",
   "city" : "Cedar Knolls",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 09:20:58 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "45.79.128.0/18"
   },
   "host" : [
      "45-79-147-229"
   ],
   "hostname" : [
      "45-79-147-229.ip.linodeusercontent.com"
   ],
   "ip" : "45.79.147.229",
   "ipv6" : "false",
   "latitude" : "40.8229",
   "location" : "40.8229,-74.4592",
   "longitude" : "-74.4592",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8761,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "45-79-147-229.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "45.79.128.0/19",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
172.233.89.39

Network
172.233.0.0/16

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://172.233.89.39:8761/ 200

Reverse DNS
172-233-89-39.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
ACME mini_httpd 1.19

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
be8c584c9b43399aa78566949f4454b4

HTTP Header MD5
fa8c48d20ca10a9c856d4c8ec8b9e02f

HTTP Body MD5
c419d5a4a08aab5075ce6a0f2a90c193

HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
content-length: 9122
server: mini_httpd/1.19 19dec2003
connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="-1">
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link href="common.css" rel="stylesheet" type="text/css">
<link rel="icon" type="image/x-icon" href="/images/favicon.ico" />
<style type="text/css">
input {
	font-weight:bolder!important;
}

span#username, span#password, input#reset, input#login {
	font-weight: bolder;
	font-family:"メイリオ",Meiryo,"ヒラギノ角ゴ Pro W3","Hiragino Kaku Gothic Pro","ＭＳ Ｐゴシック","MS PGothic",sans-serif!important;
	font-size:13px;
}

</style>
<script type="text/javascript" src="/utils.js"></script>
<script type="text/javascript">
<!-- //
if (top.location.href != self.location.href)
{
   top.location.href = self.location.href;
   window.open(self.location.href, "_top");
}

function autoload()
{
    if (typeof(init) != "undefined" && typeof(lang) != "undefined") {
        setTimeout("init();", 200);
    } else {
        setTimeout("autoload();", 200);
    }
}

function lll()
{
    var lang;

    try {
        lang = get_cookie("lang");
        if (lang != "" && lang != null) {
            document.write("<script src=\"/" + lang + ".js\" ><\/script>");
        } else {
            document.write("<script src=\"/lang.js\" ><\/script>");
        }
        autoload();
    } catch (e) {
        setTimeout("autoload();", 200);
    }
}
lll();
//-->
</script>
</head>
<body>
<table class="center" id="tbl_center" style="visibility:hidden">
    <tr>
        <td>
            <form method="post" name="tf0" action="/cgi-bin/login.apply"
                onsubmit="apply();return false;" onKeyPress="keypressed(event)">
			<table class="fxc_login_table">
                    <tr>
                        <td>
                            <table align="center" style="width:100%;">
                                <tr>
                                    <td colspan="2">
										<br>
                                        <div class="fxc_login_div" id="login_title"><span>#AccessEdge#</span></div>
										<br>
                                    </td>
                                </tr>
								<tr>
                                    <td style="text-align:right; padding-right:10px; width:40%; height:25px;">
                                        <span id="username"></span>
                                    </td>
                                    <td style="text-align:left; padding-right:5px; width:60%; height:25px;">
                                        <input type="text" id="username_input"
                                            name="username_input" size="16" value="" maxlength="32">
                                    </td>
                                </tr>
                                <tr>
                                    <td style="text-align:right; padding-right:10px; width:40%; height:25px;">
                                        <span id="password"></span>
                                    </td>
                                    <td style="text-align:left; padding-right:5px; width:60%; height:25px;">
                                        <input type="password" id="password_input"
                                            name="password_input" size="16" maxlength="32">
                                    </td>
                                </tr>
                                <tr class="fxc_hide">
                                    <td>
                                        <span id="language"></span>
                                    </td>
                                    <td>
                                        <select id="lang" name="lang"
                                            onchange="on_lang_change(this.value);">
                                            <option value="ja_JP">#Japanese#</option>
                                            <option value="en_US">#English#</option>
                                            <option value="zh_TW">#Traditional Chinese#</option>
                                        </select>
                                    </td>
                                </tr>
                                <tr>
                                    <td colspan="2" class="btn_center">
										<br>
                                        <input id="login" type="submit" value="Login" style="width:90px">
										<input id="reset" type="reset" value="Reset" style="width:90px">
					<br><p></p>
                                    </td>
                                </tr>
                            </table>
                        </td>
                    </tr>
                </table>
            </form>
        </td>
    </tr>
</table>

<table class="center">
    <tr>
        <td>
            <div id="not_open_js"><br><br><br>
                Please enable javascript and refresh the page.
            </div>
            <span>
<script>
<!--
                document.getElementById("not_open_js").style.display='none';
//-->
</script>
            </span>
        </td>
    </tr>
</table>

<script type="text/javascript">
//AE1021
var model_name = "AE1021";

function apply()
{
    var now = new Date();
    var str = parseInt(now.getTime() / 1000);
    var cookieno;
    var hashstr;
	var window_name = window.name;

    if (gid("username_input").value == "") {
        alert(_N("#Empty Username#"));
        gid("username_input").focus();
        gid("username_input").select();
        return false;
    }

     if (gid("password_input").value == "") {
        alert(_N("#Empty Password#"));
        gid("password_input").focus();
        gid("password_input").select();
        return false;
    }
    cookieno = "" + str;
    set_cookie("cookieno", cookieno.substr(cookieno.length - 6, 6));
    set_cookie("username", gid("username_input").value);
    set_cookie("password", gid("password_input").value);

    str = time2str(now.getTime() / 1000);
    hashstr = str.substr(0, 4) + str.substr(4, 2) + str.substr(6, 2) +
        str.substr(8, 2) + str.substr(10, 2);
    t0form_addobj("hashstr", hashstr);
    t0form_addobj("username", gid("username_input").value);
    t0form_addobj("password", gid("password_input").value);
    //t0form_addobj("lang", document.tf0.lang.value);

	if ((window_name == "_vap") || (window_name == "_stalist"))
		t0form_addobj("windowname", window_name);
    document.tf0.submit();
    return true;
}

function on_lang_change(str)
{
    set_cookie("lang", str);
    location.href = location.href; // refresh
}

function lang_set()
{
    var obj, cookie_lang;

    cookie_lang = get_cookie("lang");
    obj = document.tf0.lang.options;
    if (cookie_lang != null && cookie_lang != "") {
        option_set(document.tf0.lang, cookie_lang);
    } else {
        option_set(document.tf0.lang, lang["-LANG-"]);
    }
}

function forget_pwd() {
    window.open('i_forgetpassword.htm','_top','width=600,height=500,toolbar=no,status=no,scrollbars=yes,resizable=yes,menubar=no');
}

function keypressed(evt){
    evt = (evt) ? evt : ((window.event) ? window.event : "");
    var key = evt.keyCode?evt.keyCode:evt.which;
    if ((gid("username_input").value != "") && (gid("password_input").value != "")){
        if(key == 13 )
        apply();
    }
}

function local_postload()
{
    var now = new Date();
    var str = parseInt(now.getTime() / 1000);
    var cookieno;
    var hashstr;


	var tmp_val = config_empty("login.fail.username");
    if(tmp_val != "") {
        gid("username_input").value = tmp_val;
        //alert(_N("#Username, password not matched. Please try again#"));
    }

    tf0 = document.tf0;
    if (config_empty("first.login") == "1") {
        cookieno = "" + str;
        set_cookie("cookieno", cookieno.substr(cookieno.length - 6, 6));
        set_cookie("username", "firstlogin");
        set_cookie("password", "firstlogin");
        str = time2str(now.getTime() / 1000);
        hashstr = str.substr(4, 2) + str.substr(6, 2) +
            str.substr(8, 2) + str.substr(10, 2) + str.substr(0, 4);
        t0form_addobj("hashstr", hashstr);
        tf0.submit();
    } else {
        classobj_show("table", "center");
        classobj_show("table", "fxc_login");
        gid("username").innerHTML = _N("#Login Account#");
        gid("password").innerHTML = _N("#Password#");
        gid("language").innerHTML = _N("#Language#");
    }
    setTimeout("gid('username').focus()", 1000);
}

function local_init()
{
    var obj, h;

    document.title = _N("#TITLE#");
    gid("login").value = _N("#Login#");
    lang_set();
	if (typeof(window.innerHeight) != "undefined")
		h = window.innerHeight;
	else
		h = document.documentElement.clientHeight;
	gid("tbl_center").setAttribute("height", h);

    acc_config.get("/cgi-bin/login", true);
}
</script>
</body>
<HEAD>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache" >
<META HTTP-EQUIV="Expires" CONTENT="-1">
</HEAD>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:36:07.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/loose.dtd"
         ]
      },
      "favicon" : {
         "url" : "/images/favicon.ico"
      },
      "http" : {
         "bodymd5" : "c419d5a4a08aab5075ce6a0f2a90c193",
         "bodymmh3" : 1435749317,
         "headermd5" : "fa8c48d20ca10a9c856d4c8ec8b9e02f",
         "headermmh3" : -962767946
      },
      "length" : 9257
   },
   "asn" : "AS63949",
   "city" : "Osaka",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 9122\r\nserver: mini_httpd/1.19 19dec2003\r\nconnection: close\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n<html>\n<head>\n<meta http-equiv=\"Cache-Control\" content=\"no-cache\" />\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta http-equiv=\"Expires\" content=\"-1\">\n<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\" />\n<link href=\"common.css\" rel=\"stylesheet\" type=\"text/css\">\n<link rel=\"icon\" type=\"image/x-icon\" href=\"/images/favicon.ico\" />\n<style type=\"text/css\">\ninput {\n\tfont-weight:bolder!important;\n}\n\nspan#username, span#password, input#reset, input#login {\n\tfont-weight: bolder;\n\tfont-family:\"\u30e1\u30a4\u30ea\u30aa\",Meiryo,\"\u30d2\u30e9\u30ae\u30ce\u89d2\u30b4 Pro W3\",\"Hiragino Kaku Gothic Pro\",\"\uff2d\uff33 \uff30\u30b4\u30b7\u30c3\u30af\",\"MS PGothic\",sans-serif!important;\n\tfont-size:13px;\n}\n\n</style>\n<script type=\"text/javascript\" src=\"/utils.js\"></script>\n<script type=\"text/javascript\">\n<!-- //\nif (top.location.href != self.location.href)\n{\n   top.location.href = self.location.href;\n   window.open(self.location.href, \"_top\");\n}\n\nfunction autoload()\n{\n    if (typeof(init) != \"undefined\" && typeof(lang) != \"undefined\") {\n        setTimeout(\"init();\", 200);\n    } else {\n        setTimeout(\"autoload();\", 200);\n    }\n}\n\nfunction lll()\n{\n    var lang;\n\n    try {\n        lang = get_cookie(\"lang\");\n        if (lang != \"\" && lang != null) {\n            document.write(\"<script src=\\\"/\" + lang + \".js\\\" ><\\/script>\");\n        } else {\n            document.write(\"<script src=\\\"/lang.js\\\" ><\\/script>\");\n        }\n        autoload();\n    } catch (e) {\n        setTimeout(\"autoload();\", 200);\n    }\n}\nlll();\n//-->\n</script>\n</head>\n<body>\n<table class=\"center\" id=\"tbl_center\" style=\"visibility:hidden\">\n    <tr>\n        <td>\n            <form method=\"post\" name=\"tf0\" action=\"/cgi-bin/login.apply\"\n                onsubmit=\"apply();return false;\" onKeyPress=\"keypressed(event)\">\n\t\t\t<table class=\"fxc_login_table\">\n                    <tr>\n                        <td>\n                            <table align=\"center\" style=\"width:100%;\">\n                                <tr>\n                                    <td colspan=\"2\">\n\t\t\t\t\t\t\t\t\t\t<br>\n                                        <div class=\"fxc_login_div\" id=\"login_title\"><span>#AccessEdge#</span></div>\n\t\t\t\t\t\t\t\t\t\t<br>\n                                    </td>\n                                </tr>\n\t\t\t\t\t\t\t\t<tr>\n                                    <td style=\"text-align:right; padding-right:10px; width:40%; height:25px;\">\n                                        <span id=\"username\"></span>\n                                    </td>\n                                    <td style=\"text-align:left; padding-right:5px; width:60%; height:25px;\">\n                                        <input type=\"text\" id=\"username_input\"\n                                            name=\"username_input\" size=\"16\" value=\"\" maxlength=\"32\">\n                                    </td>\n                                </tr>\n                                <tr>\n                                    <td style=\"text-align:right; padding-right:10px; width:40%; height:25px;\">\n                                        <span id=\"password\"></span>\n                                    </td>\n                                    <td style=\"text-align:left; padding-right:5px; width:60%; height:25px;\">\n                                        <input type=\"password\" id=\"password_input\"\n                                            name=\"password_input\" size=\"16\" maxlength=\"32\">\n                                    </td>\n                                </tr>\n                                <tr class=\"fxc_hide\">\n                                    <td>\n                                        <span id=\"language\"></span>\n                                    </td>\n                                    <td>\n                                        <select id=\"lang\" name=\"lang\"\n                                            onchange=\"on_lang_change(this.value);\">\n                                            <option value=\"ja_JP\">#Japanese#</option>\n                                            <option value=\"en_US\">#English#</option>\n                                            <option value=\"zh_TW\">#Traditional Chinese#</option>\n                                        </select>\n                                    </td>\n                                </tr>\n                                <tr>\n                                    <td colspan=\"2\" class=\"btn_center\">\n\t\t\t\t\t\t\t\t\t\t<br>\n                                        <input id=\"login\" type=\"submit\" value=\"Login\" style=\"width:90px\">\n\t\t\t\t\t\t\t\t\t\t<input id=\"reset\" type=\"reset\" value=\"Reset\" style=\"width:90px\">\n\t\t\t\t\t<br><p></p>\n                                    </td>\n                                </tr>\n                            </table>\n                        </td>\n                    </tr>\n                </table>\n            </form>\n        </td>\n    </tr>\n</table>\n\n<table class=\"center\">\n    <tr>\n        <td>\n            <div id=\"not_open_js\"><br><br><br>\n                Please enable javascript and refresh the page.\n            </div>\n            <span>\n<script>\n<!--\n                document.getElementById(\"not_open_js\").style.display='none';\n//-->\n</script>\n            </span>\n        </td>\n    </tr>\n</table>\n\n<script type=\"text/javascript\">\n//AE1021\nvar model_name = \"AE1021\";\n\nfunction apply()\n{\n    var now = new Date();\n    var str = parseInt(now.getTime() / 1000);\n    var cookieno;\n    var hashstr;\n\tvar window_name = window.name;\n\n    if (gid(\"username_input\").value == \"\") {\n        alert(_N(\"#Empty Username#\"));\n        gid(\"username_input\").focus();\n        gid(\"username_input\").select();\n        return false;\n    }\n\n     if (gid(\"password_input\").value == \"\") {\n        alert(_N(\"#Empty Password#\"));\n        gid(\"password_input\").focus();\n        gid(\"password_input\").select();\n        return false;\n    }\n    cookieno = \"\" + str;\n    set_cookie(\"cookieno\", cookieno.substr(cookieno.length - 6, 6));\n    set_cookie(\"username\", gid(\"username_input\").value);\n    set_cookie(\"password\", gid(\"password_input\").value);\n\n    str = time2str(now.getTime() / 1000);\n    hashstr = str.substr(0, 4) + str.substr(4, 2) + str.substr(6, 2) +\n        str.substr(8, 2) + str.substr(10, 2);\n    t0form_addobj(\"hashstr\", hashstr);\n    t0form_addobj(\"username\", gid(\"username_input\").value);\n    t0form_addobj(\"password\", gid(\"password_input\").value);\n    //t0form_addobj(\"lang\", document.tf0.lang.value);\n\n\tif ((window_name == \"_vap\") || (window_name == \"_stalist\"))\n\t\tt0form_addobj(\"windowname\", window_name);\n    document.tf0.submit();\n    return true;\n}\n\nfunction on_lang_change(str)\n{\n    set_cookie(\"lang\", str);\n    location.href = location.href; // refresh\n}\n\nfunction lang_set()\n{\n    var obj, cookie_lang;\n\n    cookie_lang = get_cookie(\"lang\");\n    obj = document.tf0.lang.options;\n    if (cookie_lang != null && cookie_lang != \"\") {\n        option_set(document.tf0.lang, cookie_lang);\n    } else {\n        option_set(document.tf0.lang, lang[\"-LANG-\"]);\n    }\n}\n\nfunction forget_pwd() {\n    window.open('i_forgetpassword.htm','_top','width=600,height=500,toolbar=no,status=no,scrollbars=yes,resizable=yes,menubar=no');\n}\n\nfunction keypressed(evt){\n    evt = (evt) ? evt : ((window.event) ? window.event : \"\");\n    var key = evt.keyCode?evt.keyCode:evt.which;\n    if ((gid(\"username_input\").value != \"\") && (gid(\"password_input\").value != \"\")){\n        if(key == 13 )\n        apply();\n    }\n}\n\nfunction local_postload()\n{\n    var now = new Date();\n    var str = parseInt(now.getTime() / 1000);\n    var cookieno;\n    var hashstr;\n\n\n\tvar tmp_val = config_empty(\"login.fail.username\");\n    if(tmp_val != \"\") {\n        gid(\"username_input\").value = tmp_val;\n        //alert(_N(\"#Username, password not matched. Please try again#\"));\n    }\n\n    tf0 = document.tf0;\n    if (config_empty(\"first.login\") == \"1\") {\n        cookieno = \"\" + str;\n        set_cookie(\"cookieno\", cookieno.substr(cookieno.length - 6, 6));\n        set_cookie(\"username\", \"firstlogin\");\n        set_cookie(\"password\", \"firstlogin\");\n        str = time2str(now.getTime() / 1000);\n        hashstr = str.substr(4, 2) + str.substr(6, 2) +\n            str.substr(8, 2) + str.substr(10, 2) + str.substr(0, 4);\n        t0form_addobj(\"hashstr\", hashstr);\n        tf0.submit();\n    } else {\n        classobj_show(\"table\", \"center\");\n        classobj_show(\"table\", \"fxc_login\");\n        gid(\"username\").innerHTML = _N(\"#Login Account#\");\n        gid(\"password\").innerHTML = _N(\"#Password#\");\n        gid(\"language\").innerHTML = _N(\"#Language#\");\n    }\n    setTimeout(\"gid('username').focus()\", 1000);\n}\n\nfunction local_init()\n{\n    var obj, h;\n\n    document.title = _N(\"#TITLE#\");\n    gid(\"login\").value = _N(\"#Login#\");\n    lang_set();\n\tif (typeof(window.innerHeight) != \"undefined\")\n\t\th = window.innerHeight;\n\telse\n\t\th = document.documentElement.clientHeight;\n\tgid(\"tbl_center\").setAttribute(\"height\", h);\n\n    acc_config.get(\"/cgi-bin/login\", true);\n}\n</script>\n</body>\n<HEAD>\n<META HTTP-EQUIV=\"Pragma\" CONTENT=\"no-cache\" >\n<META HTTP-EQUIV=\"Expires\" CONTENT=\"-1\">\n</HEAD>\n</html>",
   "datamd5" : "be8c584c9b43399aa78566949f4454b4",
   "datammh3" : 1160905079,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "172.233.64.0/19"
   },
   "host" : [
      "172-233-89-39"
   ],
   "hostname" : [
      "172-233-89-39.ip.linodeusercontent.com"
   ],
   "ip" : "172.233.89.39",
   "ipv6" : "false",
   "latitude" : "34.6946",
   "location" : "34.6946,135.5021",
   "longitude" : "135.5021",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8761,
   "product" : "mini_httpd",
   "productvendor" : "ACME",
   "productversion" : "1.19",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "172-233-89-39.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "172.233.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
172.232.146.116

Network
172.232.128.0/17

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

Operating System
Cisco IOS sUse

URL

http://172.232.146.116:8761/ 200

HTTP Title
RT-N66U (build 45849) - Info

HTTP Keyword(s)
voip vos3000

HTTP Copyright
www.linknat.com, 昆石网络

Reverse DNS
172-232-146-116.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Cisco IOS sUse

Product
Cisco WebVPN

HTTP Component(s)
MobileIron Core Oracle Java Atlassian Confluence Microsoft ASP.NET Cacti Cacti Drupal Drupal 8 Gitlab Gitlab SPIP SPIP 4.1.11 Jenkins Jenkins 2.121.3

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f73f0f62c22e4a63bd1796055c5cadaf

HTTP Header MD5
35c4c743ebc50ccaa6b3b526042e8574

HTTP Body MD5
453e237f1072406cc37032bc88b9359d

HTTP/1.1 200 OK
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 106065
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
Pragma: private
Server: 4D/18.3.0
Set-Cookie: webvpnlogin=; path=/; secure;
Set-Cookie: Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/
Set-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;
Set-Cookie: _indexVersion=2; path=/
Set-Cookie: token=21263a2bf; path=/;
Set-Cookie: NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;
Set-Cookie: PHC_DISABLED=1; path=/; secure;
Set-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains
Set-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;
Set-Cookie: jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/
Set-Cookie: Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/
Set-Cookie: laravel_session=a0ffeb;
Set-Cookie: acSamlv2Token=; path=/; secure;
Set-Cookie: csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;
Set-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;
Set-Cookie: cepcAdminID=25263a2bf; path=/;
Set-Cookie: Set-Cookie: sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None
Set-Cookie: webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;
X-Amz-Cf-Pop: MAA50-C1
X-Cache: MISS from Hello
X-Cache-Lookup: MISS from Hello:8080
X-Citrix-Application: Receiver for Web
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Drupal-Cache: HIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 8 (https://www.drupal.org)
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Language: english
X-Litespeed-Cache: hit
X-Nananana: Batcache
X-Ne-Tf: 5
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: ASP.NET
X-Proxy-Cache: MISS
X-Root: root
X-Runtime: 0.00985
X-Xss-Protection: 1; mode=block
Date: Thu, 21 Nov 2024 08:26:57 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384eeffc23b0925==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>RT-N66U (build 45849) - Info</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP：192.168.1.1</span><br/><span>用户名、密码：admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<input type="hidden" name="admin-nonce" value="4419bb0cd2d21ef7b4cf25c9e5206f89" />
<h3 class="text-center"> <span class="soplanning_index_title2">Simple Online Planning</span> <small>v1.51.01</small> </h3>
<span>F3x26Q v1.1 (Sep 15 2023 12:36:09) std</span>
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZWVmZmMyM2IwOTI1PT0=
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
Content-Type: auth/request


Content-Type: command/reply

Reply-Text: +OK accepted


X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
007b2000-007c1000 rw-p 00000000 00:00 0
Size:                 60 kB
Rss:                  52 kB
Pss:                  52 kB
Shared_Clean:          0 kB
S

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:26:57.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "drupal.org",
            "micros-hosting.com"
         ],
         "file" : [
            "admin-ajax.php",
            "dvfplayer.zip",
            "dvrremoteap_x64.exe",
            "dvrremoteap.exe",
            "cloud_index.php",
            "index.php"
         ],
         "hostname" : [
            "micros-hosting.com",
            "www.drupal.org"
         ],
         "ip" : [
            "192.168.1.4",
            "192.168.1.10",
            "192.168.1.1",
            "7.7.31.1",
            "1.0.0.36",
            "10.76.118.67",
            "192.168.0.1"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4",
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "453e237f1072406cc37032bc88b9359d",
         "bodymmh3" : -1805440740,
         "component" : [
            {
               "product" : "SPIP",
               "productvendor" : "SPIP",
               "productversion" : "4.1.11"
            },
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            },
            {
               "productvendor" : "Gitlab",
               "product" : "Gitlab"
            },
            {
               "productvendor" : "MobileIron",
               "product" : "Core"
            },
            {
               "productvendor" : "Atlassian",
               "product" : "Confluence"
            },
            {
               "productvendor" : "Cacti",
               "product" : "Cacti"
            },
            {
               "productversion" : "2.121.3",
               "productvendor" : "Jenkins",
               "product" : "Jenkins"
            },
            {
               "product" : "Drupal",
               "productversion" : "8",
               "productvendor" : "Drupal"
            },
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT"
            }
         ],
         "headermd5" : "35c4c743ebc50ccaa6b3b526042e8574",
         "headermmh3" : 1074784989,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "title" : "RT-N66U (build 45849) - Info"
      },
      "length" : 16279
   },
   "asn" : "AS63949",
   "city" : "Stockholm",
   "country" : "SE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 106065\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nPragma: private\r\nServer: 4D/18.3.0\r\nSet-Cookie: webvpnlogin=; path=/; secure;\r\nSet-Cookie: Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/\r\nSet-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;\r\nSet-Cookie: _indexVersion=2; path=/\r\nSet-Cookie: token=21263a2bf; path=/;\r\nSet-Cookie: NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;\r\nSet-Cookie: PHC_DISABLED=1; path=/; secure;\r\nSet-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains\r\nSet-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;\r\nSet-Cookie: jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/\r\nSet-Cookie: Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/\r\nSet-Cookie: laravel_session=a0ffeb;\r\nSet-Cookie: acSamlv2Token=; path=/; secure;\r\nSet-Cookie: csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;\r\nSet-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;\r\nSet-Cookie: cepcAdminID=25263a2bf; path=/;\r\nSet-Cookie: Set-Cookie: sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None\r\nSet-Cookie: webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;\r\nX-Amz-Cf-Pop: MAA50-C1\r\nX-Cache: MISS from Hello\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Citrix-Application: Receiver for Web\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Drupal-Cache: HIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Language: english\r\nX-Litespeed-Cache: hit\r\nX-Nananana: Batcache\r\nX-Ne-Tf: 5\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-Powered-By: ASP.NET\r\nX-Proxy-Cache: MISS\r\nX-Root: root\r\nX-Runtime: 0.00985\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 21 Nov 2024 08:26:57 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384eeffc23b0925==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>RT-N66U (build 45849) - Info</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<input type=\"hidden\" name=\"admin-nonce\" value=\"4419bb0cd2d21ef7b4cf25c9e5206f89\" />\n<h3 class=\"text-center\"> <span class=\"soplanning_index_title2\">Simple Online Planning</span> <small>v1.51.01</small> </h3>\n<span>F3x26Q v1.1 (Sep 15 2023 12:36:09) std</span>\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZWVmZmMyM2IwOTI1PT0=\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nS",
   "datamd5" : "f73f0f62c22e4a63bd1796055c5cadaf",
   "datammh3" : 1751468770,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "172.232.128.0/19"
   },
   "host" : [
      "172-232-146-116"
   ],
   "hostname" : [
      "172-232-146-116.ip.linodeusercontent.com"
   ],
   "ip" : "172.232.146.116",
   "ipv6" : "false",
   "latitude" : "59.3241",
   "location" : "59.3241,18.0517",
   "longitude" : "18.0517",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "IOS",
   "osdistribution" : "sUse",
   "osvendor" : "Cisco",
   "port" : 8761,
   "product" : "WebVPN",
   "productvendor" : "Cisco",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "172-232-146-116.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "172.232.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
66.228.61.127

Network
66.228.32.0/19

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://66.228.61.127:8761/ 200

HTTP Title
Eureka

Reverse DNS
66-228-61-127.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
74d249b1bd64dcdbd38d9a7f7d6691df

HTTP Header MD5
8fa77c1aaf0aaadb8f3fd9e796a017fb

HTTP Body MD5
362f97d4420e2bfb34a6f0d0bc7150b8

HTTP/1.1 200 
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Transfer-Encoding: chunked
Date: Thu, 21 Nov 2024 07:15:31 GMT
Connection: close

137f
<!doctype html>
<html lang="en">
  <head>
    <base href="/">
    <meta charset="utf-8">
    <title>Eureka</title>
    <meta name="description" content="">
    <meta name="viewport" content="width=device-width">

    <link rel="stylesheet" href="eureka/css/wro.css">

  </head>

  <body id="one">
    <script type="text/javascript">
      if ( document.documentMode ) {
         document.write('<p>You are using an <strong>outdated</strong> browser. Please upgrade your browser to improve your experience.</p>');
      }
    </script>

<nav class="navbar navbar-expand-md navbar-dark" role="navigation">
  <div class="container">
    <a class="navbar-brand my-auto" href=""><span></span></a>
    <button type="button" class="navbar-toggler" data-bs-toggle="collapse" data-bs-target="#navbarContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
      <span class="navbar-toggler-icon"></span>
    </button>
    <div class="collapse navbar-collapse" id="navbarContent">
      <ul class="navbar-nav ms-auto">
        <li class="nav-item">
          <a class="nav-link px-2" href="">Home</a>
        </li>
        <li class="nav-item">
          <a class="nav-link px-2" href="/lastn">Last 1000 since startup</a>
        </li>
      </ul>
    </div>
  </div>
</nav>


    <div class="container-fluid xd-container">
<h1>System Status</h1>
<div class="row">
  <div class="col-md-6">
    <table id='instances' class="table table-condensed table-striped table-hover">
            <tr>
        <td>Environment</td>
        <td>test</td>
      </tr>
      <tr>
        <td>Data center</td>
        <td>default</td>
      </tr>
    </table>
  </div>
  <div class="col-md-6">
    <table id='instances' class="table table-condensed table-striped table-hover">
      <tr>
        <td>Current time</td>
        <td>2024-11-21T07:15:31 +0000</td>
      </tr>
      <tr>
        <td>Uptime</td>
        <td>14 days 12:24</td>
      </tr>
      <tr>
        <td>Lease expiration enabled</td>
        <td>true</td>
      </tr>
      <tr>
        <td>Renews threshold</td>
        <td>5</td>
      </tr>
      <tr>
        <td>Renews (last min)</td>
        <td>8</td>
      </tr>
    </table>
  </div>
</div>


<h1>DS Replicas</h1>
<ul class="list-group mb-3">
    <li class="list-group-item"><a href="http://hb-eureka:8761/eureka/">hb-eureka</a></li>
</ul>

      <h1>Instances currently registered with Eureka</h1>
      <table id='instances' class="table table-striped table-hover">
        <thead>
          <tr><th>Application</th><th>AMIs</th><th>Availability Zones</th><th>Status</th></tr>
        </thead>
        <tbody>
              <tr>
                <td><b>HB-GATEWAY</b></td>
                <td>
                    <b>n/a</b> (1)
                </td>
                <td>
                    <b></b> (1)
                </td>
                <td>
                    <b>UP</b> (1) -
                        <a href="http://faf00606d857:8080/actuator/info" target="_blank">hb-gateway:b30a9557d33e731bed2accc8b7b3256a</a>

                </td>
              </tr>
              <tr>
                <td><b>PERSONA</b></td>
                <td>
                    <b>n/a</b> (1)
                </td>
                <td>
                    <b></b> (1)
                </td>
                <td>
                    <b>UP</b> (1) -
                        <a href="http://4ed32f153428:38143/actuator/info" target="_blank">persona:93eadf37aa6673f3a7c92cef195e6df4</a>

                </td>
              </tr>

        </tbody>
      </table>

      <h1>General Info</h1>

      <table id='generalInfo' class="table table-striped table-hover">
        <thead>
          <tr><th>Name</th><th>Value</th></tr>
        </thead>
        <tbody>
            <tr>
              <td>total-avail-memory</td><td>102mb</td>
            </tr>
            <tr>
              <td>num-of-cpus</td><td>2</td>
            </tr>
            <tr>
              <td>current-memory-usage</td><td>38mb (37%)</td>
            </tr>
            <tr>
              <td>server-uptime</td><td>14 days 12:24</td>
            </tr>
            <tr>
              <td>registered-replicas</td><td>http://hb-eureka:8761/eureka/</td>
            </tr>
            <tr>
              <td>unavailable-replicas</td><td>http://hb-eureka:8761/eureka/,</td>
            </tr>
            <tr>
              <td>available-replicas</td><td></td>
            </tr>
        </tbody>
      </table>

      <h1>Instance Info</h1>

      <table id='instanceInfo' class="table table-striped table-hover">
        <thead>
          <tr><th>Name</th><th>Value</th></tr>
        <thead>
        <tbody>
            <tr>
              <td>ipAddr</td><td>172.18.0.2</td>
            </tr>
            <tr>
              <td>status</td><td>UP</td>
            </tr>
        </tbody>
      </table>
    </div>
    <script type="text/javascript" src="eureka/js/wro.js" ></script>
  </body>
</html>

0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T07:15:31.000Z",
   "app" : {
      "extract" : {
         "hostname" : [
            "4ed32f153428",
            "faf00606d857",
            "hb-eureka"
         ],
         "ip" : [
            "172.18.0.2"
         ],
         "url" : [
            "http://4ed32f153428:38143/actuator/info",
            "http://faf00606d857:8080/actuator/info",
            "http://hb-eureka:8761/eureka/",
            "http://hb-eureka:8761/eureka/,"
         ]
      },
      "http" : {
         "bodymd5" : "362f97d4420e2bfb34a6f0d0bc7150b8",
         "bodymmh3" : -1163027344,
         "headermd5" : "8fa77c1aaf0aaadb8f3fd9e796a017fb",
         "headermmh3" : -1721192782,
         "title" : "Eureka"
      },
      "length" : 5339
   },
   "asn" : "AS63949",
   "city" : "Atlanta",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 \r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 0\r\nCache-Control: no-cache, no-store, max-age=0, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Language: en-US\r\nTransfer-Encoding: chunked\r\nDate: Thu, 21 Nov 2024 07:15:31 GMT\r\nConnection: close\r\n\r\n137f\r\n<!doctype html>\n<html lang=\"en\">\n  <head>\n    <base href=\"/\">\n    <meta charset=\"utf-8\">\n    <title>Eureka</title>\n    <meta name=\"description\" content=\"\">\n    <meta name=\"viewport\" content=\"width=device-width\">\n\n    <link rel=\"stylesheet\" href=\"eureka/css/wro.css\">\n\n  </head>\n\n  <body id=\"one\">\n    <script type=\"text/javascript\">\n      if ( document.documentMode ) {\n         document.write('<p>You are using an <strong>outdated</strong> browser. Please upgrade your browser to improve your experience.</p>');\n      }\n    </script>\n\n<nav class=\"navbar navbar-expand-md navbar-dark\" role=\"navigation\">\n  <div class=\"container\">\n    <a class=\"navbar-brand my-auto\" href=\"\"><span></span></a>\n    <button type=\"button\" class=\"navbar-toggler\" data-bs-toggle=\"collapse\" data-bs-target=\"#navbarContent\" aria-controls=\"navbarSupportedContent\" aria-expanded=\"false\" aria-label=\"Toggle navigation\">\n      <span class=\"navbar-toggler-icon\"></span>\n    </button>\n    <div class=\"collapse navbar-collapse\" id=\"navbarContent\">\n      <ul class=\"navbar-nav ms-auto\">\n        <li class=\"nav-item\">\n          <a class=\"nav-link px-2\" href=\"\">Home</a>\n        </li>\n        <li class=\"nav-item\">\n          <a class=\"nav-link px-2\" href=\"/lastn\">Last 1000 since startup</a>\n        </li>\n      </ul>\n    </div>\n  </div>\n</nav>\n\n\n    <div class=\"container-fluid xd-container\">\n<h1>System Status</h1>\n<div class=\"row\">\n  <div class=\"col-md-6\">\n    <table id='instances' class=\"table table-condensed table-striped table-hover\">\n            <tr>\n        <td>Environment</td>\n        <td>test</td>\n      </tr>\n      <tr>\n        <td>Data center</td>\n        <td>default</td>\n      </tr>\n    </table>\n  </div>\n  <div class=\"col-md-6\">\n    <table id='instances' class=\"table table-condensed table-striped table-hover\">\n      <tr>\n        <td>Current time</td>\n        <td>2024-11-21T07:15:31 +0000</td>\n      </tr>\n      <tr>\n        <td>Uptime</td>\n        <td>14 days 12:24</td>\n      </tr>\n      <tr>\n        <td>Lease expiration enabled</td>\n        <td>true</td>\n      </tr>\n      <tr>\n        <td>Renews threshold</td>\n        <td>5</td>\n      </tr>\n      <tr>\n        <td>Renews (last min)</td>\n        <td>8</td>\n      </tr>\n    </table>\n  </div>\n</div>\n\n\n<h1>DS Replicas</h1>\n<ul class=\"list-group mb-3\">\n    <li class=\"list-group-item\"><a href=\"http://hb-eureka:8761/eureka/\">hb-eureka</a></li>\n</ul>\n\n      <h1>Instances currently registered with Eureka</h1>\n      <table id='instances' class=\"table table-striped table-hover\">\n        <thead>\n          <tr><th>Application</th><th>AMIs</th><th>Availability Zones</th><th>Status</th></tr>\n        </thead>\n        <tbody>\n              <tr>\n                <td><b>HB-GATEWAY</b></td>\n                <td>\n                    <b>n/a</b> (1)\n                </td>\n                <td>\n                    <b></b> (1)\n                </td>\n                <td>\n                    <b>UP</b> (1) -\n                        <a href=\"http://faf00606d857:8080/actuator/info\" target=\"_blank\">hb-gateway:b30a9557d33e731bed2accc8b7b3256a</a>\n\n                </td>\n              </tr>\n              <tr>\n                <td><b>PERSONA</b></td>\n                <td>\n                    <b>n/a</b> (1)\n                </td>\n                <td>\n                    <b></b> (1)\n                </td>\n                <td>\n                    <b>UP</b> (1) -\n                        <a href=\"http://4ed32f153428:38143/actuator/info\" target=\"_blank\">persona:93eadf37aa6673f3a7c92cef195e6df4</a>\n\n                </td>\n              </tr>\n\n        </tbody>\n      </table>\n\n      <h1>General Info</h1>\n\n      <table id='generalInfo' class=\"table table-striped table-hover\">\n        <thead>\n          <tr><th>Name</th><th>Value</th></tr>\n        </thead>\n        <tbody>\n            <tr>\n              <td>total-avail-memory</td><td>102mb</td>\n            </tr>\n            <tr>\n              <td>num-of-cpus</td><td>2</td>\n            </tr>\n            <tr>\n              <td>current-memory-usage</td><td>38mb (37%)</td>\n            </tr>\n            <tr>\n              <td>server-uptime</td><td>14 days 12:24</td>\n            </tr>\n            <tr>\n              <td>registered-replicas</td><td>http://hb-eureka:8761/eureka/</td>\n            </tr>\n            <tr>\n              <td>unavailable-replicas</td><td>http://hb-eureka:8761/eureka/,</td>\n            </tr>\n            <tr>\n              <td>available-replicas</td><td></td>\n            </tr>\n        </tbody>\n      </table>\n\n      <h1>Instance Info</h1>\n\n      <table id='instanceInfo' class=\"table table-striped table-hover\">\n        <thead>\n          <tr><th>Name</th><th>Value</th></tr>\n        <thead>\n        <tbody>\n            <tr>\n              <td>ipAddr</td><td>172.18.0.2</td>\n            </tr>\n            <tr>\n              <td>status</td><td>UP</td>\n            </tr>\n        </tbody>\n      </table>\n    </div>\n    <script type=\"text/javascript\" src=\"eureka/js/wro.js\" ></script>\n  </body>\n</html>\n\r\n0\r\n\r\n",
   "datamd5" : "74d249b1bd64dcdbd38d9a7f7d6691df",
   "datammh3" : 1709661607,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "66.228.32.0/19"
   },
   "host" : [
      "66-228-61-127"
   ],
   "hostname" : [
      "66-228-61-127.ip.linodeusercontent.com"
   ],
   "ip" : "66.228.61.127",
   "ipv6" : "false",
   "latitude" : "33.7485",
   "location" : "33.7485,-84.3871",
   "longitude" : "-84.3871",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8761,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reverse" : [
      "66-228-61-127.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "66.228.32.0/19",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
139.162.147.233

Network
139.162.0.0/16

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://139.162.147.233:8761/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
139-162-147-233.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 06:57:29 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T06:57:29.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : -1259436183,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS63949",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 06:57:29 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS15830",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "EU-LINODE-20141229",
      "organization" : "Linode, LLC",
      "subnet" : "139.162.0.0/16"
   },
   "host" : [
      "139-162-147-233"
   ],
   "hostname" : [
      "139-162-147-233.ip.linodeusercontent.com"
   ],
   "ip" : "139.162.147.233",
   "ipv6" : "false",
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8761,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "139-162-147-233.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "139.162.0.0/16",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
45.33.51.12

Network
45.33.48.0/20

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://45.33.51.12:8761/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
45-33-51-12.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 05:44:24 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T05:44:24.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : -1036233000,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS63949",
   "city" : "Fremont",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 05:44:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "45.33.0.0/17"
   },
   "host" : [
      "45-33-51-12"
   ],
   "hostname" : [
      "45-33-51-12.ip.linodeusercontent.com"
   ],
   "ip" : "45.33.51.12",
   "ipv6" : "false",
   "latitude" : "37.5625",
   "location" : "37.5625,-122.0004",
   "longitude" : "-122.0004",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8761,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "45-33-51-12.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "45.33.48.0/20",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
172.234.206.28

Network
172.234.0.0/16

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://172.234.206.28:8761/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
172-234-206-28.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 04:59:31 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T04:59:31.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : -685788640,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS63949",
   "city" : "Chicago",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 04:59:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "172.234.192.0/18"
   },
   "host" : [
      "172-234-206-28"
   ],
   "hostname" : [
      "172-234-206-28.ip.linodeusercontent.com"
   ],
   "ip" : "172.234.206.28",
   "ipv6" : "false",
   "latitude" : "41.8874",
   "location" : "41.8874,-87.6318",
   "longitude" : "-87.6318",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8761,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "172-234-206-28.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "172.234.0.0/16",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
139.162.96.163

Network
139.162.0.0/16

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://139.162.96.163:8761/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
139-162-96-163.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 04:42:21 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T04:42:21.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 859881682,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS63949",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 04:42:21 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "EU-LINODE-20141229",
      "organization" : "Linode, LLC",
      "subnet" : "139.162.0.0/16"
   },
   "host" : [
      "139-162-96-163"
   ],
   "hostname" : [
      "139-162-96-163.ip.linodeusercontent.com"
   ],
   "ip" : "139.162.96.163",
   "ipv6" : "false",
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8761,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "139-162-96-163.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "139.162.0.0/16",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
50.116.45.91

Network
50.116.32.0/19

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux sUse

URL

http://50.116.45.91:8761/ 200

HTTP Title
FileMaker Server Admin Console

HTTP Keyword(s)
voip vos3000

HTTP Copyright
www.linknat.com, 昆石网络

Reverse DNS
50-116-45-91.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux sUse

HTTP Component(s)
PHP PHP Atlassian Confluence Adobe Coldfusion Drupal Drupal 8 Roundcube Webmail Gitlab Gitlab Apache org.apache.sling.servlets.post 3.0 Jenkins Jenkins 2.121.3 SPIP SPIP 4.1.11

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
89da1ff9100330f846a90b143f2c3de4

HTTP Header MD5
da850976475c3930368f27c3eaa04ff7

HTTP Body MD5
b7b407d383e5ed0c6e049ef2a678c525

HTTP/1.1 200 OK
Cf-Ray: 55611f709b975f5b-LAS
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 106894
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
Pragma: private
Server: StreamSystem 4.0
Set-Cookie: CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;
Set-Cookie: PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/
Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
Set-Cookie: __s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/
Set-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;
Set-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;
Set-Cookie: token=21263a2bf; path=/;
Set-Cookie: DSSignInURL=/; path=/; secure;
Set-Cookie: acSamlv2Token=; path=/; secure;
Set-Cookie: sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;
Set-Cookie: roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
Set-Cookie: acSamlv2Error=; path=/; secure;
Set-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;
Set-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains
Set-Cookie: id=A67B8F9C;
Set-Cookie: fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;
Set-Cookie: session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax
Set-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;
X-Alternate-Cache-Key: cacheable:ba92b39be043e3c90d2fd075057dd3e5
X-Backside-Transport: FAIL FAIL
X-Cache: MISS from Hello
X-Cache-Lookup: MISS from Hello:8080
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Drupal-Cache: HIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 8 (https://www.drupal.org)
X-Iinfo: 11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)
X-Influxdb-Build: OSS
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Language: english
X-Litespeed-Cache: hit
X-Pingback: https://example.com/xmlrpc.php
X-Powered-By: Servlet/3.0; JBossAS-6
X-Served-By: cache-xsp21434-XSP
X-Xss-Protection: 1; mode=block
Date: Thu, 21 Nov 2024 04:24:30 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4ce77c63bbe80f8f6d9240e2005==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>FileMaker Server Admin Console</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP：192.168.1.1</span><br/><span>用户名、密码：admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<input type="hidden" name="admin-nonce" value="4419bb0cd2d21ef7b4cf25c9e5206f89" />
<h3 class="text-center"> <span class="soplanning_index_title2">Simple Online Planning</span> <small>v1.51.01</small> </h3>
<span>F3x26Q v1.1 (Sep 15 2023 12:36:09) std</span>
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2U3N2M2M2JiZTgwZjhmNmQ5MjQwZTIwMDU9PQ==
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
Content-Type: auth/request


Content-Type: command/reply

Reply-Text: +OK accepted


X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
007b2000-007c1000 rw-p 00000000 00:00 0
Size:                 60 kB
Rss:                  52 kB
Pss:                  52 kB
Shared_Cle

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T04:24:30.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "drupal.org",
            "micros-hosting.com",
            "example.com"
         ],
         "file" : [
            "admin-ajax.php",
            "dvrremoteap.exe",
            "cloud_index.php",
            "index.php",
            "dvrremoteap_x64.exe",
            "dvfplayer.zip"
         ],
         "hostname" : [
            "example.com",
            "micros-hosting.com",
            "www.drupal.org"
         ],
         "ip" : [
            "192.168.0.1",
            "192.168.1.10",
            "1.0.0.36",
            "7.7.31.1",
            "192.168.1.1",
            "192.168.1.4"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4",
            "https://example.com/xmlrpc.php",
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "b7b407d383e5ed0c6e049ef2a678c525",
         "bodymmh3" : -120594840,
         "component" : [
            {
               "productvendor" : "Gitlab",
               "product" : "Gitlab"
            },
            {
               "product" : "SPIP",
               "productvendor" : "SPIP",
               "productversion" : "4.1.11"
            },
            {
               "productvendor" : "Adobe",
               "product" : "Coldfusion"
            },
            {
               "product" : "Jenkins",
               "productversion" : "2.121.3",
               "productvendor" : "Jenkins"
            },
            {
               "productvendor" : "Apache",
               "productversion" : "3.0",
               "product" : "org.apache.sling.servlets.post"
            },
            {
               "productvendor" : "PHP",
               "product" : "PHP"
            },
            {
               "product" : "Drupal",
               "productvendor" : "Drupal",
               "productversion" : "8"
            },
            {
               "productvendor" : "Roundcube",
               "product" : "Webmail"
            },
            {
               "product" : "Confluence",
               "productvendor" : "Atlassian"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT"
            }
         ],
         "headermd5" : "da850976475c3930368f27c3eaa04ff7",
         "headermmh3" : 1005257759,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "title" : "FileMaker Server Admin Console"
      },
      "length" : 16305
   },
   "asn" : "AS63949",
   "city" : "Atlanta",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nCf-Ray: 55611f709b975f5b-LAS\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 106894\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nPragma: private\r\nServer: StreamSystem 4.0\r\nSet-Cookie: CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;\r\nSet-Cookie: PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/\r\nSet-Cookie: roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: __s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/\r\nSet-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;\r\nSet-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;\r\nSet-Cookie: token=21263a2bf; path=/;\r\nSet-Cookie: DSSignInURL=/; path=/; secure;\r\nSet-Cookie: acSamlv2Token=; path=/; secure;\r\nSet-Cookie: sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;\r\nSet-Cookie: roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: acSamlv2Error=; path=/; secure;\r\nSet-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;\r\nSet-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains\r\nSet-Cookie: id=A67B8F9C;\r\nSet-Cookie: fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;\r\nSet-Cookie: session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax\r\nSet-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;\r\nX-Alternate-Cache-Key: cacheable:ba92b39be043e3c90d2fd075057dd3e5\r\nX-Backside-Transport: FAIL FAIL\r\nX-Cache: MISS from Hello\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Drupal-Cache: HIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Iinfo: 11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)\r\nX-Influxdb-Build: OSS\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Language: english\r\nX-Litespeed-Cache: hit\r\nX-Pingback: https://example.com/xmlrpc.php\r\nX-Powered-By: Servlet/3.0; JBossAS-6\r\nX-Served-By: cache-xsp21434-XSP\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 21 Nov 2024 04:24:30 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4ce77c63bbe80f8f6d9240e2005==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>FileMaker Server Admin Console</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<input type=\"hidden\" name=\"admin-nonce\" value=\"4419bb0cd2d21ef7b4cf25c9e5206f89\" />\n<h3 class=\"text-center\"> <span class=\"soplanning_index_title2\">Simple Online Planning</span> <small>v1.51.01</small> </h3>\n<span>F3x26Q v1.1 (Sep 15 2023 12:36:09) std</span>\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2U3N2M2M2JiZTgwZjhmNmQ5MjQwZTIwMDU9PQ==\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Cle",
   "datamd5" : "89da1ff9100330f846a90b143f2c3de4",
   "datammh3" : 1752471738,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "50.116.0.0/18"
   },
   "host" : [
      "50-116-45-91"
   ],
   "hostname" : [
      "50-116-45-91.ip.linodeusercontent.com"
   ],
   "ip" : "50.116.45.91",
   "ipv6" : "false",
   "latitude" : "33.7485",
   "location" : "33.7485,-84.3871",
   "longitude" : "-84.3871",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux",
   "osdistribution" : "sUse",
   "osvendor" : "Linux",
   "port" : 8761,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "50-116-45-91.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "50.116.32.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 1,027 in 0.070 second(s)

172.234.206.58:8761 (tcp/http) - last seen on 2024-11-21 at 09:38:23 UTC

45.79.147.229:8761 (tcp/http) - last seen on 2024-11-21 at 09:20:58 UTC

172.233.89.39:8761 (tcp/http) - last seen on 2024-11-21 at 08:36:07 UTC

172.232.146.116:8761 (tcp/http) - last seen on 2024-11-21 at 08:26:57 UTC

66.228.61.127:8761 (tcp/http) - last seen on 2024-11-21 at 07:15:31 UTC

139.162.147.233:8761 (tcp/http) - last seen on 2024-11-21 at 06:57:29 UTC

45.33.51.12:8761 (tcp/http) - last seen on 2024-11-21 at 05:44:24 UTC

172.234.206.28:8761 (tcp/http) - last seen on 2024-11-21 at 04:59:31 UTC

139.162.96.163:8761 (tcp/http) - last seen on 2024-11-21 at 04:42:21 UTC

50.116.45.91:8761 (tcp/http) - last seen on 2024-11-21 at 04:24:30 UTC