Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
209.23.10.147

Network
209.23.8.0/22

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://209.23.10.147:5683/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS6364

Organization
ATLANTIC-NET-1

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:37:14 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:37:15.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 287310305,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS6364",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:37:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS6364",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "atlantic.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "DAL2-CLOUD",
      "organization" : "Atlantic.Net - Dallas, LLC.",
      "subnet" : "209.23.8.0/22"
   },
   "ip" : "209.23.10.147",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ATLANTIC-NET-1",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5683,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "209.23.8.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
103.43.16.78

Network
103.43.16.0/22

Device

<enterprise field>: device.class

URL

http://103.43.16.78:5683/$%7BrandomUrl%7D 200

ASN
AS132883

Organization
TOPWAY GLOBAL LIMITED

Protocol
http

Source
urlscan::redirect
Product
F5 Nginx 1.17.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a921ec0c33b287a5b32845ce36a9f9b4

HTTP Header MD5
7cb8a64a5c41d5db44d85d677dbec3ce

HTTP Body MD5
db475c674e230d3b59b9d4c51e192872

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 07 Nov 2024 05:36:15 GMT
Content-Type: text/html
Content-Length: 1728
Last-Modified: Mon, 04 Nov 2024 11:57:54 GMT
Connection: close
ETag: "6728b6c2-6c0"
Accept-Ranges: bytes

<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <!-- Google tag (gtag.js) -->
    <script async src="https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"></script>
    <script>
        <script>
            window.dataLayer = window.dataLayer || [];
            function gtag(){dataLayer.push(arguments);}
            gtag('js', new Date());

            gtag('config', 'G-0GJHN159XX');
    </script>

<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3IsbgF2faH56SAiO",ck:"3IsbgF2faH56SAiO"})</script>

<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3GuWRdQLAUfAEIDe",ck:"3GuWRdQLAUfAEIDe"})</script>



    <meta charset="UTF-8">
    <meta name="format-detection" content="telephone=yes">
    <meta name="viewport"
          content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no">
    <script>
        const urls = [
            "https://139.155.134.148/tt/test.html?333?666aaa",
            "https://162.14.69.113/"
        ];
        const randomUrl = urls[Math.floor(Math.random() * urls.length)];

        document.write(`<meta http-equiv="refresh" content="9;url=${randomUrl}">`);
        window.onload = function () {
            document.getElementById('myiframe').src = randomUrl;
        };
    </script>
    <style>
        body, html {
            margin: 0;
            padding: 0;
            height: 100%;
            overflow: hidden;
        }

        iframe {
            width: 100%;
            height: 100vh;
            border: none;
        }
    </style>
</head>
<body>
<iframe id="myiframe" scrolling="no"></iframe>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:56.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "googletagmanager.com"
         ],
         "hostname" : [
            "www.googletagmanager.com"
         ],
         "ip" : [
            "139.155.134.148",
            "162.14.69.113"
         ],
         "url" : [
            "https://139.155.134.148/tt/test.html?333?666aaa",
            "https://162.14.69.113/",
            "https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"
         ]
      },
      "http" : {
         "bodymd5" : "db475c674e230d3b59b9d4c51e192872",
         "bodymmh3" : 488145746,
         "header" : [
            {
               "value" : "Mon, 04 Nov 2024 11:57:54 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "6728b6c2-6c0",
               "name" : "ETag"
            }
         ],
         "headermd5" : "7cb8a64a5c41d5db44d85d677dbec3ce",
         "headermmh3" : 32767166,
         "tracker" : {
            "ga" : [
               "G-0GJHN159XX"
            ]
         }
      },
      "length" : 1962
   },
   "asn" : "AS132883",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 05:36:15 GMT\r\nContent-Type: text/html\r\nContent-Length: 1728\r\nLast-Modified: Mon, 04 Nov 2024 11:57:54 GMT\r\nConnection: close\r\nETag: \"6728b6c2-6c0\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html lang=\"zh-CN\">\n<head>\n    <!-- Google tag (gtag.js) -->\n    <script async src=\"https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX\"></script>\n    <script>\n        <script>\n            window.dataLayer = window.dataLayer || [];\n            function gtag(){dataLayer.push(arguments);}\n            gtag('js', new Date());\n\n            gtag('config', 'G-0GJHN159XX');\n    </script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3IsbgF2faH56SAiO\",ck:\"3IsbgF2faH56SAiO\"})</script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3GuWRdQLAUfAEIDe\",ck:\"3GuWRdQLAUfAEIDe\"})</script>\n\n\n\n    <meta charset=\"UTF-8\">\n    <meta name=\"format-detection\" content=\"telephone=yes\">\n    <meta name=\"viewport\"\n          content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no\">\n    <script>\n        const urls = [\n            \"https://139.155.134.148/tt/test.html?333?666aaa\",\n            \"https://162.14.69.113/\"\n        ];\n        const randomUrl = urls[Math.floor(Math.random() * urls.length)];\n\n        document.write(`<meta http-equiv=\"refresh\" content=\"9;url=${randomUrl}\">`);\n        window.onload = function () {\n            document.getElementById('myiframe').src = randomUrl;\n        };\n    </script>\n    <style>\n        body, html {\n            margin: 0;\n            padding: 0;\n            height: 100%;\n            overflow: hidden;\n        }\n\n        iframe {\n            width: 100%;\n            height: 100vh;\n            border: none;\n        }\n    </style>\n</head>\n<body>\n<iframe id=\"myiframe\" scrolling=\"no\"></iframe>\n</body>\n</html>\n",
   "datamd5" : "a921ec0c33b287a5b32845ce36a9f9b4",
   "datammh3" : -1249100627,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "103.43.16.78",
   "geolocus" : {
      "asn" : "AS132883",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnaaa.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "cnaaa",
      "organization" : "Jiangsu Sanai network science and technology co ,LTD",
      "subnet" : "103.43.16.0/22"
   },
   "hostname" : [
      "103.43.16.78"
   ],
   "ip" : "103.43.16.78",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TOPWAY GLOBAL LIMITED",
   "port" : 5683,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.17.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 200,
   "subnet" : "103.43.16.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/$%7BrandomUrl%7D"
}

IP
203.91.79.57

Network
203.91.72.0/21

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS400619

Organization
AROSS-AS

Protocol
unknown

Source
datascan
Operating System
Microsoft Windows

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
55a54008ad1ba589aa210d2629c1df41
```
\x01
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:14.000Z",
   "app" : {
      "length" : 1
   },
   "asn" : "AS400619",
   "country" : "HK",
   "data" : "\\x01",
   "datamd5" : "55a54008ad1ba589aa210d2629c1df41",
   "datammh3" : -463810133,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS55020",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "gmail.com"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "LIHGL-HK",
      "organization" : "LANLIAN INTERNATIONAL HOLDING GROUP LIMITED",
      "subnet" : "203.91.72.0/21"
   },
   "ip" : "203.91.79.57",
   "ipv6" : "false",
   "latitude" : "22.2578",
   "location" : "22.2578,114.1657",
   "longitude" : "114.1657",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AROSS-AS",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 5683,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "203.91.72.0/21",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
211.83.1.224

Network
211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.1.224:5683/ 200

ASN
AS4538

Organization
China Education and Research Network Center

Protocol
http

Source
datascan
Product
Apache HTTP Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
78c3e039cbd0a73236a392b0736f2813

HTTP Header MD5
97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5
b6acc412f4a6c5f75993c1f36f4400a0

HTTP/1.1 200 ok
Server: Apache
Content-Length:  222
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:5683/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:35:18.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.100.100.114",
            "211.83.41.225"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "b6acc412f4a6c5f75993c1f36f4400a0",
         "bodymmh3" : 477332704,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : -1169498968
      },
      "length" : 311
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  222\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:5683/'</script>\r\n\r\n",
   "datamd5" : "78c3e039cbd0a73236a392b0736f2813",
   "datammh3" : -1161447624,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.1.224",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 5683,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
86.110.180.98

Network
86.110.180.0/22

Device

<enterprise field>: device.class

Operating System
Linux Linux Debian

URL

http://86.110.180.98:5683/ 400

HTTP Title
400 Bad Request

ASN
AS15774

Organization
Limited Liability Company TTK-Svyaz

Protocol
http

Source
datascan
Operating System
Linux Linux Debian

Product
Apache HTTP Server 2.4.62

HTTP Component(s)
Apache HTTP Server 2.4.62

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
4de546e8553c1868d331c48f79e28924

HTTP Header MD5
ea009b654048fe109579fc7cc35429b2

HTTP Body MD5
2b3e3d62f4c81e66e075e93825115a85

HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:35:16 GMT
Server: Apache/2.4.62 (Debian)
Content-Length: 438
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
 Instead use the HTTPS scheme to access this URL, please.<br />
</p>
<hr>
<address>Apache/2.4.62 (Debian) Server at localhost Port 443</address>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:35:17.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2b3e3d62f4c81e66e075e93825115a85",
         "bodymmh3" : 2035117857,
         "component" : [
            {
               "product" : "HTTP Server",
               "productversion" : "2.4.62",
               "productvendor" : "Apache"
            }
         ],
         "headermd5" : "ea009b654048fe109579fc7cc35429b2",
         "headermmh3" : -899123881,
         "title" : "400 Bad Request"
      },
      "length" : 620
   },
   "asn" : "AS15774",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:35:16 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nContent-Length: 438\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\nReason: You're speaking plain HTTP to an SSL-enabled server port.<br />\n Instead use the HTTPS scheme to access this URL, please.<br />\n</p>\n<hr>\n<address>Apache/2.4.62 (Debian) Server at localhost Port 443</address>\n</body></html>\n",
   "datamd5" : "4de546e8553c1868d331c48f79e28924",
   "datammh3" : -1118480146,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS44775",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "RU",
      "countryname" : "Russia",
      "domain" : [
         "electro-com.ru",
         "ttk.ru"
      ],
      "isineu" : "false",
      "latitude" : "61.52401",
      "location" : "61.52401,105.318756",
      "longitude" : "105.318756",
      "netname" : "ELECTRO-COM-NET",
      "organization" : "Rostov-On-Don Network",
      "subnet" : "86.110.180.0/22"
   },
   "ip" : "86.110.180.98",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Limited Liability Company TTK-Svyaz",
   "os" : "Linux",
   "osdistribution" : "Debian",
   "osvendor" : "Linux",
   "port" : 5683,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.62",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "86.110.180.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
65.181.147.124

Network
65.181.128.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://65.181.147.124:5683/ 200

HTTP Title
Welcome to OpenResty!

ASN
AS134729

Organization
JOINT POWER TECHNOLOGY LIMITED

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e9d065ee67e3562b97c20680dbe58552

HTTP Header MD5
40d3d0b13e398bbca889c08417e6f928

HTTP Body MD5
4c58a19da43c2e4c47593beade2c6576

HTTP/1.1 200 OK
Server: openresty
Date: Thu, 07 Nov 2024 05:35:10 GMT
Content-Type: text/html
Content-Length: 1097
Connection: close
Vary: Accept-Encoding
Last-Modified: Wed, 06 Sep 2023 08:46:51 GMT
Vary: Accept-Encoding
ETag: "64f83c7b-449"
Accept-Ranges: bytes

<!DOCTYPE html>
<html>
<head>
<meta content="text/html;charset=utf-8" http-equiv="Content-Type">
<meta content="utf-8" http-equiv="encoding">
<title>Welcome to OpenResty!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to OpenResty!</h1>
<p>If you see this page, the OpenResty web platform is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to our
<a href="https://openresty.org/">openresty.org</a> site<br/>
Commercial support is available at
<a href="https://openresty.com/">openresty.com</a>.</p>
<p>We have articles on troubleshooting issues like <a href="https://blog.openresty.com/en/lua-cpu-flame-graph/?src=wb">high CPU usage</a> and
<a href="https://blog.openresty.com/en/how-or-alloc-mem/">large memory usage</a> on <a href="https://blog.openresty.com/">our official blog site</a>.
<p><em>Thank you for flying <a href="https://openresty.org/">OpenResty</a>.</em></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:35:12.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "openresty.org",
            "openresty.com"
         ],
         "hostname" : [
            "blog.openresty.com",
            "openresty.com",
            "openresty.org"
         ],
         "url" : [
            "https://blog.openresty.com/",
            "https://blog.openresty.com/en/how-or-alloc-mem/",
            "https://blog.openresty.com/en/lua-cpu-flame-graph/?src=wb",
            "https://openresty.com/",
            "https://openresty.org/"
         ]
      },
      "http" : {
         "bodymd5" : "4c58a19da43c2e4c47593beade2c6576",
         "bodymmh3" : -778468377,
         "header" : [
            {
               "value" : "Wed, 06 Sep 2023 08:46:51 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "64f83c7b-449",
               "name" : "ETag"
            }
         ],
         "headermd5" : "40d3d0b13e398bbca889c08417e6f928",
         "headermmh3" : -684903343,
         "title" : "Welcome to OpenResty!"
      },
      "length" : 1374
   },
   "asn" : "AS134729",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 07 Nov 2024 05:35:10 GMT\r\nContent-Type: text/html\r\nContent-Length: 1097\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Wed, 06 Sep 2023 08:46:51 GMT\r\nVary: Accept-Encoding\r\nETag: \"64f83c7b-449\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta content=\"text/html;charset=utf-8\" http-equiv=\"Content-Type\">\n<meta content=\"utf-8\" http-equiv=\"encoding\">\n<title>Welcome to OpenResty!</title>\n<style>\n    body {\n        width: 35em;\n        margin: 0 auto;\n        font-family: Tahoma, Verdana, Arial, sans-serif;\n    }\n</style>\n</head>\n<body>\n<h1>Welcome to OpenResty!</h1>\n<p>If you see this page, the OpenResty web platform is successfully installed and\nworking. Further configuration is required.</p>\n\n<p>For online documentation and support please refer to our\n<a href=\"https://openresty.org/\">openresty.org</a> site<br/>\nCommercial support is available at\n<a href=\"https://openresty.com/\">openresty.com</a>.</p>\n<p>We have articles on troubleshooting issues like <a href=\"https://blog.openresty.com/en/lua-cpu-flame-graph/?src=wb\">high CPU usage</a> and\n<a href=\"https://blog.openresty.com/en/how-or-alloc-mem/\">large memory usage</a> on <a href=\"https://blog.openresty.com/\">our official blog site</a>.\n<p><em>Thank you for flying <a href=\"https://openresty.org/\">OpenResty</a>.</em></p>\n</body>\n</html>\n",
   "datamd5" : "e9d065ee67e3562b97c20680dbe58552",
   "datammh3" : 1392601195,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS134729",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "ipxo.com",
         "pair.com",
         "pairnetworks.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "IXPO-65-181-128-0-19-REALLOCATION",
      "organization" : "IPXO LLC",
      "subnet" : "65.181.144.0/21"
   },
   "ip" : "65.181.147.124",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "JOINT POWER TECHNOLOGY LIMITED",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5683,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "65.181.128.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
43.251.236.25

Network
43.251.236.0/22

Device

<enterprise field>: device.class

URL

http://43.251.236.25:5683/$%7BrandomUrl%7D 200

ASN
AS132883

Organization
TOPWAY GLOBAL LIMITED

Protocol
http

Source
urlscan::redirect
Product
F5 Nginx 1.17.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a1a952682e73758a5ad3c1462ccfc9e8

HTTP Header MD5
7cb8a64a5c41d5db44d85d677dbec3ce

HTTP Body MD5
f676b85516c6adce06fd47604ce661a9

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 07 Nov 2024 05:34:45 GMT
Content-Type: text/html
Content-Length: 1731
Last-Modified: Mon, 04 Nov 2024 06:13:00 GMT
Connection: close
ETag: "672865ec-6c3"
Accept-Ranges: bytes

<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <!-- Google tag (gtag.js) -->
    <script async src="https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"></script>
    <script>
        <script>
            window.dataLayer = window.dataLayer || [];
            function gtag(){dataLayer.push(arguments);}
            gtag('js', new Date());

            gtag('config', 'G-0GJHN159XX');
    </script>

<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3IsbgF2faH56SAiO",ck:"3IsbgF2faH56SAiO"})</script>

<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3HIVnf9pT2UywXqw",ck:"3HIVnf9pT2UywXqw"})</script>




    <meta charset="UTF-8">
    <meta name="format-detection" content="telephone=yes">
    <meta name="viewport"
          content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no">
    <script>
        const urls = [
            "https://103.86.44.21/sanfang/index.html?303111aaa",
            "https://162.14.69.113/"
        ];
        const randomUrl = urls[Math.floor(Math.random() * urls.length)];

        document.write(`<meta http-equiv="refresh" content="9;url=${randomUrl}">`);
        window.onload = function () {
            document.getElementById('myiframe').src = randomUrl;
        };
    </script>
    <style>
        body, html {
            margin: 0;
            padding: 0;
            height: 100%;
            overflow: hidden;
        }

        iframe {
            width: 100%;
            height: 100vh;
            border: none;
        }
    </style>
</head>
<body>
<iframe id="myiframe" scrolling="no"></iframe>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:34:47.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "googletagmanager.com"
         ],
         "hostname" : [
            "www.googletagmanager.com"
         ],
         "ip" : [
            "162.14.69.113",
            "103.86.44.21"
         ],
         "url" : [
            "https://103.86.44.21/sanfang/index.html?303111aaa",
            "https://162.14.69.113/",
            "https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"
         ]
      },
      "http" : {
         "bodymd5" : "f676b85516c6adce06fd47604ce661a9",
         "bodymmh3" : 1332320570,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Mon, 04 Nov 2024 06:13:00 GMT"
            },
            {
               "value" : "672865ec-6c3",
               "name" : "ETag"
            }
         ],
         "headermd5" : "7cb8a64a5c41d5db44d85d677dbec3ce",
         "headermmh3" : 1557794133,
         "tracker" : {
            "ga" : [
               "G-0GJHN159XX"
            ]
         }
      },
      "length" : 1965
   },
   "asn" : "AS132883",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 05:34:45 GMT\r\nContent-Type: text/html\r\nContent-Length: 1731\r\nLast-Modified: Mon, 04 Nov 2024 06:13:00 GMT\r\nConnection: close\r\nETag: \"672865ec-6c3\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html lang=\"zh-CN\">\n<head>\n    <!-- Google tag (gtag.js) -->\n    <script async src=\"https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX\"></script>\n    <script>\n        <script>\n            window.dataLayer = window.dataLayer || [];\n            function gtag(){dataLayer.push(arguments);}\n            gtag('js', new Date());\n\n            gtag('config', 'G-0GJHN159XX');\n    </script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3IsbgF2faH56SAiO\",ck:\"3IsbgF2faH56SAiO\"})</script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3HIVnf9pT2UywXqw\",ck:\"3HIVnf9pT2UywXqw\"})</script>\n\n\n\n\n    <meta charset=\"UTF-8\">\n    <meta name=\"format-detection\" content=\"telephone=yes\">\n    <meta name=\"viewport\"\n          content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no\">\n    <script>\n        const urls = [\n            \"https://103.86.44.21/sanfang/index.html?303111aaa\",\n            \"https://162.14.69.113/\"\n        ];\n        const randomUrl = urls[Math.floor(Math.random() * urls.length)];\n\n        document.write(`<meta http-equiv=\"refresh\" content=\"9;url=${randomUrl}\">`);\n        window.onload = function () {\n            document.getElementById('myiframe').src = randomUrl;\n        };\n    </script>\n    <style>\n        body, html {\n            margin: 0;\n            padding: 0;\n            height: 100%;\n            overflow: hidden;\n        }\n\n        iframe {\n            width: 100%;\n            height: 100vh;\n            border: none;\n        }\n    </style>\n</head>\n<body>\n<iframe id=\"myiframe\" scrolling=\"no\"></iframe>\n</body>\n</html>\n",
   "datamd5" : "a1a952682e73758a5ad3c1462ccfc9e8",
   "datammh3" : -1968554267,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "43.251.236.25",
   "geolocus" : {
      "asn" : "AS132883",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnaaa.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "cnaaa",
      "organization" : "Jiangsu Sanai network science and technology co ,LTD",
      "subnet" : "43.251.236.0/22"
   },
   "hostname" : [
      "43.251.236.25"
   ],
   "ip" : "43.251.236.25",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TOPWAY GLOBAL LIMITED",
   "port" : 5683,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.17.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 200,
   "subnet" : "43.251.236.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/$%7BrandomUrl%7D"
}

IP
137.175.45.134

Network
137.175.0.0/17

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://137.175.45.134:5683/ 302

HTTP Title
302 Found

ASN
AS54600

Organization
PEG-SV

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
fec523b9aa4f35bf1e9de0046045ced3

HTTP Header MD5
d7becab03a8905d978f0985d2d16182f

HTTP Body MD5
29b5f7615598c74df0019844c163d80c

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 07 Nov 2024 05:34:44 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://<ip>/
Strict-Transport-Security: max-age=31536000

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:34:44.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "29b5f7615598c74df0019844c163d80c",
         "bodymmh3" : -23674247,
         "headermd5" : "d7becab03a8905d978f0985d2d16182f",
         "headermmh3" : 1120248477,
         "title" : "302 Found"
      },
      "length" : 359
   },
   "asn" : "AS54600",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:34:44 GMT\r\nContent-Type: text/html\r\nContent-Length: 138\r\nConnection: close\r\nLocation: https://<ip>/\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "fec523b9aa4f35bf1e9de0046045ced3",
   "datammh3" : 576449098,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS54600",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "petaexpress.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "199-180-100-0-1",
      "organization" : "PEG TECH INC",
      "subnet" : "137.175.32.0/20"
   },
   "ip" : "137.175.45.134",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PEG-SV",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5683,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "137.175.0.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
13.38.19.199

Network
13.36.0.0/14

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://13.38.19.199:5683/ 200

HTTP Title
PaperCut Login

HTTP Description
PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system.

HTTP Keyword(s)
print accounting print control print management print quota software

Reverse DNS
ec2-13-38-19-199.eu-west-3.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

HTTP Component(s)
jQuery jQuery 3.5.1 Oracle Java

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
6602a320a278b26f544c1f7e9b11bbae

HTTP Header MD5
fa25c4eea42a342854fe45cdc0273a72

HTTP Body MD5
8c5529452ed2e5ae1d4f29e7345687a7

HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 05:34:13 GMT
Server: nginx
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Cache-Control: no-cache
Set-Cookie: JSESSIONID=node0sy1sg20fsequ9cu3ezl5v8aiiu2wqboi1fiyxhxr.node0; Path=/; Secure; HttpOnly
Content-Length: 13222

<!DOCTYPE HTML>
<!-- Application: app-server -->
<!-- Page: Home -->
<!-- Generated: Mon Nov 20 12:34:06 EST 2023 -->
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/>
<title>PaperCut Login</title>
<link rel="shortcut icon" href="/images/icons3/favicon.ico" type="image/vnd.microsoft.icon"/>
<meta http-equiv="X-UA-Compatible" content="IE=Edge"/>
<meta name="description" content="PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system."/>
<meta name="keywords" content="print quota, print control, print management, print accounting, software"/>
<meta name="viewport" content="width=device-width, initial-scale=0.8"/>
<link rel="stylesheet" type="text/css" href="/css/style.css?66961papercut-mf" />
<link rel="stylesheet" type="text/css" href="/css/style-override.css?66961papercut-mf" />
<link rel="stylesheet" type="text/css" href="/css/refresh.css?66961papercut-mf" />
<!--[if IE 9]><link rel="stylesheet" type="text/css" href="/css/style-ie9.css?66961papercut-mf" />
<![endif]-->
<!--[if IE 8]><link rel="stylesheet" type="text/css" href="/css/style-ie8.css?66961papercut-mf" />
<![endif]-->
<!--[if IE 7]><link rel="stylesheet" type="text/css" href="/css/style-ie7.css?66961papercut-mf" />
<![endif]-->
<!--[if IE 6]><link rel="stylesheet" type="text/css" href="/css/style-ie6.css?66961papercut-mf" />
<![endif]-->
<script type="text/javascript">var CacheParam = "66961papercut-mf";</script>
<script type="text/javascript" src="/js/jquery/jquery-3.5.1.min.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/jquery/jquery-migrate-3.3.1.min.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/jquery/config.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/lib/underscore/underscore-min.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/common.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/lib/require.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/pages/configure.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/refresh.js?66961papercut-mf"></script>
</head>

<body id="loginBody">
<script language="JavaScript" type="text/javascript"><!--

window.onload = function ()
{
document.Form0.inputUsername.focus();
document.Form0.inputUsername.select();
}

// --></script> <div class="wrap">
    <script type="text/javascript">
    insertScript('/js/pages/Home.js');
    insertScript('/js/pages/LoginPages.js');
    </script>
      <svg viewBox="0 0 280.7 198.5" class="pc-shards">
<polygon points="96.3,136.3 140.4,198.5 162.4,198.5 183.9,130.1 134.9,95.4 "/>
<polygon points="45,63.6 74.9,53 0,0 "/>
<polygon points="134.9,95.4 96.3,136.3 45,63.6 74.9,53 "/>
<polygon points="74.9,53 224.8,0 134.9,95.4 "/>
<polygon points="224.8,0 183.9,130.1 134.9,95.4 "/>
<polygon points="224.8,0 224.8,0 224.8,159 183.9,130.1 "/>
<polygon points="162.4,198.5 224.8,198.5 224.8,159 183.9,130.1 "/>
<polygon points="37.7,198.5 140.4,198.5 96.3,136.3 "/>
<polygon points="0,79.5 0,198.5 37.7,198.5 96.3,136.3 45,63.6 "/>
<polygon points="0,79.5 45,63.6 0,0 "/>
<polygon points="0,79.5 0,79.5 0,79.5 "/>
<polygon points="262.3,198.5 280.7,198.5 265.7,187.9 "/>
<polygon points="224.8,198.5 262.3,198.5 265.7,187.9 224.8,159 "/>
</svg>
<form method="post" name="Form0" action="/app" onsubmit="recordLocale()" autocomplete="off">
<input type="hidden" name="service" value="direct/1/Home/$Form"/>
<input type="hidden" name="sp" value="S0"/>
<input type="hidden" name="Form0" value="$Hidden$0,$Hidden$1,inputUsername,inputPassword,$Submit$0,$PropertySelection"/>
<input type="hidden" name="$Hidden$0" id="javascript-enabled" value="F"/>
<input type="hidden" name="$Hidden$1" value="X"/>
 <div class="login" role="main">
      <div class="box">
        <table class="box-table" title="Login" role="presentation">
          <tr role="row">
            <th class="box-nw" aria-label="No value" role="columnheader" scope="col"></th>
            <th class="box-n" aria-label="No value" role="columnheader" scope="col"></th>
            <th class="box-ne" aria-label="No value" role="columnheader" scope="col"></th>
          </tr>
          <tr role="row">
            <td class="box-w"></td>
            <td class="box-content">

              <div id="login">
 <h1><img alt="PaperCut Logo" src="/custom/login-logo.png?1667504163324" class="logo"></img></h1>

 <h1 id="papercut-user-login-title">Log in</h1>
 <table style="margin-bottom:5px;" title="Username and Password" role="presentation">
                        <tbody>
                          <tr role="row">
                            <th role="rowheader"><label for="inputUsername">Username</label></th>
                            <td><input type="text" name="inputUsername" autocorrect="off" maxlength="50" aria-describedby="login-feedback-message" style="width: 150px;" id="inputUsername" autocapitalize="off" class="field"/></td>
                          </tr>
                          <tr role="row">
                            <th role="rowheader"><label for="inputPassword">Password</label></th>
                            <td><input type="password" name="inputPassword" style="width: 150px;" id="inputPassword" class="field" aria-describedby="login-feedback-message"/></td>
                          </tr>
                        </tbody>
                      </table>


                    <div id="login-feedback-message">



 </div>
<input type="submit" name="$Submit$0" value="Log in" class="loginSubmit" aria-describedby="login-feedback-message"/>



<a href="/app?service=direct/1/Home/oAuth2LoginSuccess" style="display:none" class="btn secondary google">Sign in with Google</a>
<a href="/app?service=direct/1/Home/oAuth2LoginCancel" style="display:none" class="btn secondary microsoft">Sign in with Microsoft</a>
 <a style="display:block; margin-top: 10px;" id="forgot-link" href="/app?service=external/ForgotLoginDetails">
Forgot username or password?</a>

 </div>


            </td>
            <td class="box-e"></td>
          </tr>
          <tr role="row">
            <td class="box-sw"></td>
            <td class="box-s"></td>
            <td class="box-se"></td>
          </tr>
        </table>
      </div>
 <div class="language-box">
          <p id="language-select-text">Language Select</p>
          <svg width="24" height="24" viewBox="50 1777 24 24" class="global" alt="Globe Language Icon">
                <path fill="gray" d="M62,1777c-6.627,0-12,5.373-12,12s5.373,12,12,12s12-5.373,12-12S68.627,1777,62,1777z M58.129,1780.116
        c-0.665,0.732-1.359,1.699-1.925,2.94h-1.833C55.355,1781.79,56.643,1780.771,58.129,1780.116z M53.217,1784.957h2.304
        c-0.251,0.918-0.417,1.954-0.481,3.1h-2.664C52.48,1786.959,52.775,1785.918,53.217,1784.957z M53.236,1793.057
        c-0.447-0.96-0.749-2.001-0.859-3.1h2.662c0.064,1.146,0.23,2.182,0.481,3.1H53.236z M54.401,1794.957h1.803
        c0.549,1.204,1.218,2.146,1.865,2.87C56.624,1797.179,55.369,1796.188,54.401,1794.957z M61.05,1798.054
        c-0.541-0.34-1.814-1.283-2.828-3.097h2.828V1798.054z M61.05,1793.057h-3.645c-0.288-0.893-0.493-1.921-0.566-3.1h4.211V1793.057z
         M61.05,1788.057h-4.211c0.073-1.179,0.278-2.207,0.566-3.1h3.645V1788.057z M61.05,1783.057h-2.828
        c1.014-1.813,2.287-2.757,2.828-3.097V1783.057z M70.823,1784.957c0.441,0.961,0.736,2.002,0.842,3.1h-2.704
        c-0.064-1.146-0.23-2.182-0.481-3.1H70.823z M69.669,1783.057h-1.873c-0.574-1.259-1.279-2.237-1.953-2.974
        C67.358,1780.736,68.669,1781.77,69.669,1783.057z M62.95,1779.96c0.541,0.34,1.814,1.283,2.828,3.097H62.95V1779.96z
         M62.95,1784.957h3.645c0.288,0.893,0.493,1.921,0.566,3.1H62.95V1784.957z M62.95,1789.957h4.211
        c-0.073,1.179-0.278,2.207-0.566,3.1H62.95V1789.957z M62.95,1798.055v-3.098h2.828
        C64.764,1796.772,63.488,1797.716,62.95,1798.055z M65.902,1797.86c0.656-0.729,1.337-1.682,1.894-2.903h1.843
        C68.656,1796.208,67.376,1797.213,65.902,1797.86z M70.804,1793.057h-2.324c0.251-0.918,0.417-1.954,0.481-3.1h2.702
        C71.553,1791.056,71.251,1792.097,70.804,1793.057z"/>
          </svg>
<select name="$PropertySelection" alt="Select language" role="listbox" id="language" aria-label="Select language">
<option value="en" selected="selected">English</option>
<option value="ca">catal&#224;</option>
<option value="zh_CN">&#20013;&#25991; (&#20013;&#22269;)</option>
<option value="zh_HK">&#20013;&#25991; (&#39321;&#28207;)</option>
<option value="zh_TW">&#20013;&#25991; (&#21488;&#28771;)</option>
<option value="hr">hrvatski</option>
<option value="cs">&#269;e&#353;tina</option>
<option value="da">Dansk</option>
<option value="nl">Nederlands</option>
<option value="fi">suomi</option>
<option value="fr">fran&#231;ais</option>
<option value="de">Deutsch</option>
<option value="iw">&#1506;&#1489;&#1512;&#1497;&#1514;</option>
<option value="hu">magyar</option>
<option value="it">italiano</option>
<option value="ja">&#26085;&#26412;&#35486;</option>
<option value="ko">&#54620;&#44397;&#50612;</option>
<option value="lv">Latvie&#353;u</option>
<option value="lt">Lietuvi&#371;</option>
<option value="no">norsk</option>
<option value="pl">polski</option>
<option value="pt">portugu&#234;s (Brasil)</option>
<option value="pt_PT">portugu&#234;s (Portugal)</option>
<option value="ru">&#1088;&#1091;&#1089;&#1089;&#1082;&#1080;&#1081;</option>
<option value="sr">&#1057;&#1088;&#1087;&#1089;&#1082;&#1080;</option>
<option value="sk">Sloven&#269;ina</option>
<option value="sl">Sloven&#353;&#269;ina</option>
<option value="es">espa&#241;ol</option>
<option value="es_ES">espa&#241;ol (Espa&#241;a)</option>
<option value="sv">svenska</option>
<option value="th_TH">&#3652;&#3607;&#3618; (&#3611;&#3619;&#3632;&#3648;&#3607;&#3624;&#3652;&#3607;&#3618;)</option>
<option value="tr">T&#252;rk&#231;e</option>
<option value="cy_GB">Welsh (United Kingdom)</option>
</select> </div>
 <script>
            let languageOptions = document.getElementById("language").children;
            for (let languageOption of languageOptions)
            {
                let lang = languageOption.getAttribute("value");
                if (lang.includes("_")) lang = lang.substr(0, lang.indexOf("_")); // to remove region if specified
                languageOption.setAttribute("lang", lang);
            }
        </script>
<span data-background-uri="/images/login-bg.jpg?66961papercut-mf" data-background-selection="COLOR" data-background-color="#FFFFFF" id="loginCustomization" data-button-color="#01B256" data-forgot-link-text=""></span> <!-- The license has expired!  -->
 </div>
</form>

 <div id="footer" style="position:absolute; bottom: 0px; left: 0px; right: 0px; width: 100%;">
 <div class="product-details">
    <div class="logo"><img src="/images/footer-logo2.png?66961papercut-mf" border="0"/></div>

    <div class="text">
<span class="product"><a href="https://www.papercut.com/products/mf/?clicked=app-footer">PaperCut MF</a></span>

 <div>
Print Management Software</div>
 <!-- analytic purpose -->
<span class="analytic-license-expiry-date" style="display:none"></span>
<span class="analytic-product-build-number" style="display:none">66961</span>
<span class="analytic-product-version" style="display:none">22.1.3</span>
<span class="analytic-product" style="display:none">PaperCut MF</span>
<span class="analytic-product-edition" style="display:none">MF</span> <div class="copyright">
        &copy; Copyright 1999-2023. PaperCut Software Pty Ltd. All rights reserved. </div>
    </div>
  </div>
 </div>
 </div>
  <script language="JavaScript" type="text/javascript">
  var oldonload = window.onload;
  if (typeof window.onload != 'function') {
    window.onload = applyLoginCustomization;
  } else {
    window.onload = function () {
      if (oldonload) {
        oldonload();
      }
        applyLoginCustomization();
    }
  }

  /*
   Apply login customization
   */
  function applyLoginCustomization() {
      var loginCustomization = $("#loginCustomization");
      if (loginCustomization.attr("data-background-selection") == 'IMAGE') {
          loadBackground(loginCustomization.attr("data-background-uri"));
      } else {
          $('#loginBody').find('.wrap').css('background-color', loginCustomization.attr("data-background-color"))
                  .css('background-image', 'none');
      }
      if (loginCustomization.attr("data-button-color") != "") {
          $('#loginBody input[type="submit"].loginSubmit').removeClass('loginSubmit')
                  .css('background-color', loginCustomization.attr("data-button-color"))
                  .css('border-color', loginCustomization.attr("data-button-color"));
      }
      if (loginCustomization.attr("data-forgot-link-text") != "") {
          $('a#forgot-link').text(loginCustomization.attr("data-forgot-link-text"));
      }
  }

  function recordLocale() {
      var languageElement = document.getElementById("language");
      if (languageElement) {
          document.cookie = "ui.locale=" + languageElement.value;
      }
  }
  </script>
</body>
</html>
<!-- Render time: ~ 20 ms -->

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:34:16.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "papercut.com"
         ],
         "hostname" : [
            "www.papercut.com"
         ],
         "url" : [
            "https://www.papercut.com/products/mf/?clicked=app-footer"
         ]
      },
      "http" : {
         "bodymd5" : "8c5529452ed2e5ae1d4f29e7345687a7",
         "bodymmh3" : -856371065,
         "component" : [
            {
               "product" : "Java",
               "productvendor" : "Oracle"
            },
            {
               "product" : "jQuery",
               "productversion" : "3.5.1",
               "productvendor" : "jQuery"
            }
         ],
         "description" : "PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system.",
         "headermd5" : "fa25c4eea42a342854fe45cdc0273a72",
         "headermmh3" : -76101090,
         "keywords" : [
            "print accounting",
            "print control",
            "print management",
            "print quota",
            "software"
         ],
         "title" : "PaperCut Login"
      },
      "length" : 13610
   },
   "asn" : "AS16509",
   "city" : "Paris",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:34:13 GMT\r\nServer: nginx\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1\r\nExpires: Thu, 01 Jan 1970 00:00:00 UTC\r\nCache-Control: no-cache\r\nSet-Cookie: JSESSIONID=node0sy1sg20fsequ9cu3ezl5v8aiiu2wqboi1fiyxhxr.node0; Path=/; Secure; HttpOnly\r\nContent-Length: 13222\r\n\r\n<!DOCTYPE HTML>\n<!-- Application: app-server -->\n<!-- Page: Home -->\n<!-- Generated: Mon Nov 20 12:34:06 EST 2023 -->\n<html lang=\"en\">\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html;charset=UTF-8\"/>\n<title>PaperCut Login</title>\n<link rel=\"shortcut icon\" href=\"/images/icons3/favicon.ico\" type=\"image/vnd.microsoft.icon\"/>\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge\"/>\n<meta name=\"description\" content=\"PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system.\"/>\n<meta name=\"keywords\" content=\"print quota, print control, print management, print accounting, software\"/>\n<meta name=\"viewport\" content=\"width=device-width, initial-scale=0.8\"/>\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style.css?66961papercut-mf\" />\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-override.css?66961papercut-mf\" />\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/css/refresh.css?66961papercut-mf\" />\n<!--[if IE 9]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie9.css?66961papercut-mf\" />\n<![endif]-->\n<!--[if IE 8]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie8.css?66961papercut-mf\" />\n<![endif]-->\n<!--[if IE 7]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie7.css?66961papercut-mf\" />\n<![endif]-->\n<!--[if IE 6]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie6.css?66961papercut-mf\" />\n<![endif]-->\n<script type=\"text/javascript\">var CacheParam = \"66961papercut-mf\";</script>\n<script type=\"text/javascript\" src=\"/js/jquery/jquery-3.5.1.min.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/jquery/jquery-migrate-3.3.1.min.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/jquery/config.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/lib/underscore/underscore-min.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/common.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/lib/require.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/pages/configure.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/refresh.js?66961papercut-mf\"></script>\n</head>\n\n<body id=\"loginBody\">\n<script language=\"JavaScript\" type=\"text/javascript\"><!--\n\nwindow.onload = function ()\n{\ndocument.Form0.inputUsername.focus();\ndocument.Form0.inputUsername.select();\n}\n\n// --></script> <div class=\"wrap\">\n    <script type=\"text/javascript\">\n    insertScript('/js/pages/Home.js');\n    insertScript('/js/pages/LoginPages.js');\n    </script>\n      <svg viewBox=\"0 0 280.7 198.5\" class=\"pc-shards\">\n<polygon points=\"96.3,136.3 140.4,198.5 162.4,198.5 183.9,130.1 134.9,95.4 \"/>\n<polygon points=\"45,63.6 74.9,53 0,0 \"/>\n<polygon points=\"134.9,95.4 96.3,136.3 45,63.6 74.9,53 \"/>\n<polygon points=\"74.9,53 224.8,0 134.9,95.4 \"/>\n<polygon points=\"224.8,0 183.9,130.1 134.9,95.4 \"/>\n<polygon points=\"224.8,0 224.8,0 224.8,159 183.9,130.1 \"/>\n<polygon points=\"162.4,198.5 224.8,198.5 224.8,159 183.9,130.1 \"/>\n<polygon points=\"37.7,198.5 140.4,198.5 96.3,136.3 \"/>\n<polygon points=\"0,79.5 0,198.5 37.7,198.5 96.3,136.3 45,63.6 \"/>\n<polygon points=\"0,79.5 45,63.6 0,0 \"/>\n<polygon points=\"0,79.5 0,79.5 0,79.5 \"/>\n<polygon points=\"262.3,198.5 280.7,198.5 265.7,187.9 \"/>\n<polygon points=\"224.8,198.5 262.3,198.5 265.7,187.9 224.8,159 \"/>\n</svg>\n<form method=\"post\" name=\"Form0\" action=\"/app\" onsubmit=\"recordLocale()\" autocomplete=\"off\">\n<input type=\"hidden\" name=\"service\" value=\"direct/1/Home/$Form\"/>\n<input type=\"hidden\" name=\"sp\" value=\"S0\"/>\n<input type=\"hidden\" name=\"Form0\" value=\"$Hidden$0,$Hidden$1,inputUsername,inputPassword,$Submit$0,$PropertySelection\"/>\n<input type=\"hidden\" name=\"$Hidden$0\" id=\"javascript-enabled\" value=\"F\"/>\n<input type=\"hidden\" name=\"$Hidden$1\" value=\"X\"/>\n <div class=\"login\" role=\"main\">\n      <div class=\"box\">\n        <table class=\"box-table\" title=\"Login\" role=\"presentation\">\n          <tr role=\"row\">\n            <th class=\"box-nw\" aria-label=\"No value\" role=\"columnheader\" scope=\"col\"></th>\n            <th class=\"box-n\" aria-label=\"No value\" role=\"columnheader\" scope=\"col\"></th>\n            <th class=\"box-ne\" aria-label=\"No value\" role=\"columnheader\" scope=\"col\"></th>\n          </tr>\n          <tr role=\"row\">\n            <td class=\"box-w\"></td>\n            <td class=\"box-content\">\n\n              <div id=\"login\">\n <h1><img alt=\"PaperCut Logo\" src=\"/custom/login-logo.png?1667504163324\" class=\"logo\"></img></h1>\n\n <h1 id=\"papercut-user-login-title\">Log in</h1>\n <table style=\"margin-bottom:5px;\" title=\"Username and Password\" role=\"presentation\">\n                        <tbody>\n                          <tr role=\"row\">\n                            <th role=\"rowheader\"><label for=\"inputUsername\">Username</label></th>\n                            <td><input type=\"text\" name=\"inputUsername\" autocorrect=\"off\" maxlength=\"50\" aria-describedby=\"login-feedback-message\" style=\"width: 150px;\" id=\"inputUsername\" autocapitalize=\"off\" class=\"field\"/></td>\n                          </tr>\n                          <tr role=\"row\">\n                            <th role=\"rowheader\"><label for=\"inputPassword\">Password</label></th>\n                            <td><input type=\"password\" name=\"inputPassword\" style=\"width: 150px;\" id=\"inputPassword\" class=\"field\" aria-describedby=\"login-feedback-message\"/></td>\n                          </tr>\n                        </tbody>\n                      </table>\n\n\n                    <div id=\"login-feedback-message\">\n\n\n\n </div>\n<input type=\"submit\" name=\"$Submit$0\" value=\"Log in\" class=\"loginSubmit\" aria-describedby=\"login-feedback-message\"/>\n\n\n\n<a href=\"/app?service=direct/1/Home/oAuth2LoginSuccess\" style=\"display:none\" class=\"btn secondary google\">Sign in with Google</a>\n<a href=\"/app?service=direct/1/Home/oAuth2LoginCancel\" style=\"display:none\" class=\"btn secondary microsoft\">Sign in with Microsoft</a>\n <a style=\"display:block; margin-top: 10px;\" id=\"forgot-link\" href=\"/app?service=external/ForgotLoginDetails\">\nForgot username or password?</a>\n\n </div>\n\n\n            </td>\n            <td class=\"box-e\"></td>\n          </tr>\n          <tr role=\"row\">\n            <td class=\"box-sw\"></td>\n            <td class=\"box-s\"></td>\n            <td class=\"box-se\"></td>\n          </tr>\n        </table>\n      </div>\n <div class=\"language-box\">\n          <p id=\"language-select-text\">Language Select</p>\n          <svg width=\"24\" height=\"24\" viewBox=\"50 1777 24 24\" class=\"global\" alt=\"Globe Language Icon\">\n                <path fill=\"gray\" d=\"M62,1777c-6.627,0-12,5.373-12,12s5.373,12,12,12s12-5.373,12-12S68.627,1777,62,1777z M58.129,1780.116\n        c-0.665,0.732-1.359,1.699-1.925,2.94h-1.833C55.355,1781.79,56.643,1780.771,58.129,1780.116z M53.217,1784.957h2.304\n        c-0.251,0.918-0.417,1.954-0.481,3.1h-2.664C52.48,1786.959,52.775,1785.918,53.217,1784.957z M53.236,1793.057\n        c-0.447-0.96-0.749-2.001-0.859-3.1h2.662c0.064,1.146,0.23,2.182,0.481,3.1H53.236z M54.401,1794.957h1.803\n        c0.549,1.204,1.218,2.146,1.865,2.87C56.624,1797.179,55.369,1796.188,54.401,1794.957z M61.05,1798.054\n        c-0.541-0.34-1.814-1.283-2.828-3.097h2.828V1798.054z M61.05,1793.057h-3.645c-0.288-0.893-0.493-1.921-0.566-3.1h4.211V1793.057z\n         M61.05,1788.057h-4.211c0.073-1.179,0.278-2.207,0.566-3.1h3.645V1788.057z M61.05,1783.057h-2.828\n        c1.014-1.813,2.287-2.757,2.828-3.097V1783.057z M70.823,1784.957c0.441,0.961,0.736,2.002,0.842,3.1h-2.704\n        c-0.064-1.146-0.23-2.182-0.481-3.1H70.823z M69.669,1783.057h-1.873c-0.574-1.259-1.279-2.237-1.953-2.974\n        C67.358,1780.736,68.669,1781.77,69.669,1783.057z M62.95,1779.96c0.541,0.34,1.814,1.283,2.828,3.097H62.95V1779.96z\n         M62.95,1784.957h3.645c0.288,0.893,0.493,1.921,0.566,3.1H62.95V1784.957z M62.95,1789.957h4.211\n        c-0.073,1.179-0.278,2.207-0.566,3.1H62.95V1789.957z M62.95,1798.055v-3.098h2.828\n        C64.764,1796.772,63.488,1797.716,62.95,1798.055z M65.902,1797.86c0.656-0.729,1.337-1.682,1.894-2.903h1.843\n        C68.656,1796.208,67.376,1797.213,65.902,1797.86z M70.804,1793.057h-2.324c0.251-0.918,0.417-1.954,0.481-3.1h2.702\n        C71.553,1791.056,71.251,1792.097,70.804,1793.057z\"/>\n          </svg>\n<select name=\"$PropertySelection\" alt=\"Select language\" role=\"listbox\" id=\"language\" aria-label=\"Select language\">\n<option value=\"en\" selected=\"selected\">English</option>\n<option value=\"ca\">catal&#224;</option>\n<option value=\"zh_CN\">&#20013;&#25991; (&#20013;&#22269;)</option>\n<option value=\"zh_HK\">&#20013;&#25991; (&#39321;&#28207;)</option>\n<option value=\"zh_TW\">&#20013;&#25991; (&#21488;&#28771;)</option>\n<option value=\"hr\">hrvatski</option>\n<option value=\"cs\">&#269;e&#353;tina</option>\n<option value=\"da\">Dansk</option>\n<option value=\"nl\">Nederlands</option>\n<option value=\"fi\">suomi</option>\n<option value=\"fr\">fran&#231;ais</option>\n<option value=\"de\">Deutsch</option>\n<option value=\"iw\">&#1506;&#1489;&#1512;&#1497;&#1514;</option>\n<option value=\"hu\">magyar</option>\n<option value=\"it\">italiano</option>\n<option value=\"ja\">&#26085;&#26412;&#35486;</option>\n<option value=\"ko\">&#54620;&#44397;&#50612;</option>\n<option value=\"lv\">Latvie&#353;u</option>\n<option value=\"lt\">Lietuvi&#371;</option>\n<option value=\"no\">norsk</option>\n<option value=\"pl\">polski</option>\n<option value=\"pt\">portugu&#234;s (Brasil)</option>\n<option value=\"pt_PT\">portugu&#234;s (Portugal)</option>\n<option value=\"ru\">&#1088;&#1091;&#1089;&#1089;&#1082;&#1080;&#1081;</option>\n<option value=\"sr\">&#1057;&#1088;&#1087;&#1089;&#1082;&#1080;</option>\n<option value=\"sk\">Sloven&#269;ina</option>\n<option value=\"sl\">Sloven&#353;&#269;ina</option>\n<option value=\"es\">espa&#241;ol</option>\n<option value=\"es_ES\">espa&#241;ol (Espa&#241;a)</option>\n<option value=\"sv\">svenska</option>\n<option value=\"th_TH\">&#3652;&#3607;&#3618; (&#3611;&#3619;&#3632;&#3648;&#3607;&#3624;&#3652;&#3607;&#3618;)</option>\n<option value=\"tr\">T&#252;rk&#231;e</option>\n<option value=\"cy_GB\">Welsh (United Kingdom)</option>\n</select> </div>\n <script>\n            let languageOptions = document.getElementById(\"language\").children;\n            for (let languageOption of languageOptions)\n            {\n                let lang = languageOption.getAttribute(\"value\");\n                if (lang.includes(\"_\")) lang = lang.substr(0, lang.indexOf(\"_\")); // to remove region if specified\n                languageOption.setAttribute(\"lang\", lang);\n            }\n        </script>\n<span data-background-uri=\"/images/login-bg.jpg?66961papercut-mf\" data-background-selection=\"COLOR\" data-background-color=\"#FFFFFF\" id=\"loginCustomization\" data-button-color=\"#01B256\" data-forgot-link-text=\"\"></span> <!-- The license has expired!  -->\n </div>\n</form>\n\n <div id=\"footer\" style=\"position:absolute; bottom: 0px; left: 0px; right: 0px; width: 100%;\">\n <div class=\"product-details\">\n    <div class=\"logo\"><img src=\"/images/footer-logo2.png?66961papercut-mf\" border=\"0\"/></div>\n\n    <div class=\"text\">\n<span class=\"product\"><a href=\"https://www.papercut.com/products/mf/?clicked=app-footer\">PaperCut MF</a></span>\n\n <div>\nPrint Management Software</div>\n <!-- analytic purpose -->\n<span class=\"analytic-license-expiry-date\" style=\"display:none\"></span>\n<span class=\"analytic-product-build-number\" style=\"display:none\">66961</span>\n<span class=\"analytic-product-version\" style=\"display:none\">22.1.3</span>\n<span class=\"analytic-product\" style=\"display:none\">PaperCut MF</span>\n<span class=\"analytic-product-edition\" style=\"display:none\">MF</span> <div class=\"copyright\">\n        &copy; Copyright 1999-2023. PaperCut Software Pty Ltd. All rights reserved. </div>\n    </div>\n  </div>\n </div>\n </div>\n  <script language=\"JavaScript\" type=\"text/javascript\">\n  var oldonload = window.onload;\n  if (typeof window.onload != 'function') {\n    window.onload = applyLoginCustomization;\n  } else {\n    window.onload = function () {\n      if (oldonload) {\n        oldonload();\n      }\n        applyLoginCustomization();\n    }\n  }\n\n  /*\n   Apply login customization\n   */\n  function applyLoginCustomization() {\n      var loginCustomization = $(\"#loginCustomization\");\n      if (loginCustomization.attr(\"data-background-selection\") == 'IMAGE') {\n          loadBackground(loginCustomization.attr(\"data-background-uri\"));\n      } else {\n          $('#loginBody').find('.wrap').css('background-color', loginCustomization.attr(\"data-background-color\"))\n                  .css('background-image', 'none');\n      }\n      if (loginCustomization.attr(\"data-button-color\") != \"\") {\n          $('#loginBody input[type=\"submit\"].loginSubmit').removeClass('loginSubmit')\n                  .css('background-color', loginCustomization.attr(\"data-button-color\"))\n                  .css('border-color', loginCustomization.attr(\"data-button-color\"));\n      }\n      if (loginCustomization.attr(\"data-forgot-link-text\") != \"\") {\n          $('a#forgot-link').text(loginCustomization.attr(\"data-forgot-link-text\"));\n      }\n  }\n\n  function recordLocale() {\n      var languageElement = document.getElementById(\"language\");\n      if (languageElement) {\n          document.cookie = \"ui.locale=\" + languageElement.value;\n      }\n  }\n  </script>\n</body>\n</html>\n<!-- Render time: ~ 20 ms -->\n\n\n",
   "datamd5" : "6602a320a278b26f544c1f7e9b11bbae",
   "datammh3" : 1404482669,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "AMAZON-CDG",
      "organization" : "Amazon Data Services France",
      "subnet" : "13.36.0.0/14"
   },
   "host" : [
      "ec2-13-38-19-199"
   ],
   "hostname" : [
      "ec2-13-38-19-199.eu-west-3.compute.amazonaws.com"
   ],
   "ip" : "13.38.19.199",
   "ipv6" : "false",
   "latitude" : "48.8323",
   "location" : "48.8323,2.4075",
   "longitude" : "2.4075",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5683,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-13-38-19-199.eu-west-3.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-west-3.compute.amazonaws.com"
   ],
   "subnet" : "13.36.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
103.43.18.187

Network
103.43.16.0/22

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://103.43.18.187:5683/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS132883

Organization
TOPWAY GLOBAL LIMITED

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
F5 Nginx 1.17.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
023c8c5e51d9ce9369af8e1f921f5e3f

HTTP Header MD5
f4eaba8998b0e515f84d95c1ad5ea5c7

HTTP Body MD5
a2b4897849c71fbcb21dd632d3506361

HTTP/1.1 400 Bad Request
Server: nginx/1.17.6
Date: Thu, 07 Nov 2024 05:29:42 GMT
Content-Type: text/html
Content-Length: 255
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.17.6</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:33:53.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "a2b4897849c71fbcb21dd632d3506361",
         "bodymmh3" : -2063426561,
         "headermd5" : "f4eaba8998b0e515f84d95c1ad5ea5c7",
         "headermmh3" : -1302771085,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 407
   },
   "asn" : "AS132883",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 05:29:42 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.17.6</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "023c8c5e51d9ce9369af8e1f921f5e3f",
   "datammh3" : 457427036,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS132883",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnaaa.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "cnaaa",
      "organization" : "Jiangsu Sanai network science and technology co ,LTD",
      "subnet" : "103.43.16.0/22"
   },
   "ip" : "103.43.18.187",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TOPWAY GLOBAL LIMITED",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 5683,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.17.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "103.43.16.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 36,378 in 0.067 second(s)

209.23.10.147:5683 (tcp/http) - last seen on 2024-11-07 at 05:37:15 UTC

103.43.16.78:5683 (tcp/http) - last seen on 2024-11-07 at 05:36:56 UTC

203.91.79.57:5683 (tcp/unknown) - last seen on 2024-11-07 at 05:36:14 UTC

211.83.1.224:5683 (tcp/http) - last seen on 2024-11-07 at 05:35:18 UTC

86.110.180.98:5683 (tcp/http) - last seen on 2024-11-07 at 05:35:17 UTC

65.181.147.124:5683 (tcp/http) - last seen on 2024-11-07 at 05:35:12 UTC

43.251.236.25:5683 (tcp/http) - last seen on 2024-11-07 at 05:34:47 UTC

137.175.45.134:5683 (tcp/http) - last seen on 2024-11-07 at 05:34:44 UTC

13.38.19.199:5683 (tcp/http) - last seen on 2024-11-07 at 05:34:16 UTC

103.43.18.187:5683 (tcp/http) - last seen on 2024-11-07 at 05:33:53 UTC