Returning 10 result(s) out of 36,378 in 0.067 second(s)

  • 209.23.10.147:5683 (tcp/http) - last seen on 2024-11-07 at 05:37:15 UTC

    • IP
      209.23.10.147
      Network
      209.23.8.0/22
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://209.23.10.147:5683/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS6364
      Organization
      ATLANTIC-NET-1
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0c1820e0d381850a77897bf32978a1f0
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      ea425366a98dfc499c0cbeedb9a4f02a
    • HTTP/1.1 400 Bad Request
      Server: nginx
      Date: Thu, 07 Nov 2024 05:37:14 GMT
      Content-Type: text/html
      Content-Length: 248
      Connection: close
      
      <html>
      <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <center>The plain HTTP request was sent to HTTPS port</center>
      <hr><center>nginx</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T05:37:15.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
               "bodymmh3" : 1153229498,
               "headermd5" : "a629a0fe278971ad61801ba6975ba467",
               "headermmh3" : 287310305,
               "title" : "400 The plain HTTP request was sent to HTTPS port"
            },
            "length" : 393
         },
         "asn" : "AS6364",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:37:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
         "datammh3" : 190190724,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS6364",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "atlantic.net"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "DAL2-CLOUD",
            "organization" : "Atlantic.Net - Dallas, LLC.",
            "subnet" : "209.23.8.0/22"
         },
         "ip" : "209.23.10.147",
         "ipv6" : "false",
         "latitude" : "37.7510",
         "location" : "37.7510,-97.8220",
         "longitude" : "-97.8220",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "ATLANTIC-NET-1",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 5683,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "209.23.8.0/22",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 103.43.16.78:5683 (tcp/http) - last seen on 2024-11-07 at 05:36:56 UTC

    • IP
      103.43.16.78
      Network
      103.43.16.0/22
      Device

      <enterprise field>: device.class

      URL

      http://103.43.16.78:5683/$%7BrandomUrl%7D 200

      ASN
      AS132883
      Organization
      TOPWAY GLOBAL LIMITED
      Protocol
      http
      Source
      urlscan::redirect
    • Product
      F5 Nginx 1.17.6
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a921ec0c33b287a5b32845ce36a9f9b4
      HTTP Header MD5
      7cb8a64a5c41d5db44d85d677dbec3ce
      HTTP Body MD5
      db475c674e230d3b59b9d4c51e192872
    • HTTP/1.1 200 OK
      Server: nginx/1.17.6
      Date: Thu, 07 Nov 2024 05:36:15 GMT
      Content-Type: text/html
      Content-Length: 1728
      Last-Modified: Mon, 04 Nov 2024 11:57:54 GMT
      Connection: close
      ETag: "6728b6c2-6c0"
      Accept-Ranges: bytes
      
      <!DOCTYPE html>
      <html lang="zh-CN">
      <head>
          <!-- Google tag (gtag.js) -->
          <script async src="https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"></script>
          <script>
              <script>
                  window.dataLayer = window.dataLayer || [];
                  function gtag(){dataLayer.push(arguments);}
                  gtag('js', new Date());
      
                  gtag('config', 'G-0GJHN159XX');
          </script>
      
      <script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
      <script>LA.init({id:"3IsbgF2faH56SAiO",ck:"3IsbgF2faH56SAiO"})</script>
      
      <script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
      <script>LA.init({id:"3GuWRdQLAUfAEIDe",ck:"3GuWRdQLAUfAEIDe"})</script>
      
      
      
          <meta charset="UTF-8">
          <meta name="format-detection" content="telephone=yes">
          <meta name="viewport"
                content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no">
          <script>
              const urls = [
                  "https://139.155.134.148/tt/test.html?333?666aaa",
                  "https://162.14.69.113/"
              ];
              const randomUrl = urls[Math.floor(Math.random() * urls.length)];
      
              document.write(`<meta http-equiv="refresh" content="9;url=${randomUrl}">`);
              window.onload = function () {
                  document.getElementById('myiframe').src = randomUrl;
              };
          </script>
          <style>
              body, html {
                  margin: 0;
                  padding: 0;
                  height: 100%;
                  overflow: hidden;
              }
      
              iframe {
                  width: 100%;
                  height: 100vh;
                  border: none;
              }
          </style>
      </head>
      <body>
      <iframe id="myiframe" scrolling="no"></iframe>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T05:36:56.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "googletagmanager.com"
               ],
               "hostname" : [
                  "www.googletagmanager.com"
               ],
               "ip" : [
                  "139.155.134.148",
                  "162.14.69.113"
               ],
               "url" : [
                  "https://139.155.134.148/tt/test.html?333?666aaa",
                  "https://162.14.69.113/",
                  "https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"
               ]
            },
            "http" : {
               "bodymd5" : "db475c674e230d3b59b9d4c51e192872",
               "bodymmh3" : 488145746,
               "header" : [
                  {
                     "value" : "Mon, 04 Nov 2024 11:57:54 GMT",
                     "name" : "Last-Modified"
                  },
                  {
                     "value" : "6728b6c2-6c0",
                     "name" : "ETag"
                  }
               ],
               "headermd5" : "7cb8a64a5c41d5db44d85d677dbec3ce",
               "headermmh3" : 32767166,
               "tracker" : {
                  "ga" : [
                     "G-0GJHN159XX"
                  ]
               }
            },
            "length" : 1962
         },
         "asn" : "AS132883",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 05:36:15 GMT\r\nContent-Type: text/html\r\nContent-Length: 1728\r\nLast-Modified: Mon, 04 Nov 2024 11:57:54 GMT\r\nConnection: close\r\nETag: \"6728b6c2-6c0\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html lang=\"zh-CN\">\n<head>\n    <!-- Google tag (gtag.js) -->\n    <script async src=\"https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX\"></script>\n    <script>\n        <script>\n            window.dataLayer = window.dataLayer || [];\n            function gtag(){dataLayer.push(arguments);}\n            gtag('js', new Date());\n\n            gtag('config', 'G-0GJHN159XX');\n    </script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3IsbgF2faH56SAiO\",ck:\"3IsbgF2faH56SAiO\"})</script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3GuWRdQLAUfAEIDe\",ck:\"3GuWRdQLAUfAEIDe\"})</script>\n\n\n\n    <meta charset=\"UTF-8\">\n    <meta name=\"format-detection\" content=\"telephone=yes\">\n    <meta name=\"viewport\"\n          content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no\">\n    <script>\n        const urls = [\n            \"https://139.155.134.148/tt/test.html?333?666aaa\",\n            \"https://162.14.69.113/\"\n        ];\n        const randomUrl = urls[Math.floor(Math.random() * urls.length)];\n\n        document.write(`<meta http-equiv=\"refresh\" content=\"9;url=${randomUrl}\">`);\n        window.onload = function () {\n            document.getElementById('myiframe').src = randomUrl;\n        };\n    </script>\n    <style>\n        body, html {\n            margin: 0;\n            padding: 0;\n            height: 100%;\n            overflow: hidden;\n        }\n\n        iframe {\n            width: 100%;\n            height: 100vh;\n            border: none;\n        }\n    </style>\n</head>\n<body>\n<iframe id=\"myiframe\" scrolling=\"no\"></iframe>\n</body>\n</html>\n",
         "datamd5" : "a921ec0c33b287a5b32845ce36a9f9b4",
         "datammh3" : -1249100627,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "forward" : "103.43.16.78",
         "geolocus" : {
            "asn" : "AS132883",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "cnaaa.com",
               "cnnic.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "cnaaa",
            "organization" : "Jiangsu Sanai network science and technology co ,LTD",
            "subnet" : "103.43.16.0/22"
         },
         "hostname" : [
            "103.43.16.78"
         ],
         "ip" : "103.43.16.78",
         "ipv6" : "false",
         "latitude" : "34.7732",
         "location" : "34.7732,113.7220",
         "longitude" : "113.7220",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "TOPWAY GLOBAL LIMITED",
         "port" : 5683,
         "product" : "Nginx",
         "productvendor" : "F5",
         "productversion" : "1.17.6",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-07",
         "source" : "urlscan::redirect",
         "status" : 200,
         "subnet" : "103.43.16.0/22",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/$%7BrandomUrl%7D"
      }
      
  • 203.91.79.57:5683 (tcp/unknown) - last seen on 2024-11-07 at 05:36:14 UTC

    • IP
      203.91.79.57
      Network
      203.91.72.0/21
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      ASN
      AS400619
      Organization
      AROSS-AS
      Protocol
      unknown
      Source
      datascan
    • Operating System
      Microsoft Windows
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      55a54008ad1ba589aa210d2629c1df41
    • \x01
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T05:36:14.000Z",
         "app" : {
            "length" : 1
         },
         "asn" : "AS400619",
         "country" : "HK",
         "data" : "\\x01",
         "datamd5" : "55a54008ad1ba589aa210d2629c1df41",
         "datammh3" : -463810133,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS55020",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "HK",
            "countryname" : "Hong Kong",
            "domain" : [
               "gmail.com"
            ],
            "isineu" : "false",
            "latitude" : "22.396428",
            "location" : "22.396428,114.109497",
            "longitude" : "114.109497",
            "netname" : "LIHGL-HK",
            "organization" : "LANLIAN INTERNATIONAL HOLDING GROUP LIMITED",
            "subnet" : "203.91.72.0/21"
         },
         "ip" : "203.91.79.57",
         "ipv6" : "false",
         "latitude" : "22.2578",
         "location" : "22.2578,114.1657",
         "longitude" : "114.1657",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "AROSS-AS",
         "os" : "Windows",
         "osvendor" : "Microsoft",
         "port" : 5683,
         "protocol" : "unknown",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "subnet" : "203.91.72.0/21",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 211.83.1.224:5683 (tcp/http) - last seen on 2024-11-07 at 05:35:18 UTC

    • IP
      211.83.1.224
      Network
      211.80.0.0/13
      Device

      <enterprise field>: device.class

      URL

      http://211.83.1.224:5683/ 200

      ASN
      AS4538
      Organization
      China Education and Research Network Center
      Protocol
      http
      Source
      datascan
    • Product
      Apache HTTP Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      78c3e039cbd0a73236a392b0736f2813
      HTTP Header MD5
      97eb73c41d2d1f332d0a4ddd4c85c3de
      HTTP Body MD5
      b6acc412f4a6c5f75993c1f36f4400a0
    • HTTP/1.1 200 ok
      Server: Apache
      Content-Length:  222
      Cache-Control: no-cache
      Connection: close
      
      <script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:5683/'</script>
      
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T05:35:18.000Z",
         "app" : {
            "extract" : {
               "ip" : [
                  "10.100.100.114",
                  "211.83.41.225"
               ],
               "url" : [
                  "http://211.83.41.225/eportal/index.jsp?wlanuserip="
               ]
            },
            "http" : {
               "bodymd5" : "b6acc412f4a6c5f75993c1f36f4400a0",
               "bodymmh3" : 477332704,
               "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
               "headermmh3" : -1169498968
            },
            "length" : 311
         },
         "asn" : "AS4538",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  222\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:5683/'</script>\r\n\r\n",
         "datamd5" : "78c3e039cbd0a73236a392b0736f2813",
         "datammh3" : -1161447624,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS4538",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "211.in-addr.arpa",
               "apnic.net",
               "cernet.edu.cn",
               "scut.edu.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "CERNET",
            "organization" : "China Education and Research Network",
            "subnet" : "211.80.0.0/13"
         },
         "ip" : "211.83.1.224",
         "ipv6" : "false",
         "latitude" : "34.7732",
         "location" : "34.7732,113.7220",
         "longitude" : "113.7220",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "China Education and Research Network Center",
         "port" : 5683,
         "product" : "HTTP Server",
         "productvendor" : "Apache",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "ok",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "211.80.0.0/13",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 86.110.180.98:5683 (tcp/http) - last seen on 2024-11-07 at 05:35:17 UTC

    • IP
      86.110.180.98
      Network
      86.110.180.0/22
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Debian
      URL

      http://86.110.180.98:5683/ 400

      HTTP Title
      400 Bad Request
      ASN
      AS15774
      Organization
      Limited Liability Company TTK-Svyaz
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Debian
      Product
      Apache HTTP Server 2.4.62
      HTTP Component(s)
      Apache HTTP Server 2.4.62
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4de546e8553c1868d331c48f79e28924
      HTTP Header MD5
      ea009b654048fe109579fc7cc35429b2
      HTTP Body MD5
      2b3e3d62f4c81e66e075e93825115a85
    • HTTP/1.1 400 Bad Request
      Date: Thu, 07 Nov 2024 05:35:16 GMT
      Server: Apache/2.4.62 (Debian)
      Content-Length: 438
      Connection: close
      Content-Type: text/html; charset=iso-8859-1
      
      <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
      <html><head>
      <title>400 Bad Request</title>
      </head><body>
      <h1>Bad Request</h1>
      <p>Your browser sent a request that this server could not understand.<br />
      Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
       Instead use the HTTPS scheme to access this URL, please.<br />
      </p>
      <hr>
      <address>Apache/2.4.62 (Debian) Server at localhost Port 443</address>
      </body></html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T05:35:17.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "2b3e3d62f4c81e66e075e93825115a85",
               "bodymmh3" : 2035117857,
               "component" : [
                  {
                     "product" : "HTTP Server",
                     "productversion" : "2.4.62",
                     "productvendor" : "Apache"
                  }
               ],
               "headermd5" : "ea009b654048fe109579fc7cc35429b2",
               "headermmh3" : -899123881,
               "title" : "400 Bad Request"
            },
            "length" : 620
         },
         "asn" : "AS15774",
         "country" : "RU",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:35:16 GMT\r\nServer: Apache/2.4.62 (Debian)\r\nContent-Length: 438\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\nReason: You're speaking plain HTTP to an SSL-enabled server port.<br />\n Instead use the HTTPS scheme to access this URL, please.<br />\n</p>\n<hr>\n<address>Apache/2.4.62 (Debian) Server at localhost Port 443</address>\n</body></html>\n",
         "datamd5" : "4de546e8553c1868d331c48f79e28924",
         "datammh3" : -1118480146,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS44775",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "RU",
            "countryname" : "Russia",
            "domain" : [
               "electro-com.ru",
               "ttk.ru"
            ],
            "isineu" : "false",
            "latitude" : "61.52401",
            "location" : "61.52401,105.318756",
            "longitude" : "105.318756",
            "netname" : "ELECTRO-COM-NET",
            "organization" : "Rostov-On-Don Network",
            "subnet" : "86.110.180.0/22"
         },
         "ip" : "86.110.180.98",
         "ipv6" : "false",
         "latitude" : "55.7386",
         "location" : "55.7386,37.6068",
         "longitude" : "37.6068",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Limited Liability Company TTK-Svyaz",
         "os" : "Linux",
         "osdistribution" : "Debian",
         "osvendor" : "Linux",
         "port" : 5683,
         "product" : "HTTP Server",
         "productvendor" : "Apache",
         "productversion" : "2.4.62",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "86.110.180.0/22",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 65.181.147.124:5683 (tcp/http) - last seen on 2024-11-07 at 05:35:12 UTC

    • IP
      65.181.147.124
      Network
      65.181.128.0/19
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://65.181.147.124:5683/ 200

      HTTP Title
      Welcome to OpenResty!
      ASN
      AS134729
      Organization
      JOINT POWER TECHNOLOGY LIMITED
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      OpenResty OpenResty
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e9d065ee67e3562b97c20680dbe58552
      HTTP Header MD5
      40d3d0b13e398bbca889c08417e6f928
      HTTP Body MD5
      4c58a19da43c2e4c47593beade2c6576
    • HTTP/1.1 200 OK
      Server: openresty
      Date: Thu, 07 Nov 2024 05:35:10 GMT
      Content-Type: text/html
      Content-Length: 1097
      Connection: close
      Vary: Accept-Encoding
      Last-Modified: Wed, 06 Sep 2023 08:46:51 GMT
      Vary: Accept-Encoding
      ETag: "64f83c7b-449"
      Accept-Ranges: bytes
      
      <!DOCTYPE html>
      <html>
      <head>
      <meta content="text/html;charset=utf-8" http-equiv="Content-Type">
      <meta content="utf-8" http-equiv="encoding">
      <title>Welcome to OpenResty!</title>
      <style>
          body {
              width: 35em;
              margin: 0 auto;
              font-family: Tahoma, Verdana, Arial, sans-serif;
          }
      </style>
      </head>
      <body>
      <h1>Welcome to OpenResty!</h1>
      <p>If you see this page, the OpenResty web platform is successfully installed and
      working. Further configuration is required.</p>
      
      <p>For online documentation and support please refer to our
      <a href="https://openresty.org/">openresty.org</a> site<br/>
      Commercial support is available at
      <a href="https://openresty.com/">openresty.com</a>.</p>
      <p>We have articles on troubleshooting issues like <a href="https://blog.openresty.com/en/lua-cpu-flame-graph/?src=wb">high CPU usage</a> and
      <a href="https://blog.openresty.com/en/how-or-alloc-mem/">large memory usage</a> on <a href="https://blog.openresty.com/">our official blog site</a>.
      <p><em>Thank you for flying <a href="https://openresty.org/">OpenResty</a>.</em></p>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T05:35:12.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "openresty.org",
                  "openresty.com"
               ],
               "hostname" : [
                  "blog.openresty.com",
                  "openresty.com",
                  "openresty.org"
               ],
               "url" : [
                  "https://blog.openresty.com/",
                  "https://blog.openresty.com/en/how-or-alloc-mem/",
                  "https://blog.openresty.com/en/lua-cpu-flame-graph/?src=wb",
                  "https://openresty.com/",
                  "https://openresty.org/"
               ]
            },
            "http" : {
               "bodymd5" : "4c58a19da43c2e4c47593beade2c6576",
               "bodymmh3" : -778468377,
               "header" : [
                  {
                     "value" : "Wed, 06 Sep 2023 08:46:51 GMT",
                     "name" : "Last-Modified"
                  },
                  {
                     "value" : "64f83c7b-449",
                     "name" : "ETag"
                  }
               ],
               "headermd5" : "40d3d0b13e398bbca889c08417e6f928",
               "headermmh3" : -684903343,
               "title" : "Welcome to OpenResty!"
            },
            "length" : 1374
         },
         "asn" : "AS134729",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 07 Nov 2024 05:35:10 GMT\r\nContent-Type: text/html\r\nContent-Length: 1097\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Wed, 06 Sep 2023 08:46:51 GMT\r\nVary: Accept-Encoding\r\nETag: \"64f83c7b-449\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta content=\"text/html;charset=utf-8\" http-equiv=\"Content-Type\">\n<meta content=\"utf-8\" http-equiv=\"encoding\">\n<title>Welcome to OpenResty!</title>\n<style>\n    body {\n        width: 35em;\n        margin: 0 auto;\n        font-family: Tahoma, Verdana, Arial, sans-serif;\n    }\n</style>\n</head>\n<body>\n<h1>Welcome to OpenResty!</h1>\n<p>If you see this page, the OpenResty web platform is successfully installed and\nworking. Further configuration is required.</p>\n\n<p>For online documentation and support please refer to our\n<a href=\"https://openresty.org/\">openresty.org</a> site<br/>\nCommercial support is available at\n<a href=\"https://openresty.com/\">openresty.com</a>.</p>\n<p>We have articles on troubleshooting issues like <a href=\"https://blog.openresty.com/en/lua-cpu-flame-graph/?src=wb\">high CPU usage</a> and\n<a href=\"https://blog.openresty.com/en/how-or-alloc-mem/\">large memory usage</a> on <a href=\"https://blog.openresty.com/\">our official blog site</a>.\n<p><em>Thank you for flying <a href=\"https://openresty.org/\">OpenResty</a>.</em></p>\n</body>\n</html>\n",
         "datamd5" : "e9d065ee67e3562b97c20680dbe58552",
         "datammh3" : 1392601195,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS134729",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "ipxo.com",
               "pair.com",
               "pairnetworks.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "IXPO-65-181-128-0-19-REALLOCATION",
            "organization" : "IPXO LLC",
            "subnet" : "65.181.144.0/21"
         },
         "ip" : "65.181.147.124",
         "ipv6" : "false",
         "latitude" : "37.7510",
         "location" : "37.7510,-97.8220",
         "longitude" : "-97.8220",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "JOINT POWER TECHNOLOGY LIMITED",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 5683,
         "product" : "OpenResty",
         "productvendor" : "OpenResty",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "65.181.128.0/19",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 43.251.236.25:5683 (tcp/http) - last seen on 2024-11-07 at 05:34:47 UTC

    • IP
      43.251.236.25
      Network
      43.251.236.0/22
      Device

      <enterprise field>: device.class

      URL

      http://43.251.236.25:5683/$%7BrandomUrl%7D 200

      ASN
      AS132883
      Organization
      TOPWAY GLOBAL LIMITED
      Protocol
      http
      Source
      urlscan::redirect
    • Product
      F5 Nginx 1.17.6
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a1a952682e73758a5ad3c1462ccfc9e8
      HTTP Header MD5
      7cb8a64a5c41d5db44d85d677dbec3ce
      HTTP Body MD5
      f676b85516c6adce06fd47604ce661a9
    • HTTP/1.1 200 OK
      Server: nginx/1.17.6
      Date: Thu, 07 Nov 2024 05:34:45 GMT
      Content-Type: text/html
      Content-Length: 1731
      Last-Modified: Mon, 04 Nov 2024 06:13:00 GMT
      Connection: close
      ETag: "672865ec-6c3"
      Accept-Ranges: bytes
      
      <!DOCTYPE html>
      <html lang="zh-CN">
      <head>
          <!-- Google tag (gtag.js) -->
          <script async src="https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"></script>
          <script>
              <script>
                  window.dataLayer = window.dataLayer || [];
                  function gtag(){dataLayer.push(arguments);}
                  gtag('js', new Date());
      
                  gtag('config', 'G-0GJHN159XX');
          </script>
      
      <script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
      <script>LA.init({id:"3IsbgF2faH56SAiO",ck:"3IsbgF2faH56SAiO"})</script>
      
      <script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
      <script>LA.init({id:"3HIVnf9pT2UywXqw",ck:"3HIVnf9pT2UywXqw"})</script>
      
      
      
      
          <meta charset="UTF-8">
          <meta name="format-detection" content="telephone=yes">
          <meta name="viewport"
                content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no">
          <script>
              const urls = [
                  "https://103.86.44.21/sanfang/index.html?303111aaa",
                  "https://162.14.69.113/"
              ];
              const randomUrl = urls[Math.floor(Math.random() * urls.length)];
      
              document.write(`<meta http-equiv="refresh" content="9;url=${randomUrl}">`);
              window.onload = function () {
                  document.getElementById('myiframe').src = randomUrl;
              };
          </script>
          <style>
              body, html {
                  margin: 0;
                  padding: 0;
                  height: 100%;
                  overflow: hidden;
              }
      
              iframe {
                  width: 100%;
                  height: 100vh;
                  border: none;
              }
          </style>
      </head>
      <body>
      <iframe id="myiframe" scrolling="no"></iframe>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T05:34:47.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "googletagmanager.com"
               ],
               "hostname" : [
                  "www.googletagmanager.com"
               ],
               "ip" : [
                  "162.14.69.113",
                  "103.86.44.21"
               ],
               "url" : [
                  "https://103.86.44.21/sanfang/index.html?303111aaa",
                  "https://162.14.69.113/",
                  "https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"
               ]
            },
            "http" : {
               "bodymd5" : "f676b85516c6adce06fd47604ce661a9",
               "bodymmh3" : 1332320570,
               "header" : [
                  {
                     "name" : "Last-Modified",
                     "value" : "Mon, 04 Nov 2024 06:13:00 GMT"
                  },
                  {
                     "value" : "672865ec-6c3",
                     "name" : "ETag"
                  }
               ],
               "headermd5" : "7cb8a64a5c41d5db44d85d677dbec3ce",
               "headermmh3" : 1557794133,
               "tracker" : {
                  "ga" : [
                     "G-0GJHN159XX"
                  ]
               }
            },
            "length" : 1965
         },
         "asn" : "AS132883",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 05:34:45 GMT\r\nContent-Type: text/html\r\nContent-Length: 1731\r\nLast-Modified: Mon, 04 Nov 2024 06:13:00 GMT\r\nConnection: close\r\nETag: \"672865ec-6c3\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html lang=\"zh-CN\">\n<head>\n    <!-- Google tag (gtag.js) -->\n    <script async src=\"https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX\"></script>\n    <script>\n        <script>\n            window.dataLayer = window.dataLayer || [];\n            function gtag(){dataLayer.push(arguments);}\n            gtag('js', new Date());\n\n            gtag('config', 'G-0GJHN159XX');\n    </script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3IsbgF2faH56SAiO\",ck:\"3IsbgF2faH56SAiO\"})</script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3HIVnf9pT2UywXqw\",ck:\"3HIVnf9pT2UywXqw\"})</script>\n\n\n\n\n    <meta charset=\"UTF-8\">\n    <meta name=\"format-detection\" content=\"telephone=yes\">\n    <meta name=\"viewport\"\n          content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no\">\n    <script>\n        const urls = [\n            \"https://103.86.44.21/sanfang/index.html?303111aaa\",\n            \"https://162.14.69.113/\"\n        ];\n        const randomUrl = urls[Math.floor(Math.random() * urls.length)];\n\n        document.write(`<meta http-equiv=\"refresh\" content=\"9;url=${randomUrl}\">`);\n        window.onload = function () {\n            document.getElementById('myiframe').src = randomUrl;\n        };\n    </script>\n    <style>\n        body, html {\n            margin: 0;\n            padding: 0;\n            height: 100%;\n            overflow: hidden;\n        }\n\n        iframe {\n            width: 100%;\n            height: 100vh;\n            border: none;\n        }\n    </style>\n</head>\n<body>\n<iframe id=\"myiframe\" scrolling=\"no\"></iframe>\n</body>\n</html>\n",
         "datamd5" : "a1a952682e73758a5ad3c1462ccfc9e8",
         "datammh3" : -1968554267,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "forward" : "43.251.236.25",
         "geolocus" : {
            "asn" : "AS132883",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "cnaaa.com",
               "cnnic.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "cnaaa",
            "organization" : "Jiangsu Sanai network science and technology co ,LTD",
            "subnet" : "43.251.236.0/22"
         },
         "hostname" : [
            "43.251.236.25"
         ],
         "ip" : "43.251.236.25",
         "ipv6" : "false",
         "latitude" : "34.7732",
         "location" : "34.7732,113.7220",
         "longitude" : "113.7220",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "TOPWAY GLOBAL LIMITED",
         "port" : 5683,
         "product" : "Nginx",
         "productvendor" : "F5",
         "productversion" : "1.17.6",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-07",
         "source" : "urlscan::redirect",
         "status" : 200,
         "subnet" : "43.251.236.0/22",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/$%7BrandomUrl%7D"
      }
      
  • 137.175.45.134:5683 (tcp/http) - last seen on 2024-11-07 at 05:34:44 UTC

    • IP
      137.175.45.134
      Network
      137.175.0.0/17
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://137.175.45.134:5683/ 302

      HTTP Title
      302 Found
      ASN
      AS54600
      Organization
      PEG-SV
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      fec523b9aa4f35bf1e9de0046045ced3
      HTTP Header MD5
      d7becab03a8905d978f0985d2d16182f
      HTTP Body MD5
      29b5f7615598c74df0019844c163d80c
    • HTTP/1.1 302 Moved Temporarily
      Server: nginx
      Date: Thu, 07 Nov 2024 05:34:44 GMT
      Content-Type: text/html
      Content-Length: 138
      Connection: close
      Location: https://<ip>/
      Strict-Transport-Security: max-age=31536000
      
      <html>
      <head><title>302 Found</title></head>
      <body>
      <center><h1>302 Found</h1></center>
      <hr><center>nginx</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T05:34:44.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "29b5f7615598c74df0019844c163d80c",
               "bodymmh3" : -23674247,
               "headermd5" : "d7becab03a8905d978f0985d2d16182f",
               "headermmh3" : 1120248477,
               "title" : "302 Found"
            },
            "length" : 359
         },
         "asn" : "AS54600",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:34:44 GMT\r\nContent-Type: text/html\r\nContent-Length: 138\r\nConnection: close\r\nLocation: https://<ip>/\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "fec523b9aa4f35bf1e9de0046045ced3",
         "datammh3" : 576449098,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS54600",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "petaexpress.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "199-180-100-0-1",
            "organization" : "PEG TECH INC",
            "subnet" : "137.175.32.0/20"
         },
         "ip" : "137.175.45.134",
         "ipv6" : "false",
         "latitude" : "37.7510",
         "location" : "37.7510,-97.8220",
         "longitude" : "-97.8220",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "PEG-SV",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 5683,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Moved Temporarily",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 302,
         "subnet" : "137.175.0.0/17",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 13.38.19.199:5683 (tcp/http) - last seen on 2024-11-07 at 05:34:16 UTC

    • IP
      13.38.19.199
      Network
      13.36.0.0/14
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://13.38.19.199:5683/ 200

      HTTP Title
      PaperCut Login
      HTTP Description
      PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system.
      HTTP Keyword(s)
      print accounting print control print management print quota software
      Reverse DNS
      ec2-13-38-19-199.eu-west-3.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      HTTP Component(s)
      jQuery jQuery 3.5.1 Oracle Java
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      6602a320a278b26f544c1f7e9b11bbae
      HTTP Header MD5
      fa25c4eea42a342854fe45cdc0273a72
      HTTP Body MD5
      8c5529452ed2e5ae1d4f29e7345687a7
    • HTTP/1.1 200 OK
      Connection: close
      Date: Thu, 07 Nov 2024 05:34:13 GMT
      Server: nginx
      Content-Type: text/html
      X-Frame-Options: SAMEORIGIN
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1
      Expires: Thu, 01 Jan 1970 00:00:00 UTC
      Cache-Control: no-cache
      Set-Cookie: JSESSIONID=node0sy1sg20fsequ9cu3ezl5v8aiiu2wqboi1fiyxhxr.node0; Path=/; Secure; HttpOnly
      Content-Length: 13222
      
      <!DOCTYPE HTML>
      <!-- Application: app-server -->
      <!-- Page: Home -->
      <!-- Generated: Mon Nov 20 12:34:06 EST 2023 -->
      <html lang="en">
      <head>
      <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/>
      <title>PaperCut Login</title>
      <link rel="shortcut icon" href="/images/icons3/favicon.ico" type="image/vnd.microsoft.icon"/>
      <meta http-equiv="X-UA-Compatible" content="IE=Edge"/>
      <meta name="description" content="PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system."/>
      <meta name="keywords" content="print quota, print control, print management, print accounting, software"/>
      <meta name="viewport" content="width=device-width, initial-scale=0.8"/>
      <link rel="stylesheet" type="text/css" href="/css/style.css?66961papercut-mf" />
      <link rel="stylesheet" type="text/css" href="/css/style-override.css?66961papercut-mf" />
      <link rel="stylesheet" type="text/css" href="/css/refresh.css?66961papercut-mf" />
      <!--[if IE 9]><link rel="stylesheet" type="text/css" href="/css/style-ie9.css?66961papercut-mf" />
      <![endif]-->
      <!--[if IE 8]><link rel="stylesheet" type="text/css" href="/css/style-ie8.css?66961papercut-mf" />
      <![endif]-->
      <!--[if IE 7]><link rel="stylesheet" type="text/css" href="/css/style-ie7.css?66961papercut-mf" />
      <![endif]-->
      <!--[if IE 6]><link rel="stylesheet" type="text/css" href="/css/style-ie6.css?66961papercut-mf" />
      <![endif]-->
      <script type="text/javascript">var CacheParam = "66961papercut-mf";</script>
      <script type="text/javascript" src="/js/jquery/jquery-3.5.1.min.js?66961papercut-mf"></script>
      <script type="text/javascript" src="/js/jquery/jquery-migrate-3.3.1.min.js?66961papercut-mf"></script>
      <script type="text/javascript" src="/js/jquery/config.js?66961papercut-mf"></script>
      <script type="text/javascript" src="/js/lib/underscore/underscore-min.js?66961papercut-mf"></script>
      <script type="text/javascript" src="/js/common.js?66961papercut-mf"></script>
      <script type="text/javascript" src="/js/lib/require.js?66961papercut-mf"></script>
      <script type="text/javascript" src="/js/pages/configure.js?66961papercut-mf"></script>
      <script type="text/javascript" src="/js/refresh.js?66961papercut-mf"></script>
      </head>
      
      <body id="loginBody">
      <script language="JavaScript" type="text/javascript"><!--
      
      window.onload = function ()
      {
      document.Form0.inputUsername.focus();
      document.Form0.inputUsername.select();
      }
      
      // --></script> <div class="wrap">
          <script type="text/javascript">
          insertScript('/js/pages/Home.js');
          insertScript('/js/pages/LoginPages.js');
          </script>
            <svg viewBox="0 0 280.7 198.5" class="pc-shards">
      <polygon points="96.3,136.3 140.4,198.5 162.4,198.5 183.9,130.1 134.9,95.4 "/>
      <polygon points="45,63.6 74.9,53 0,0 "/>
      <polygon points="134.9,95.4 96.3,136.3 45,63.6 74.9,53 "/>
      <polygon points="74.9,53 224.8,0 134.9,95.4 "/>
      <polygon points="224.8,0 183.9,130.1 134.9,95.4 "/>
      <polygon points="224.8,0 224.8,0 224.8,159 183.9,130.1 "/>
      <polygon points="162.4,198.5 224.8,198.5 224.8,159 183.9,130.1 "/>
      <polygon points="37.7,198.5 140.4,198.5 96.3,136.3 "/>
      <polygon points="0,79.5 0,198.5 37.7,198.5 96.3,136.3 45,63.6 "/>
      <polygon points="0,79.5 45,63.6 0,0 "/>
      <polygon points="0,79.5 0,79.5 0,79.5 "/>
      <polygon points="262.3,198.5 280.7,198.5 265.7,187.9 "/>
      <polygon points="224.8,198.5 262.3,198.5 265.7,187.9 224.8,159 "/>
      </svg>
      <form method="post" name="Form0" action="/app" onsubmit="recordLocale()" autocomplete="off">
      <input type="hidden" name="service" value="direct/1/Home/$Form"/>
      <input type="hidden" name="sp" value="S0"/>
      <input type="hidden" name="Form0" value="$Hidden$0,$Hidden$1,inputUsername,inputPassword,$Submit$0,$PropertySelection"/>
      <input type="hidden" name="$Hidden$0" id="javascript-enabled" value="F"/>
      <input type="hidden" name="$Hidden$1" value="X"/>
       <div class="login" role="main">
            <div class="box">
              <table class="box-table" title="Login" role="presentation">
                <tr role="row">
                  <th class="box-nw" aria-label="No value" role="columnheader" scope="col"></th>
                  <th class="box-n" aria-label="No value" role="columnheader" scope="col"></th>
                  <th class="box-ne" aria-label="No value" role="columnheader" scope="col"></th>
                </tr>
                <tr role="row">
                  <td class="box-w"></td>
                  <td class="box-content">
      
                    <div id="login">
       <h1><img alt="PaperCut Logo" src="/custom/login-logo.png?1667504163324" class="logo"></img></h1>
      
       <h1 id="papercut-user-login-title">Log in</h1>
       <table style="margin-bottom:5px;" title="Username and Password" role="presentation">
                              <tbody>
                                <tr role="row">
                                  <th role="rowheader"><label for="inputUsername">Username</label></th>
                                  <td><input type="text" name="inputUsername" autocorrect="off" maxlength="50" aria-describedby="login-feedback-message" style="width: 150px;" id="inputUsername" autocapitalize="off" class="field"/></td>
                                </tr>
                                <tr role="row">
                                  <th role="rowheader"><label for="inputPassword">Password</label></th>
                                  <td><input type="password" name="inputPassword" style="width: 150px;" id="inputPassword" class="field" aria-describedby="login-feedback-message"/></td>
                                </tr>
                              </tbody>
                            </table>
      
      
                          <div id="login-feedback-message">
      
      
      
       </div>
      <input type="submit" name="$Submit$0" value="Log in" class="loginSubmit" aria-describedby="login-feedback-message"/>
      
      
      
      <a href="/app?service=direct/1/Home/oAuth2LoginSuccess" style="display:none" class="btn secondary google">Sign in with Google</a>
      <a href="/app?service=direct/1/Home/oAuth2LoginCancel" style="display:none" class="btn secondary microsoft">Sign in with Microsoft</a>
       <a style="display:block; margin-top: 10px;" id="forgot-link" href="/app?service=external/ForgotLoginDetails">
      Forgot username or password?</a>
      
       </div>
      
      
                  </td>
                  <td class="box-e"></td>
                </tr>
                <tr role="row">
                  <td class="box-sw"></td>
                  <td class="box-s"></td>
                  <td class="box-se"></td>
                </tr>
              </table>
            </div>
       <div class="language-box">
                <p id="language-select-text">Language Select</p>
                <svg width="24" height="24" viewBox="50 1777 24 24" class="global" alt="Globe Language Icon">
                      <path fill="gray" d="M62,1777c-6.627,0-12,5.373-12,12s5.373,12,12,12s12-5.373,12-12S68.627,1777,62,1777z M58.129,1780.116
              c-0.665,0.732-1.359,1.699-1.925,2.94h-1.833C55.355,1781.79,56.643,1780.771,58.129,1780.116z M53.217,1784.957h2.304
              c-0.251,0.918-0.417,1.954-0.481,3.1h-2.664C52.48,1786.959,52.775,1785.918,53.217,1784.957z M53.236,1793.057
              c-0.447-0.96-0.749-2.001-0.859-3.1h2.662c0.064,1.146,0.23,2.182,0.481,3.1H53.236z M54.401,1794.957h1.803
              c0.549,1.204,1.218,2.146,1.865,2.87C56.624,1797.179,55.369,1796.188,54.401,1794.957z M61.05,1798.054
              c-0.541-0.34-1.814-1.283-2.828-3.097h2.828V1798.054z M61.05,1793.057h-3.645c-0.288-0.893-0.493-1.921-0.566-3.1h4.211V1793.057z
               M61.05,1788.057h-4.211c0.073-1.179,0.278-2.207,0.566-3.1h3.645V1788.057z M61.05,1783.057h-2.828
              c1.014-1.813,2.287-2.757,2.828-3.097V1783.057z M70.823,1784.957c0.441,0.961,0.736,2.002,0.842,3.1h-2.704
              c-0.064-1.146-0.23-2.182-0.481-3.1H70.823z M69.669,1783.057h-1.873c-0.574-1.259-1.279-2.237-1.953-2.974
              C67.358,1780.736,68.669,1781.77,69.669,1783.057z M62.95,1779.96c0.541,0.34,1.814,1.283,2.828,3.097H62.95V1779.96z
               M62.95,1784.957h3.645c0.288,0.893,0.493,1.921,0.566,3.1H62.95V1784.957z M62.95,1789.957h4.211
              c-0.073,1.179-0.278,2.207-0.566,3.1H62.95V1789.957z M62.95,1798.055v-3.098h2.828
              C64.764,1796.772,63.488,1797.716,62.95,1798.055z M65.902,1797.86c0.656-0.729,1.337-1.682,1.894-2.903h1.843
              C68.656,1796.208,67.376,1797.213,65.902,1797.86z M70.804,1793.057h-2.324c0.251-0.918,0.417-1.954,0.481-3.1h2.702
              C71.553,1791.056,71.251,1792.097,70.804,1793.057z"/>
                </svg>
      <select name="$PropertySelection" alt="Select language" role="listbox" id="language" aria-label="Select language">
      <option value="en" selected="selected">English</option>
      <option value="ca">catal&#224;</option>
      <option value="zh_CN">&#20013;&#25991; (&#20013;&#22269;)</option>
      <option value="zh_HK">&#20013;&#25991; (&#39321;&#28207;)</option>
      <option value="zh_TW">&#20013;&#25991; (&#21488;&#28771;)</option>
      <option value="hr">hrvatski</option>
      <option value="cs">&#269;e&#353;tina</option>
      <option value="da">Dansk</option>
      <option value="nl">Nederlands</option>
      <option value="fi">suomi</option>
      <option value="fr">fran&#231;ais</option>
      <option value="de">Deutsch</option>
      <option value="iw">&#1506;&#1489;&#1512;&#1497;&#1514;</option>
      <option value="hu">magyar</option>
      <option value="it">italiano</option>
      <option value="ja">&#26085;&#26412;&#35486;</option>
      <option value="ko">&#54620;&#44397;&#50612;</option>
      <option value="lv">Latvie&#353;u</option>
      <option value="lt">Lietuvi&#371;</option>
      <option value="no">norsk</option>
      <option value="pl">polski</option>
      <option value="pt">portugu&#234;s (Brasil)</option>
      <option value="pt_PT">portugu&#234;s (Portugal)</option>
      <option value="ru">&#1088;&#1091;&#1089;&#1089;&#1082;&#1080;&#1081;</option>
      <option value="sr">&#1057;&#1088;&#1087;&#1089;&#1082;&#1080;</option>
      <option value="sk">Sloven&#269;ina</option>
      <option value="sl">Sloven&#353;&#269;ina</option>
      <option value="es">espa&#241;ol</option>
      <option value="es_ES">espa&#241;ol (Espa&#241;a)</option>
      <option value="sv">svenska</option>
      <option value="th_TH">&#3652;&#3607;&#3618; (&#3611;&#3619;&#3632;&#3648;&#3607;&#3624;&#3652;&#3607;&#3618;)</option>
      <option value="tr">T&#252;rk&#231;e</option>
      <option value="cy_GB">Welsh (United Kingdom)</option>
      </select> </div>
       <script>
                  let languageOptions = document.getElementById("language").children;
                  for (let languageOption of languageOptions)
                  {
                      let lang = languageOption.getAttribute("value");
                      if (lang.includes("_")) lang = lang.substr(0, lang.indexOf("_")); // to remove region if specified
                      languageOption.setAttribute("lang", lang);
                  }
              </script>
      <span data-background-uri="/images/login-bg.jpg?66961papercut-mf" data-background-selection="COLOR" data-background-color="#FFFFFF" id="loginCustomization" data-button-color="#01B256" data-forgot-link-text=""></span> <!-- The license has expired!  -->
       </div>
      </form>
      
       <div id="footer" style="position:absolute; bottom: 0px; left: 0px; right: 0px; width: 100%;">
       <div class="product-details">
          <div class="logo"><img src="/images/footer-logo2.png?66961papercut-mf" border="0"/></div>
      
          <div class="text">
      <span class="product"><a href="https://www.papercut.com/products/mf/?clicked=app-footer">PaperCut MF</a></span>
      
       <div>
      Print Management Software</div>
       <!-- analytic purpose -->
      <span class="analytic-license-expiry-date" style="display:none"></span>
      <span class="analytic-product-build-number" style="display:none">66961</span>
      <span class="analytic-product-version" style="display:none">22.1.3</span>
      <span class="analytic-product" style="display:none">PaperCut MF</span>
      <span class="analytic-product-edition" style="display:none">MF</span> <div class="copyright">
              &copy; Copyright 1999-2023. PaperCut Software Pty Ltd. All rights reserved. </div>
          </div>
        </div>
       </div>
       </div>
        <script language="JavaScript" type="text/javascript">
        var oldonload = window.onload;
        if (typeof window.onload != 'function') {
          window.onload = applyLoginCustomization;
        } else {
          window.onload = function () {
            if (oldonload) {
              oldonload();
            }
              applyLoginCustomization();
          }
        }
      
        /*
         Apply login customization
         */
        function applyLoginCustomization() {
            var loginCustomization = $("#loginCustomization");
            if (loginCustomization.attr("data-background-selection") == 'IMAGE') {
                loadBackground(loginCustomization.attr("data-background-uri"));
            } else {
                $('#loginBody').find('.wrap').css('background-color', loginCustomization.attr("data-background-color"))
                        .css('background-image', 'none');
            }
            if (loginCustomization.attr("data-button-color") != "") {
                $('#loginBody input[type="submit"].loginSubmit').removeClass('loginSubmit')
                        .css('background-color', loginCustomization.attr("data-button-color"))
                        .css('border-color', loginCustomization.attr("data-button-color"));
            }
            if (loginCustomization.attr("data-forgot-link-text") != "") {
                $('a#forgot-link').text(loginCustomization.attr("data-forgot-link-text"));
            }
        }
      
        function recordLocale() {
            var languageElement = document.getElementById("language");
            if (languageElement) {
                document.cookie = "ui.locale=" + languageElement.value;
            }
        }
        </script>
      </body>
      </html>
      <!-- Render time: ~ 20 ms -->
      
      
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T05:34:16.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "papercut.com"
               ],
               "hostname" : [
                  "www.papercut.com"
               ],
               "url" : [
                  "https://www.papercut.com/products/mf/?clicked=app-footer"
               ]
            },
            "http" : {
               "bodymd5" : "8c5529452ed2e5ae1d4f29e7345687a7",
               "bodymmh3" : -856371065,
               "component" : [
                  {
                     "product" : "Java",
                     "productvendor" : "Oracle"
                  },
                  {
                     "product" : "jQuery",
                     "productversion" : "3.5.1",
                     "productvendor" : "jQuery"
                  }
               ],
               "description" : "PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system.",
               "headermd5" : "fa25c4eea42a342854fe45cdc0273a72",
               "headermmh3" : -76101090,
               "keywords" : [
                  "print accounting",
                  "print control",
                  "print management",
                  "print quota",
                  "software"
               ],
               "title" : "PaperCut Login"
            },
            "length" : 13610
         },
         "asn" : "AS16509",
         "city" : "Paris",
         "country" : "FR",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:34:13 GMT\r\nServer: nginx\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1\r\nExpires: Thu, 01 Jan 1970 00:00:00 UTC\r\nCache-Control: no-cache\r\nSet-Cookie: JSESSIONID=node0sy1sg20fsequ9cu3ezl5v8aiiu2wqboi1fiyxhxr.node0; Path=/; Secure; HttpOnly\r\nContent-Length: 13222\r\n\r\n<!DOCTYPE HTML>\n<!-- Application: app-server -->\n<!-- Page: Home -->\n<!-- Generated: Mon Nov 20 12:34:06 EST 2023 -->\n<html lang=\"en\">\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html;charset=UTF-8\"/>\n<title>PaperCut Login</title>\n<link rel=\"shortcut icon\" href=\"/images/icons3/favicon.ico\" type=\"image/vnd.microsoft.icon\"/>\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge\"/>\n<meta name=\"description\" content=\"PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system.\"/>\n<meta name=\"keywords\" content=\"print quota, print control, print management, print accounting, software\"/>\n<meta name=\"viewport\" content=\"width=device-width, initial-scale=0.8\"/>\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style.css?66961papercut-mf\" />\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-override.css?66961papercut-mf\" />\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/css/refresh.css?66961papercut-mf\" />\n<!--[if IE 9]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie9.css?66961papercut-mf\" />\n<![endif]-->\n<!--[if IE 8]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie8.css?66961papercut-mf\" />\n<![endif]-->\n<!--[if IE 7]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie7.css?66961papercut-mf\" />\n<![endif]-->\n<!--[if IE 6]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie6.css?66961papercut-mf\" />\n<![endif]-->\n<script type=\"text/javascript\">var CacheParam = \"66961papercut-mf\";</script>\n<script type=\"text/javascript\" src=\"/js/jquery/jquery-3.5.1.min.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/jquery/jquery-migrate-3.3.1.min.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/jquery/config.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/lib/underscore/underscore-min.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/common.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/lib/require.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/pages/configure.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/refresh.js?66961papercut-mf\"></script>\n</head>\n\n<body id=\"loginBody\">\n<script language=\"JavaScript\" type=\"text/javascript\"><!--\n\nwindow.onload = function ()\n{\ndocument.Form0.inputUsername.focus();\ndocument.Form0.inputUsername.select();\n}\n\n// --></script> <div class=\"wrap\">\n    <script type=\"text/javascript\">\n    insertScript('/js/pages/Home.js');\n    insertScript('/js/pages/LoginPages.js');\n    </script>\n      <svg viewBox=\"0 0 280.7 198.5\" class=\"pc-shards\">\n<polygon points=\"96.3,136.3 140.4,198.5 162.4,198.5 183.9,130.1 134.9,95.4 \"/>\n<polygon points=\"45,63.6 74.9,53 0,0 \"/>\n<polygon points=\"134.9,95.4 96.3,136.3 45,63.6 74.9,53 \"/>\n<polygon points=\"74.9,53 224.8,0 134.9,95.4 \"/>\n<polygon points=\"224.8,0 183.9,130.1 134.9,95.4 \"/>\n<polygon points=\"224.8,0 224.8,0 224.8,159 183.9,130.1 \"/>\n<polygon points=\"162.4,198.5 224.8,198.5 224.8,159 183.9,130.1 \"/>\n<polygon points=\"37.7,198.5 140.4,198.5 96.3,136.3 \"/>\n<polygon points=\"0,79.5 0,198.5 37.7,198.5 96.3,136.3 45,63.6 \"/>\n<polygon points=\"0,79.5 45,63.6 0,0 \"/>\n<polygon points=\"0,79.5 0,79.5 0,79.5 \"/>\n<polygon points=\"262.3,198.5 280.7,198.5 265.7,187.9 \"/>\n<polygon points=\"224.8,198.5 262.3,198.5 265.7,187.9 224.8,159 \"/>\n</svg>\n<form method=\"post\" name=\"Form0\" action=\"/app\" onsubmit=\"recordLocale()\" autocomplete=\"off\">\n<input type=\"hidden\" name=\"service\" value=\"direct/1/Home/$Form\"/>\n<input type=\"hidden\" name=\"sp\" value=\"S0\"/>\n<input type=\"hidden\" name=\"Form0\" value=\"$Hidden$0,$Hidden$1,inputUsername,inputPassword,$Submit$0,$PropertySelection\"/>\n<input type=\"hidden\" name=\"$Hidden$0\" id=\"javascript-enabled\" value=\"F\"/>\n<input type=\"hidden\" name=\"$Hidden$1\" value=\"X\"/>\n <div class=\"login\" role=\"main\">\n      <div class=\"box\">\n        <table class=\"box-table\" title=\"Login\" role=\"presentation\">\n          <tr role=\"row\">\n            <th class=\"box-nw\" aria-label=\"No value\" role=\"columnheader\" scope=\"col\"></th>\n            <th class=\"box-n\" aria-label=\"No value\" role=\"columnheader\" scope=\"col\"></th>\n            <th class=\"box-ne\" aria-label=\"No value\" role=\"columnheader\" scope=\"col\"></th>\n          </tr>\n          <tr role=\"row\">\n            <td class=\"box-w\"></td>\n            <td class=\"box-content\">\n\n              <div id=\"login\">\n <h1><img alt=\"PaperCut Logo\" src=\"/custom/login-logo.png?1667504163324\" class=\"logo\"></img></h1>\n\n <h1 id=\"papercut-user-login-title\">Log in</h1>\n <table style=\"margin-bottom:5px;\" title=\"Username and Password\" role=\"presentation\">\n                        <tbody>\n                          <tr role=\"row\">\n                            <th role=\"rowheader\"><label for=\"inputUsername\">Username</label></th>\n                            <td><input type=\"text\" name=\"inputUsername\" autocorrect=\"off\" maxlength=\"50\" aria-describedby=\"login-feedback-message\" style=\"width: 150px;\" id=\"inputUsername\" autocapitalize=\"off\" class=\"field\"/></td>\n                          </tr>\n                          <tr role=\"row\">\n                            <th role=\"rowheader\"><label for=\"inputPassword\">Password</label></th>\n                            <td><input type=\"password\" name=\"inputPassword\" style=\"width: 150px;\" id=\"inputPassword\" class=\"field\" aria-describedby=\"login-feedback-message\"/></td>\n                          </tr>\n                        </tbody>\n                      </table>\n\n\n                    <div id=\"login-feedback-message\">\n\n\n\n </div>\n<input type=\"submit\" name=\"$Submit$0\" value=\"Log in\" class=\"loginSubmit\" aria-describedby=\"login-feedback-message\"/>\n\n\n\n<a href=\"/app?service=direct/1/Home/oAuth2LoginSuccess\" style=\"display:none\" class=\"btn secondary google\">Sign in with Google</a>\n<a href=\"/app?service=direct/1/Home/oAuth2LoginCancel\" style=\"display:none\" class=\"btn secondary microsoft\">Sign in with Microsoft</a>\n <a style=\"display:block; margin-top: 10px;\" id=\"forgot-link\" href=\"/app?service=external/ForgotLoginDetails\">\nForgot username or password?</a>\n\n </div>\n\n\n            </td>\n            <td class=\"box-e\"></td>\n          </tr>\n          <tr role=\"row\">\n            <td class=\"box-sw\"></td>\n            <td class=\"box-s\"></td>\n            <td class=\"box-se\"></td>\n          </tr>\n        </table>\n      </div>\n <div class=\"language-box\">\n          <p id=\"language-select-text\">Language Select</p>\n          <svg width=\"24\" height=\"24\" viewBox=\"50 1777 24 24\" class=\"global\" alt=\"Globe Language Icon\">\n                <path fill=\"gray\" d=\"M62,1777c-6.627,0-12,5.373-12,12s5.373,12,12,12s12-5.373,12-12S68.627,1777,62,1777z M58.129,1780.116\n        c-0.665,0.732-1.359,1.699-1.925,2.94h-1.833C55.355,1781.79,56.643,1780.771,58.129,1780.116z M53.217,1784.957h2.304\n        c-0.251,0.918-0.417,1.954-0.481,3.1h-2.664C52.48,1786.959,52.775,1785.918,53.217,1784.957z M53.236,1793.057\n        c-0.447-0.96-0.749-2.001-0.859-3.1h2.662c0.064,1.146,0.23,2.182,0.481,3.1H53.236z M54.401,1794.957h1.803\n        c0.549,1.204,1.218,2.146,1.865,2.87C56.624,1797.179,55.369,1796.188,54.401,1794.957z M61.05,1798.054\n        c-0.541-0.34-1.814-1.283-2.828-3.097h2.828V1798.054z M61.05,1793.057h-3.645c-0.288-0.893-0.493-1.921-0.566-3.1h4.211V1793.057z\n         M61.05,1788.057h-4.211c0.073-1.179,0.278-2.207,0.566-3.1h3.645V1788.057z M61.05,1783.057h-2.828\n        c1.014-1.813,2.287-2.757,2.828-3.097V1783.057z M70.823,1784.957c0.441,0.961,0.736,2.002,0.842,3.1h-2.704\n        c-0.064-1.146-0.23-2.182-0.481-3.1H70.823z M69.669,1783.057h-1.873c-0.574-1.259-1.279-2.237-1.953-2.974\n        C67.358,1780.736,68.669,1781.77,69.669,1783.057z M62.95,1779.96c0.541,0.34,1.814,1.283,2.828,3.097H62.95V1779.96z\n         M62.95,1784.957h3.645c0.288,0.893,0.493,1.921,0.566,3.1H62.95V1784.957z M62.95,1789.957h4.211\n        c-0.073,1.179-0.278,2.207-0.566,3.1H62.95V1789.957z M62.95,1798.055v-3.098h2.828\n        C64.764,1796.772,63.488,1797.716,62.95,1798.055z M65.902,1797.86c0.656-0.729,1.337-1.682,1.894-2.903h1.843\n        C68.656,1796.208,67.376,1797.213,65.902,1797.86z M70.804,1793.057h-2.324c0.251-0.918,0.417-1.954,0.481-3.1h2.702\n        C71.553,1791.056,71.251,1792.097,70.804,1793.057z\"/>\n          </svg>\n<select name=\"$PropertySelection\" alt=\"Select language\" role=\"listbox\" id=\"language\" aria-label=\"Select language\">\n<option value=\"en\" selected=\"selected\">English</option>\n<option value=\"ca\">catal&#224;</option>\n<option value=\"zh_CN\">&#20013;&#25991; (&#20013;&#22269;)</option>\n<option value=\"zh_HK\">&#20013;&#25991; (&#39321;&#28207;)</option>\n<option value=\"zh_TW\">&#20013;&#25991; (&#21488;&#28771;)</option>\n<option value=\"hr\">hrvatski</option>\n<option value=\"cs\">&#269;e&#353;tina</option>\n<option value=\"da\">Dansk</option>\n<option value=\"nl\">Nederlands</option>\n<option value=\"fi\">suomi</option>\n<option value=\"fr\">fran&#231;ais</option>\n<option value=\"de\">Deutsch</option>\n<option value=\"iw\">&#1506;&#1489;&#1512;&#1497;&#1514;</option>\n<option value=\"hu\">magyar</option>\n<option value=\"it\">italiano</option>\n<option value=\"ja\">&#26085;&#26412;&#35486;</option>\n<option value=\"ko\">&#54620;&#44397;&#50612;</option>\n<option value=\"lv\">Latvie&#353;u</option>\n<option value=\"lt\">Lietuvi&#371;</option>\n<option value=\"no\">norsk</option>\n<option value=\"pl\">polski</option>\n<option value=\"pt\">portugu&#234;s (Brasil)</option>\n<option value=\"pt_PT\">portugu&#234;s (Portugal)</option>\n<option value=\"ru\">&#1088;&#1091;&#1089;&#1089;&#1082;&#1080;&#1081;</option>\n<option value=\"sr\">&#1057;&#1088;&#1087;&#1089;&#1082;&#1080;</option>\n<option value=\"sk\">Sloven&#269;ina</option>\n<option value=\"sl\">Sloven&#353;&#269;ina</option>\n<option value=\"es\">espa&#241;ol</option>\n<option value=\"es_ES\">espa&#241;ol (Espa&#241;a)</option>\n<option value=\"sv\">svenska</option>\n<option value=\"th_TH\">&#3652;&#3607;&#3618; (&#3611;&#3619;&#3632;&#3648;&#3607;&#3624;&#3652;&#3607;&#3618;)</option>\n<option value=\"tr\">T&#252;rk&#231;e</option>\n<option value=\"cy_GB\">Welsh (United Kingdom)</option>\n</select> </div>\n <script>\n            let languageOptions = document.getElementById(\"language\").children;\n            for (let languageOption of languageOptions)\n            {\n                let lang = languageOption.getAttribute(\"value\");\n                if (lang.includes(\"_\")) lang = lang.substr(0, lang.indexOf(\"_\")); // to remove region if specified\n                languageOption.setAttribute(\"lang\", lang);\n            }\n        </script>\n<span data-background-uri=\"/images/login-bg.jpg?66961papercut-mf\" data-background-selection=\"COLOR\" data-background-color=\"#FFFFFF\" id=\"loginCustomization\" data-button-color=\"#01B256\" data-forgot-link-text=\"\"></span> <!-- The license has expired!  -->\n </div>\n</form>\n\n <div id=\"footer\" style=\"position:absolute; bottom: 0px; left: 0px; right: 0px; width: 100%;\">\n <div class=\"product-details\">\n    <div class=\"logo\"><img src=\"/images/footer-logo2.png?66961papercut-mf\" border=\"0\"/></div>\n\n    <div class=\"text\">\n<span class=\"product\"><a href=\"https://www.papercut.com/products/mf/?clicked=app-footer\">PaperCut MF</a></span>\n\n <div>\nPrint Management Software</div>\n <!-- analytic purpose -->\n<span class=\"analytic-license-expiry-date\" style=\"display:none\"></span>\n<span class=\"analytic-product-build-number\" style=\"display:none\">66961</span>\n<span class=\"analytic-product-version\" style=\"display:none\">22.1.3</span>\n<span class=\"analytic-product\" style=\"display:none\">PaperCut MF</span>\n<span class=\"analytic-product-edition\" style=\"display:none\">MF</span> <div class=\"copyright\">\n        &copy; Copyright 1999-2023. PaperCut Software Pty Ltd. All rights reserved. </div>\n    </div>\n  </div>\n </div>\n </div>\n  <script language=\"JavaScript\" type=\"text/javascript\">\n  var oldonload = window.onload;\n  if (typeof window.onload != 'function') {\n    window.onload = applyLoginCustomization;\n  } else {\n    window.onload = function () {\n      if (oldonload) {\n        oldonload();\n      }\n        applyLoginCustomization();\n    }\n  }\n\n  /*\n   Apply login customization\n   */\n  function applyLoginCustomization() {\n      var loginCustomization = $(\"#loginCustomization\");\n      if (loginCustomization.attr(\"data-background-selection\") == 'IMAGE') {\n          loadBackground(loginCustomization.attr(\"data-background-uri\"));\n      } else {\n          $('#loginBody').find('.wrap').css('background-color', loginCustomization.attr(\"data-background-color\"))\n                  .css('background-image', 'none');\n      }\n      if (loginCustomization.attr(\"data-button-color\") != \"\") {\n          $('#loginBody input[type=\"submit\"].loginSubmit').removeClass('loginSubmit')\n                  .css('background-color', loginCustomization.attr(\"data-button-color\"))\n                  .css('border-color', loginCustomization.attr(\"data-button-color\"));\n      }\n      if (loginCustomization.attr(\"data-forgot-link-text\") != \"\") {\n          $('a#forgot-link').text(loginCustomization.attr(\"data-forgot-link-text\"));\n      }\n  }\n\n  function recordLocale() {\n      var languageElement = document.getElementById(\"language\");\n      if (languageElement) {\n          document.cookie = \"ui.locale=\" + languageElement.value;\n      }\n  }\n  </script>\n</body>\n</html>\n<!-- Render time: ~ 20 ms -->\n\n\n",
         "datamd5" : "6602a320a278b26f544c1f7e9b11bbae",
         "datammh3" : 1404482669,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "amazonaws.com"
         ],
         "geolocus" : {
            "asn" : "AS16509",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "FR",
            "countryname" : "France",
            "domain" : [
               "amazon.com",
               "amazonaws.com"
            ],
            "isineu" : "true",
            "latitude" : "46.227638",
            "location" : "46.227638,2.213749",
            "longitude" : "2.213749",
            "netname" : "AMAZON-CDG",
            "organization" : "Amazon Data Services France",
            "subnet" : "13.36.0.0/14"
         },
         "host" : [
            "ec2-13-38-19-199"
         ],
         "hostname" : [
            "ec2-13-38-19-199.eu-west-3.compute.amazonaws.com"
         ],
         "ip" : "13.38.19.199",
         "ipv6" : "false",
         "latitude" : "48.8323",
         "location" : "48.8323,2.4075",
         "longitude" : "2.4075",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "AMAZON-02",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 5683,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "reverse" : [
            "ec2-13-38-19-199.eu-west-3.compute.amazonaws.com"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subdomains" : [
            "compute.amazonaws.com",
            "eu-west-3.compute.amazonaws.com"
         ],
         "subnet" : "13.36.0.0/14",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 103.43.18.187:5683 (tcp/http) - last seen on 2024-11-07 at 05:33:53 UTC

    • IP
      103.43.18.187
      Network
      103.43.16.0/22
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://103.43.18.187:5683/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS132883
      Organization
      TOPWAY GLOBAL LIMITED
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      F5 Nginx 1.17.6
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      023c8c5e51d9ce9369af8e1f921f5e3f
      HTTP Header MD5
      f4eaba8998b0e515f84d95c1ad5ea5c7
      HTTP Body MD5
      a2b4897849c71fbcb21dd632d3506361
    • HTTP/1.1 400 Bad Request
      Server: nginx/1.17.6
      Date: Thu, 07 Nov 2024 05:29:42 GMT
      Content-Type: text/html
      Content-Length: 255
      Connection: close
      
      <html>
      <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <center>The plain HTTP request was sent to HTTPS port</center>
      <hr><center>nginx/1.17.6</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T05:33:53.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "a2b4897849c71fbcb21dd632d3506361",
               "bodymmh3" : -2063426561,
               "headermd5" : "f4eaba8998b0e515f84d95c1ad5ea5c7",
               "headermmh3" : -1302771085,
               "title" : "400 The plain HTTP request was sent to HTTPS port"
            },
            "length" : 407
         },
         "asn" : "AS132883",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 05:29:42 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.17.6</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "023c8c5e51d9ce9369af8e1f921f5e3f",
         "datammh3" : 457427036,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS132883",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "cnaaa.com",
               "cnnic.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "cnaaa",
            "organization" : "Jiangsu Sanai network science and technology co ,LTD",
            "subnet" : "103.43.16.0/22"
         },
         "ip" : "103.43.18.187",
         "ipv6" : "false",
         "latitude" : "34.7732",
         "location" : "34.7732,113.7220",
         "longitude" : "113.7220",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "TOPWAY GLOBAL LIMITED",
         "os" : "Windows",
         "osvendor" : "Microsoft",
         "port" : 5683,
         "product" : "Nginx",
         "productvendor" : "F5",
         "productversion" : "1.17.6",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "103.43.16.0/22",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }