IP

85.121.233.158

Network

85.121.232.0/21

Device

<enterprise field>: device.class

URL

http://85.121.233.158:1222/admin/public/index.html 200

HTTP Title

Cisco ASDM 7.20(2)

ASN

AS9009

Organization

M247 Europe SRL

Protocol

http

Source

datascan::redirect::1

Data MD5

69b08b47170a59318a3793cf9ac04b81

HTTP Header MD5

cb5239e48fec2da5ee826590d4ee6398

HTTP Body MD5

159c7727269ddb5af92d973a81551e86

HTTP/1.1 200 OK
Date: Thu, 21 Nov 2024 08:53:06 UTC
Connection: close
Content-Length: 2462
Content-Type: text/html
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 27 Nov 2023 15:08:30 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<!--
 *
 * File: index.html
 *
 * Copyright (c) 2001-2022 by Cisco Systems, Inc.
 * All rights reserved.
 *
 *-->

<head>
  <meta name="generator" content=
  "HTML Tidy for Mac OS X (vers 31 October 2006 - Apple Inc. build 15.6), see www.w3.org" />


  <title>Cisco ASDM 7.20(2)</title>
  <link rel="stylesheet" type="text/css" href="launcherIndex.css"/>
  <script src="deployJava.js" type="text/javascript">
</script>
</head>

<body>
  <center>
    <div class="page">
      <div class="header_logo">
        <img src="asa-pix.gif" alt="" /><span class=
        "header_title">Cisco ASDM 7.20(2)</span><span class=
        "logo"><img src="cisco.gif" alt="Cisco" /></span>
      </div>

      <div class="header_desc">
        Cisco ASDM 7.20(2) provides an intuitive graphical user
        interface that makes it easy to set up, configure and
        manage your Cisco security appliances.
      </div>
      <!-- TODO: should be displayed only if Mac or Windows -->

      <div id="local_install_section" style="display: none;">
        <div class="header_desc">
          Cisco ASDM can run as a local application.
        </div>
        <!-- TODO: should be displayed only if Mac or Windows -->

        <div class="section_header">
          <h1>Run Cisco ASDM as a local application</h1>

          <div class="section_body">
            When you run Cisco ASDM as a local application, it
            connects to your security appliance from your desktop
            using SSL. Running Cisco ASDM as an application has
            these advantages:

            <ul>
              <li>You can invoke ASDM from a desktop shortcut. No
              browser is required.</li>

              <li>One desktop shortcut allows you to connect to
              <i>multiple</i> security appliances.</li>
            </ul><br />

            <center>
              <a class="button" id="launcher_link" href=
              "../dm-launcher.msi" name="launcher_link">Install
              ASDM Launcher</a>
            </center>
          </div>
        </div><br />
      </div>

      <div class="copyright_notice">
        Copyright &copy; 2006-2022 Cisco Systems, Inc. All rights
        reserved.
      </div>
    </div>
  </center>
</body>
<script src="./launcherIndex.js" ></script>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:53:06.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "159c7727269ddb5af92d973a81551e86",
         "bodymmh3" : 1426032802,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Mon, 27 Nov 2023 15:08:30 GMT"
            }
         ],
         "headermd5" : "cb5239e48fec2da5ee826590d4ee6398",
         "headermmh3" : -511388285,
         "title" : "Cisco ASDM 7.20(2)"
      },
      "length" : 2939
   },
   "asn" : "AS9009",
   "city" : "Belgrade",
   "country" : "RS",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 21 Nov 2024 08:53:06 UTC\r\nConnection: close\r\nContent-Length: 2462\r\nContent-Type: text/html\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1\r\nStrict-Transport-Security: max-age=31536000\r\nLast-Modified: Mon, 27 Nov 2023 15:08:30 GMT\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n    \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n<!--\n *\n * File: index.html\n *\n * Copyright (c) 2001-2022 by Cisco Systems, Inc.\n * All rights reserved.\n *\n *-->\n\n<head>\n  <meta name=\"generator\" content=\n  \"HTML Tidy for Mac OS X (vers 31 October 2006 - Apple Inc. build 15.6), see www.w3.org\" />\n\n\n  <title>Cisco ASDM 7.20(2)</title>\n  <link rel=\"stylesheet\" type=\"text/css\" href=\"launcherIndex.css\"/>\n  <script src=\"deployJava.js\" type=\"text/javascript\">\n</script>\n</head>\n\n<body>\n  <center>\n    <div class=\"page\">\n      <div class=\"header_logo\">\n        <img src=\"asa-pix.gif\" alt=\"\" /><span class=\n        \"header_title\">Cisco ASDM 7.20(2)</span><span class=\n        \"logo\"><img src=\"cisco.gif\" alt=\"Cisco\" /></span>\n      </div>\n\n      <div class=\"header_desc\">\n        Cisco ASDM 7.20(2) provides an intuitive graphical user\n        interface that makes it easy to set up, configure and\n        manage your Cisco security appliances.\n      </div>\n      <!-- TODO: should be displayed only if Mac or Windows -->\n\n      <div id=\"local_install_section\" style=\"display: none;\">\n        <div class=\"header_desc\">\n          Cisco ASDM can run as a local application.\n        </div>\n        <!-- TODO: should be displayed only if Mac or Windows -->\n\n        <div class=\"section_header\">\n          <h1>Run Cisco ASDM as a local application</h1>\n\n          <div class=\"section_body\">\n            When you run Cisco ASDM as a local application, it\n            connects to your security appliance from your desktop\n            using SSL. Running Cisco ASDM as an application has\n            these advantages:\n\n            <ul>\n              <li>You can invoke ASDM from a desktop shortcut. No\n              browser is required.</li>\n\n              <li>One desktop shortcut allows you to connect to\n              <i>multiple</i> security appliances.</li>\n            </ul><br />\n\n            <center>\n              <a class=\"button\" id=\"launcher_link\" href=\n              \"../dm-launcher.msi\" name=\"launcher_link\">Install\n              ASDM Launcher</a>\n            </center>\n          </div>\n        </div><br />\n      </div>\n\n      <div class=\"copyright_notice\">\n        Copyright &copy; 2006-2022 Cisco Systems, Inc. All rights\n        reserved.\n      </div>\n    </div>\n  </center>\n</body>\n<script src=\"./launcherIndex.js\" ></script>\n</html>\n",
   "datamd5" : "69b08b47170a59318a3793cf9ac04b81",
   "datammh3" : 1986035076,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "85.121.233.158",
   "hostname" : [
      "85.121.233.158"
   ],
   "ip" : "85.121.233.158",
   "ipv6" : "false",
   "latitude" : "44.8046",
   "location" : "44.8046,20.4637",
   "longitude" : "20.4637",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "M247 Europe SRL",
   "port" : 1222,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::1",
   "status" : 200,
   "subnet" : "85.121.232.0/21",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/admin/public/index.html"
}

IP

201.88.212.172

Network

201.88.0.0/15

Domain(s)

net.br

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://201.88.212.172:1222/ 200

HTTP Title

Home Assistant

Reverse DNS

201-88-212-172.user3p.v-tal.net.br

ASN

AS8167

Organization

V tal

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Data MD5

cf8bf45e70d9f26cb257199a037f695d

HTTP Header MD5

d41ff784e252b14fcd8398d21bab18cd

HTTP Body MD5

a262fab107a79948856ba3b3ea7f015f

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: 
X-Frame-Options: SAMEORIGIN
Content-Length: 4148
Date: Thu, 21 Nov 2024 08:52:38 GMT
Connection: close

<!DOCTYPE html><html><head><title>Home Assistant</title><meta charset="utf-8"><link rel="manifest" href="/manifest.json" crossorigin="use-credentials"><link rel="icon" href="/static/icons/favicon.ico"><link rel="modulepreload" href="/frontend_latest/core.7weG3TqZ_G4.js" crossorigin="use-credentials"><link rel="modulepreload" href="/frontend_latest/app.hoOvmAWTvos.js" crossorigin="use-credentials"><link rel="mask-icon" href="/static/icons/mask-icon.svg" color="#18bcf2"><link rel="apple-touch-icon" href="/static/icons/favicon-apple-180x180.png"><meta name="apple-itunes-app" content="app-id=1099568401"><meta name="apple-mobile-web-app-capable" content="yes"><meta name="apple-mobile-web-app-status-bar-style" content="default"><meta name="apple-mobile-web-app-title" content="Home Assistant"><meta name="msapplication-config" content="/static/icons/browserconfig.xml"><meta name="mobile-web-app-capable" content="yes"><meta name="application-name" content="Home Assistant"><meta name="referrer" content="same-origin"><meta name="theme-color" content="#03A9F4"><meta name="color-scheme" content="dark light"><meta name="viewport" content="width=device-width,user-scalable=no,viewport-fit=cover,initial-scale=1"><style>body{font-family:Roboto,Noto,Noto Sans,sans-serif;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;font-weight:400;margin:0;padding:0;height:100%}</style><style>html{background-color:var(--primary-background-color,#fafafa);color:var(--primary-text-color,#212121);height:100vh}@media (prefers-color-scheme:dark){html{background-color:var(--primary-background-color,#111);color:var(--primary-text-color,#e1e1e1)}}#ha-launch-screen{height:100%;display:flex;flex-direction:column;justify-content:center;align-items:center}#ha-launch-screen svg{width:112px;flex-shrink:0}#ha-launch-screen .ha-launch-screen-spacer{flex:1}</style></head><body><div id="ha-launch-screen"><div class="ha-launch-screen-spacer"></div><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 240 240"><path fill="#18BCF2" d="M240 224.762a15 15 0 0 1-15 15H15a15 15 0 0 1-15-15v-90c0-8.25 4.77-19.769 10.61-25.609l98.78-98.7805c5.83-5.83 15.38-5.83 21.21 0l98.79 98.7895c5.83 5.83 10.61 17.36 10.61 25.61v90-.01Z"/><path fill="#F2F4F9" d="m107.27 239.762-40.63-40.63c-2.09.72-4.32 1.13-6.64 1.13-11.3 0-20.5-9.2-20.5-20.5s9.2-20.5 20.5-20.5 20.5 9.2 20.5 20.5c0 2.33-.41 4.56-1.13 6.65l31.63 31.63v-115.88c-6.8-3.3395-11.5-10.3195-11.5-18.3895 0-11.3 9.2-20.5 20.5-20.5s20.5 9.2 20.5 20.5c0 8.07-4.7 15.05-11.5 18.3895v81.27l31.46-31.46c-.62-1.96-.96-4.04-.96-6.2 0-11.3 9.2-20.5 20.5-20.5s20.5 9.2 20.5 20.5-9.2 20.5-20.5 20.5c-2.5 0-4.88-.47-7.09-1.29L129 208.892v30.88z"/></svg><div id="ha-launch-screen-info-box" class="ha-launch-screen-spacer"></div></div><home-assistant></home-assistant><script>function _ls(e,n){var t=document.createElement("script");return n&&(t.crossOrigin="use-credentials"),t.src=e,document.head.appendChild(t)}window.polymerSkipLoadingFontRoboto=!0,"customElements"in window&&"content"in document.createElement("template")||_ls("/static/polyfills/webcomponents-bundle.js",!0);var isS11_12=/(?:.*(?:iPhone|iPad).*OS (?:11|12)_\d)|(?:.*Version\/(?:11|12)(?:\.\d+)*.*Safari\/)/.test(navigator.userAgent)</script><script>if(-1===navigator.userAgent.indexOf("Android")&&-1===navigator.userAgent.indexOf("CrOS")){function _pf(o,t){var n=document.createElement("link");n.rel="preload",n.as="font",n.type="font/woff2",n.href=o,n.crossOrigin="anonymous",document.head.appendChild(n)}_pf("/static/fonts/roboto/Roboto-Regular.woff2"),_pf("/static/fonts/roboto/Roboto-Medium.woff2")}</script><script crossorigin="use-credentials">isS11_12||(import("/frontend_latest/core.7weG3TqZ_G4.js"),import("/frontend_latest/app.hoOvmAWTvos.js"),window.customPanelJS="/frontend_latest/custom-panel.vu021XGc2bY.js",window.latestJS=!0)</script><script>import("/hacsfiles/iconset.js");</script><script>window.latestJS||(window.customPanelJS="/frontend_es5/custom-panel.WwdeKO22kSA.js",_ls("/frontend_es5/core.kNwngVH_Or0.js",!0),_ls("/frontend_es5/app.pUwB40KH5Zk.js",!0))</script><script>if (!window.latestJS) {}</script></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:52:39.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "file" : [
            "browserconfig.xml",
            "manifest.json"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/2000/svg"
         ]
      },
      "http" : {
         "bodymd5" : "a262fab107a79948856ba3b3ea7f015f",
         "bodymmh3" : -2011092130,
         "headermd5" : "d41ff784e252b14fcd8398d21bab18cd",
         "headermmh3" : 1385074167,
         "title" : "Home Assistant"
      },
      "length" : 4387
   },
   "asn" : "AS8167",
   "city" : "Bras\u00edlia",
   "country" : "BR",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=utf-8\r\nReferrer-Policy: no-referrer\r\nX-Content-Type-Options: nosniff\r\nServer: \r\nX-Frame-Options: SAMEORIGIN\r\nContent-Length: 4148\r\nDate: Thu, 21 Nov 2024 08:52:38 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html><html><head><title>Home Assistant</title><meta charset=\"utf-8\"><link rel=\"manifest\" href=\"/manifest.json\" crossorigin=\"use-credentials\"><link rel=\"icon\" href=\"/static/icons/favicon.ico\"><link rel=\"modulepreload\" href=\"/frontend_latest/core.7weG3TqZ_G4.js\" crossorigin=\"use-credentials\"><link rel=\"modulepreload\" href=\"/frontend_latest/app.hoOvmAWTvos.js\" crossorigin=\"use-credentials\"><link rel=\"mask-icon\" href=\"/static/icons/mask-icon.svg\" color=\"#18bcf2\"><link rel=\"apple-touch-icon\" href=\"/static/icons/favicon-apple-180x180.png\"><meta name=\"apple-itunes-app\" content=\"app-id=1099568401\"><meta name=\"apple-mobile-web-app-capable\" content=\"yes\"><meta name=\"apple-mobile-web-app-status-bar-style\" content=\"default\"><meta name=\"apple-mobile-web-app-title\" content=\"Home Assistant\"><meta name=\"msapplication-config\" content=\"/static/icons/browserconfig.xml\"><meta name=\"mobile-web-app-capable\" content=\"yes\"><meta name=\"application-name\" content=\"Home Assistant\"><meta name=\"referrer\" content=\"same-origin\"><meta name=\"theme-color\" content=\"#03A9F4\"><meta name=\"color-scheme\" content=\"dark light\"><meta name=\"viewport\" content=\"width=device-width,user-scalable=no,viewport-fit=cover,initial-scale=1\"><style>body{font-family:Roboto,Noto,Noto Sans,sans-serif;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;font-weight:400;margin:0;padding:0;height:100%}</style><style>html{background-color:var(--primary-background-color,#fafafa);color:var(--primary-text-color,#212121);height:100vh}@media (prefers-color-scheme:dark){html{background-color:var(--primary-background-color,#111);color:var(--primary-text-color,#e1e1e1)}}#ha-launch-screen{height:100%;display:flex;flex-direction:column;justify-content:center;align-items:center}#ha-launch-screen svg{width:112px;flex-shrink:0}#ha-launch-screen .ha-launch-screen-spacer{flex:1}</style></head><body><div id=\"ha-launch-screen\"><div class=\"ha-launch-screen-spacer\"></div><svg xmlns=\"http://www.w3.org/2000/svg\" viewBox=\"0 0 240 240\"><path fill=\"#18BCF2\" d=\"M240 224.762a15 15 0 0 1-15 15H15a15 15 0 0 1-15-15v-90c0-8.25 4.77-19.769 10.61-25.609l98.78-98.7805c5.83-5.83 15.38-5.83 21.21 0l98.79 98.7895c5.83 5.83 10.61 17.36 10.61 25.61v90-.01Z\"/><path fill=\"#F2F4F9\" d=\"m107.27 239.762-40.63-40.63c-2.09.72-4.32 1.13-6.64 1.13-11.3 0-20.5-9.2-20.5-20.5s9.2-20.5 20.5-20.5 20.5 9.2 20.5 20.5c0 2.33-.41 4.56-1.13 6.65l31.63 31.63v-115.88c-6.8-3.3395-11.5-10.3195-11.5-18.3895 0-11.3 9.2-20.5 20.5-20.5s20.5 9.2 20.5 20.5c0 8.07-4.7 15.05-11.5 18.3895v81.27l31.46-31.46c-.62-1.96-.96-4.04-.96-6.2 0-11.3 9.2-20.5 20.5-20.5s20.5 9.2 20.5 20.5-9.2 20.5-20.5 20.5c-2.5 0-4.88-.47-7.09-1.29L129 208.892v30.88z\"/></svg><div id=\"ha-launch-screen-info-box\" class=\"ha-launch-screen-spacer\"></div></div><home-assistant></home-assistant><script>function _ls(e,n){var t=document.createElement(\"script\");return n&&(t.crossOrigin=\"use-credentials\"),t.src=e,document.head.appendChild(t)}window.polymerSkipLoadingFontRoboto=!0,\"customElements\"in window&&\"content\"in document.createElement(\"template\")||_ls(\"/static/polyfills/webcomponents-bundle.js\",!0);var isS11_12=/(?:.*(?:iPhone|iPad).*OS (?:11|12)_\\d)|(?:.*Version\\/(?:11|12)(?:\\.\\d+)*.*Safari\\/)/.test(navigator.userAgent)</script><script>if(-1===navigator.userAgent.indexOf(\"Android\")&&-1===navigator.userAgent.indexOf(\"CrOS\")){function _pf(o,t){var n=document.createElement(\"link\");n.rel=\"preload\",n.as=\"font\",n.type=\"font/woff2\",n.href=o,n.crossOrigin=\"anonymous\",document.head.appendChild(n)}_pf(\"/static/fonts/roboto/Roboto-Regular.woff2\"),_pf(\"/static/fonts/roboto/Roboto-Medium.woff2\")}</script><script crossorigin=\"use-credentials\">isS11_12||(import(\"/frontend_latest/core.7weG3TqZ_G4.js\"),import(\"/frontend_latest/app.hoOvmAWTvos.js\"),window.customPanelJS=\"/frontend_latest/custom-panel.vu021XGc2bY.js\",window.latestJS=!0)</script><script>import(\"/hacsfiles/iconset.js\");</script><script>window.latestJS||(window.customPanelJS=\"/frontend_es5/custom-panel.WwdeKO22kSA.js\",_ls(\"/frontend_es5/core.kNwngVH_Or0.js\",!0),_ls(\"/frontend_es5/app.pUwB40KH5Zk.js\",!0))</script><script>if (!window.latestJS) {}</script></body></html>",
   "datamd5" : "cf8bf45e70d9f26cb257199a037f695d",
   "datammh3" : 976034175,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "net.br"
   ],
   "geolocus" : {
      "asn" : "AS8167",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "cert.br",
         "net.br",
         "vtal.com"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "02.041.460/0001-93",
      "organization" : "V tal",
      "subnet" : "201.88.0.0/15"
   },
   "host" : [
      "201-88-212-172"
   ],
   "hostname" : [
      "201-88-212-172.user3p.v-tal.net.br"
   ],
   "ip" : "201.88.212.172",
   "ipv6" : "false",
   "latitude" : "-15.7792",
   "location" : "-15.7792,-47.9341",
   "longitude" : "-47.9341",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "V tal",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1222,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "201-88-212-172.user3p.v-tal.net.br"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "user3p.v-tal.net.br",
      "v-tal.net.br"
   ],
   "subnet" : "201.88.0.0/15",
   "tld" : [
      "br"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

54.238.41.159

Network

54.238.0.0/16

Domain(s)

amazonaws.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

Reverse DNS

ec2-54-238-41-159.ap-northeast-1.compute.amazonaws.com

ASN

AS16509

Organization

AMAZON-02

Protocol

telnet

Source

datascan

Operating System

Linux Linux Kernel

Data MD5

a0208af99d532e1084d6ea1e5462089e

\xff\xfb\x01\xff\xfb\x03\xff\xfc'\xff\xfe\x01\xff\xfd\x03\xff\xfe"\xff\xfd'\xff\xfd\x18\xff\xfe\x1fUsername: GET / HTTP/1.1\x0d
Password: \x0d
welcome\x0d
>Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:52:23.000Z",
   "app" : {
      "length" : 92
   },
   "asn" : "AS16509",
   "city" : "Tokyo",
   "country" : "JP",
   "data" : "\\xff\\xfb\\x01\\xff\\xfb\\x03\\xff\\xfc'\\xff\\xfe\\x01\\xff\\xfd\\x03\\xff\\xfe\"\\xff\\xfd'\\xff\\xfd\\x18\\xff\\xfe\\x1fUsername: GET / HTTP/1.1\\x0d\nPassword: \\x0d\nwelcome\\x0d\n>Connection: close",
   "datamd5" : "a0208af99d532e1084d6ea1e5462089e",
   "datammh3" : -1872544805,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "AMAZON-NRT",
      "organization" : "Amazon Data Services Japan",
      "subnet" : "54.238.0.0/16"
   },
   "host" : [
      "ec2-54-238-41-159"
   ],
   "hostname" : [
      "ec2-54-238-41-159.ap-northeast-1.compute.amazonaws.com"
   ],
   "ip" : "54.238.41.159",
   "ipv6" : "false",
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1222,
   "protocol" : "telnet",
   "reverse" : [
      "ec2-54-238-41-159.ap-northeast-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subdomains" : [
      "ap-northeast-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "54.238.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

45.171.148.104

Network

45.171.148.0/22

Domain(s)

copreltelecom.com.br

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://45.171.148.104:1222/ 200

HTTP Title

IIS Windows

Reverse DNS

45-171-148-104.copreltelecom.com.br

ASN

AS52892

Organization

COPREL TELECOM LTDA

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Product

Microsoft IIS 10.0

HTTP Component(s)

Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

Data MD5

141865f76fe4f0942bb0273794932c8a

HTTP Header MD5

c45e463ffd89b34a781c977b38f3ecbc

HTTP Body MD5

1dd82f6fc356bc3cddf7e82615de177c

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 14 Nov 2024 17:38:16 GMT
Accept-Ranges: bytes
ETag: "eca7efdbb36db1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 21 Nov 2024 08:52:32 GMT
Connection: close
Content-Length: 696

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>IIS Windows</title>
<style type="text/css">
<!--
body {
	color:#000000;
	background-color:#0072C6;
	margin:0;
}

#container {
	margin-left:auto;
	margin-right:auto;
	text-align:center;
	}

a img {
	border:none;
}

-->
</style>
</head>
<body>
<div id="container">
<a href="http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409"><img src="iisstart.png" alt="IIS" width="960" height="600" /></a>
</div>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:52:10.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "microsoft.com",
            "w3.org"
         ],
         "hostname" : [
            "go.microsoft.com",
            "www.w3.org"
         ],
         "url" : [
            "http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409",
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "1dd82f6fc356bc3cddf7e82615de177c",
         "bodymmh3" : 1971329886,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Thu, 14 Nov 2024 17:38:16 GMT"
            },
            {
               "name" : "ETag",
               "value" : "eca7efdbb36db1:0"
            }
         ],
         "headermd5" : "c45e463ffd89b34a781c977b38f3ecbc",
         "headermmh3" : 1014700789,
         "title" : "IIS Windows"
      },
      "length" : 962
   },
   "asn" : "AS52892",
   "city" : "Tupanciret\u00e3",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nLast-Modified: Thu, 14 Nov 2024 17:38:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"eca7efdbb36db1:0\"\r\nServer: Microsoft-IIS/10.0\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 21 Nov 2024 08:52:32 GMT\r\nConnection: close\r\nContent-Length: 696\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\r\n<title>IIS Windows</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody {\r\n\tcolor:#000000;\r\n\tbackground-color:#0072C6;\r\n\tmargin:0;\r\n}\r\n\r\n#container {\r\n\tmargin-left:auto;\r\n\tmargin-right:auto;\r\n\ttext-align:center;\r\n\t}\r\n\r\na img {\r\n\tborder:none;\r\n}\r\n\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"container\">\r\n<a href=\"http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409\"><img src=\"iisstart.png\" alt=\"IIS\" width=\"960\" height=\"600\" /></a>\r\n</div>\r\n</body>\r\n</html>",
   "datamd5" : "141865f76fe4f0942bb0273794932c8a",
   "datammh3" : 1521955469,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "copreltelecom.com.br"
   ],
   "geolocus" : {
      "asn" : "AS268761",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "bgpconsultoria.com.br",
         "cert.br",
         "gmail.com",
         "nowatelecom.com.br"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "28.942.219/0001-29",
      "organization" : "NOWA TELECOM LTDA ME",
      "subnet" : "45.171.148.0/22"
   },
   "host" : [
      "45-171-148-104"
   ],
   "hostname" : [
      "45-171-148-104.copreltelecom.com.br"
   ],
   "ip" : "45.171.148.104",
   "ipv6" : "false",
   "latitude" : "-29.0219",
   "location" : "-29.0219,-53.9747",
   "longitude" : "-53.9747",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "COPREL TELECOM LTDA",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 1222,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "45-171-148-104.copreltelecom.com.br"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "45.171.148.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com.br"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

195.175.26.102

Network

195.174.0.0/15

Domain(s)

turktelekom.com.tr

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://195.175.26.102:1222/ 200

HTTP Title

IIS Windows Server

Reverse DNS

195.175.26.102.static.turktelekom.com.tr

ASN

AS9121

Organization

Turk Telekom

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Product

Microsoft IIS 10.0

HTTP Component(s)

Microsoft IIS Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

Data MD5

0ca775a6b65f845f5163e490398a9acf

HTTP Header MD5

c45e463ffd89b34a781c977b38f3ecbc

HTTP Body MD5

654ae82705924352d2363b1d797997ce

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 24 Apr 2023 09:30:14 GMT
Accept-Ranges: bytes
ETag: "1af9c65f8f76d91:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 21 Nov 2024 08:51:44 GMT
Connection: close
Content-Length: 703

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>IIS Windows Server</title>
<style type="text/css">
<!--
body {
	color:#000000;
	background-color:#0072C6;
	margin:0;
}

#container {
	margin-left:auto;
	margin-right:auto;
	text-align:center;
	}

a img {
	border:none;
}

-->
</style>
</head>
<body>
<div id="container">
<a href="http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409"><img src="iisstart.png" alt="IIS" width="960" height="600" /></a>
</div>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:51:45.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "microsoft.com",
            "w3.org"
         ],
         "hostname" : [
            "go.microsoft.com",
            "www.w3.org"
         ],
         "url" : [
            "http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409",
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "654ae82705924352d2363b1d797997ce",
         "bodymmh3" : 703707298,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "IIS"
            },
            {
               "product" : "ASP.NET",
               "productvendor" : "Microsoft"
            }
         ],
         "header" : [
            {
               "value" : "Mon, 24 Apr 2023 09:30:14 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "1af9c65f8f76d91:0"
            }
         ],
         "headermd5" : "c45e463ffd89b34a781c977b38f3ecbc",
         "headermmh3" : 76795148,
         "title" : "IIS Windows Server"
      },
      "length" : 970
   },
   "asn" : "AS9121",
   "city" : "Istanbul",
   "country" : "TR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nLast-Modified: Mon, 24 Apr 2023 09:30:14 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1af9c65f8f76d91:0\"\r\nServer: Microsoft-IIS/10.0\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 21 Nov 2024 08:51:44 GMT\r\nConnection: close\r\nContent-Length: 703\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\r\n<title>IIS Windows Server</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody {\r\n\tcolor:#000000;\r\n\tbackground-color:#0072C6;\r\n\tmargin:0;\r\n}\r\n\r\n#container {\r\n\tmargin-left:auto;\r\n\tmargin-right:auto;\r\n\ttext-align:center;\r\n\t}\r\n\r\na img {\r\n\tborder:none;\r\n}\r\n\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"container\">\r\n<a href=\"http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409\"><img src=\"iisstart.png\" alt=\"IIS\" width=\"960\" height=\"600\" /></a>\r\n</div>\r\n</body>\r\n</html>",
   "datamd5" : "0ca775a6b65f845f5163e490398a9acf",
   "datammh3" : 1065540519,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "turktelekom.com.tr"
   ],
   "geolocus" : {
      "asn" : "AS9121",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "TR",
      "countryname" : "Turkey",
      "domain" : [
         "turktelekom.com.tr"
      ],
      "isineu" : "false",
      "latitude" : "38.963745",
      "location" : "38.963745,35.243322",
      "longitude" : "35.243322",
      "netname" : "TT-RAS-TESTNET",
      "organization" : "TTnetTurkTelekom",
      "subnet" : "195.175.16.0/20"
   },
   "host" : [
      195
   ],
   "hostname" : [
      "195.175.26.102.static.turktelekom.com.tr"
   ],
   "ip" : "195.175.26.102",
   "ipv6" : "false",
   "latitude" : "41.0241",
   "location" : "41.0241,28.9343",
   "longitude" : "28.9343",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Turk Telekom",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 1222,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "195.175.26.102.static.turktelekom.com.tr"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "26.102.static.turktelekom.com.tr",
      "static.turktelekom.com.tr",
      "175.26.102.static.turktelekom.com.tr",
      "102.static.turktelekom.com.tr"
   ],
   "subnet" : "195.174.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com.tr"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

<access denied by policy>

Network

<access denied by policy>

Operating System

<access denied by policy> <access denied by policy> <access denied by policy>

ASN

<access denied by policy>

Organization

<access denied by policy>

Protocol

<access denied by policy>

Source

<access denied by policy>

Operating System

<access denied by policy> <access denied by policy> <access denied by policy>

Product

<access denied by policy> <access denied by policy> <access denied by policy>

CPE(s)

<enterprise field>: cpe

Data MD5

<access denied by policy>

<access denied by policy>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:51:32.000Z",
   "app" : "<enterprise field>: app",
   "asn" : "<access denied by policy>",
   "city" : "<access denied by policy>",
   "country" : "<access denied by policy>",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<access denied by policy>",
   "datamd5" : "<access denied by policy>",
   "datammh3" : "<access denied by policy>",
   "device" : "<enterprise field>: device",
   "geolocus" : "<enterprise field>: geolocus",
   "ip" : "<access denied by policy>",
   "ipv6" : "<access denied by policy>",
   "latitude" : "<access denied by policy>",
   "location" : "<access denied by policy>",
   "longitude" : "<access denied by policy>",
   "node" : "<enterprise field>: node",
   "organization" : "<access denied by policy>",
   "os" : "<access denied by policy>",
   "osdistribution" : "<access denied by policy>",
   "osvendor" : "<access denied by policy>",
   "port" : "<access denied by policy>",
   "product" : "<access denied by policy>",
   "productvendor" : "<access denied by policy>",
   "productversion" : "<access denied by policy>",
   "protocol" : "<access denied by policy>",
   "protocolversion" : "<access denied by policy>",
   "seen_date" : "<access denied by policy>",
   "source" : "<access denied by policy>",
   "subnet" : "<access denied by policy>",
   "tag" : "<enterprise field>: tag",
   "tls" : "<access denied by policy>",
   "transport" : "<access denied by policy>",
   "url" : "<access denied by policy>"
}

IP

<access denied by policy>

Network

<access denied by policy>

Operating System

<access denied by policy> <access denied by policy> <access denied by policy>

ASN

<access denied by policy>

Organization

<access denied by policy>

Protocol

<access denied by policy>

Source

<access denied by policy>

Operating System

<access denied by policy> <access denied by policy> <access denied by policy>

Product

<access denied by policy> <access denied by policy> <access denied by policy>

CPE(s)

<enterprise field>: cpe

Data MD5

<access denied by policy>

<access denied by policy>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:51:17.000Z",
   "app" : "<enterprise field>: app",
   "asn" : "<access denied by policy>",
   "city" : "<access denied by policy>",
   "country" : "<access denied by policy>",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<access denied by policy>",
   "datamd5" : "<access denied by policy>",
   "datammh3" : "<access denied by policy>",
   "device" : "<enterprise field>: device",
   "geolocus" : "<enterprise field>: geolocus",
   "ip" : "<access denied by policy>",
   "ipv6" : "<access denied by policy>",
   "latitude" : "<access denied by policy>",
   "location" : "<access denied by policy>",
   "longitude" : "<access denied by policy>",
   "node" : "<enterprise field>: node",
   "organization" : "<access denied by policy>",
   "os" : "<access denied by policy>",
   "osdistribution" : "<access denied by policy>",
   "osvendor" : "<access denied by policy>",
   "port" : "<access denied by policy>",
   "product" : "<access denied by policy>",
   "productvendor" : "<access denied by policy>",
   "productversion" : "<access denied by policy>",
   "protocol" : "<access denied by policy>",
   "protocolversion" : "<access denied by policy>",
   "seen_date" : "<access denied by policy>",
   "source" : "<access denied by policy>",
   "subnet" : "<access denied by policy>",
   "tag" : "<enterprise field>: tag",
   "tls" : "<access denied by policy>",
   "transport" : "<access denied by policy>",
   "url" : "<access denied by policy>"
}

IP

<access denied by policy>

Network

<access denied by policy>

Operating System

<access denied by policy> <access denied by policy>

ASN

<access denied by policy>

Organization

<access denied by policy>

Protocol

<access denied by policy>

Source

<access denied by policy>

Operating System

<access denied by policy> <access denied by policy>

Product

<access denied by policy> <access denied by policy> <access denied by policy>

CPE(s)

<enterprise field>: cpe

Data MD5

<access denied by policy>

<access denied by policy>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:51:09.000Z",
   "app" : "<enterprise field>: app",
   "asn" : "<access denied by policy>",
   "country" : "<access denied by policy>",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<access denied by policy>",
   "datamd5" : "<access denied by policy>",
   "datammh3" : "<access denied by policy>",
   "device" : "<enterprise field>: device",
   "geolocus" : "<enterprise field>: geolocus",
   "ip" : "<access denied by policy>",
   "ipv6" : "<access denied by policy>",
   "latitude" : "<access denied by policy>",
   "location" : "<access denied by policy>",
   "longitude" : "<access denied by policy>",
   "node" : "<enterprise field>: node",
   "organization" : "<access denied by policy>",
   "os" : "<access denied by policy>",
   "osvendor" : "<access denied by policy>",
   "port" : "<access denied by policy>",
   "product" : "<access denied by policy>",
   "productvendor" : "<access denied by policy>",
   "productversion" : "<access denied by policy>",
   "protocol" : "<access denied by policy>",
   "protocolversion" : "<access denied by policy>",
   "seen_date" : "<access denied by policy>",
   "source" : "<access denied by policy>",
   "subnet" : "<access denied by policy>",
   "tag" : "<enterprise field>: tag",
   "tls" : "<access denied by policy>",
   "transport" : "<access denied by policy>",
   "url" : "<access denied by policy>"
}

IP

18.236.135.103

Network

18.236.0.0/15

Domain(s)

amazonaws.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://18.236.135.103:1222/ 200

HTTP Title

ServiceNow

Reverse DNS

ec2-18-236-135-103.us-west-2.compute.amazonaws.com

ASN

AS16509

Organization

AMAZON-02

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

8fa99d6203111ea7c849f7781cd918ff

HTTP Header MD5

9f060a9cb1b31c417a3a68e629ae97e3

HTTP Body MD5

455a6a60e799d8ef8c09cad5e1100d47

HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 Nov 2024 08:50:30 GMT
Server: nginx
Content-Length: 46782
Content-Type: text/html

<!DOCTYPE html><html lang="en" class=" ltr " data-doctype="true" dir="ltr" ontouchend="CustomEvent.fireAll('body_clicked', event);" onclick="CustomEvent.fireAll('body_clicked', event);"><head><script type="text/javascript"></script><title>ServiceNow</title><meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1"></meta><meta http-equiv="cache-control" content="public"></meta><script src="/uxasset/externals/service-worker/loader.jsdbx?sysparm_substitute=false"></script><script>var mswDisabledValue = "false";
                        var disabled = mswDisabledValue === 'true' ? true : false;
                        var serviceWorkers = JSON.parse("[{\"scope\":\"/\",\"serviceWorkerUrl\":\"/uxsw/scope/root.js\"},{\"scope\":\"/x\",\"serviceWorkerUrl\":\"/uxsw/scope/now_x.js\"},{\"scope\":\"/now\",\"serviceWorkerUrl\":\"/uxsw/scope/now_x.js\"}]");
                        var SERVICE_WORKER_MANAGER_CONFIG = {disabled, serviceWorkers};
                        if (window.serviceWorkerManager) window.serviceWorkerManager.init(SERVICE_WORKER_MANAGER_CONFIG);</script><meta name="viewport" content="initial-scale=1.0"></meta><script type="text/javascript" data-description="globals population">
        window.NOW = window.NOW || {};
        var g_loadTime = new Date();
        var lastActivity = new Date();
        var g_lang = 'en';
        var g_system_lang = 'en';
        var g_enhanced_activated = 'true';
          var g_popup_timeout = parseInt(100);
        var g_export_warn_threshold = parseInt(10000);
          var g_event_handler_ids = {};
        var g_event_handlers = [];
        var g_event_handlers_onLoad = [];
        var g_event_handlers_onSubmit = [];
        var g_event_handlers_onChange = [];
        var g_event_handlers_onCellEdit = {};
        var g_event_handlers_localCache = {};
        var g_event_handlers_queryTracking = true;
        var g_user_date_time_format = "yyyy-MM-dd HH:mm:ss";
        var g_user_date_format = "yyyy-MM-dd";
        var g_user_decimal_separator = ".";
        var g_user_grouping_separator = ",";
        var g_glide_list_separator = ", ";
        var g_allow_field_dependency_for_templates = ("true" === "true");
        var g_tz_offset = 0;
          var g_tz_user_offset = true;
        var g_first_day_of_week = parseInt(1, 10);
        var g_date_picker_first_day_of_week = parseInt(0, 10);
          var g_full_calendar_edit = true;
        var g_submitted = false;
        var g_max_table_length = 80;
        var g_fontSizePreference = "";
        var g_fontSize = "10pt";
        // use to be the sys_property glide.ui.js_error_notify, hard coded for PRB603998
        var g_jsErrorNotify = "true";
        var g_cancelPreviousTransaction = true;
        var g_text_direction = "ltr";
        var g_glide_list_filter_max_length =  parseInt("0", 10);
        var g_accessibility = false;
        var g_accessibility_tooltips = false;
        var g_accessibility_tooltip_duration = parseInt("10", 10);
        var g_accessibility_visual_patterns = false;
        var g_accessibility_screen_reader_table = false;
        var g_detail_row = false;
        var g_builddate = "09-16-2022_1610";
        // default values to be used in absence of user preferences are hard coded below
        // as well as in keyboardShortcuts.js and keyboard_preference_changer.xml
        window.g_keyboard_shortcuts = {};
        window.g_keyboard_shortcuts.allow_in_input_fields = false;
        window.g_keyboard_shortcuts.enabled = true;
        window.g_keyboard_shortcuts.global_search = {};
        window.g_keyboard_shortcuts.global_search.enabled = true;
        window.g_keyboard_shortcuts.global_search.key_combination = 'ctrl+alt+g';
        window.g_keyboard_shortcuts.main_frame = {};
        window.g_keyboard_shortcuts.main_frame.enabled = true;
        window.g_keyboard_shortcuts.main_frame.key_combination = 'ctrl+alt+p';
        window.g_keyboard_shortcuts.navigator_toggle = {};
        window.g_keyboard_shortcuts.navigator_toggle.enabled = true;
        window.g_keyboard_shortcuts.navigator_toggle.key_combination = 'ctrl+alt+c';
        window.g_keyboard_shortcuts.navigator_filter = {};
        window.g_keyboard_shortcuts.navigator_filter.enabled = true;
        window.g_keyboard_shortcuts.navigator_filter.key_combination = 'ctrl+alt+f';
        window.g_keyboard_shortcuts.impersonator = {}
        window.g_keyboard_shortcuts.impersonator.enabled = true;
        window.g_keyboard_shortcuts.impersonator.key_combination = 'ctrl+alt+i';
        var g_concourse_onmessage_enforce_same_origin = 'true'.toLowerCase() === 'true';
        var g_concourse_onmessage_enforce_same_origin_whitelist = '';
        window.g_load_functions = [];
        window.g_render_functions = [];
        window.g_late_load_functions = [];
        window.g_tiny_url = {};
        window.g_tiny_url.use_tiny = 'true' === 'true';
        window.g_tiny_url.min_length = parseInt('1024');


        var g_ck = '613454d2e019da1c7f446d41db8bd81903bd82ecc7345fb313d34d311014af61781c03fc';



        var g_acWaitTime = parseInt(250);


        var g_autoRequest = '';

        try {
                window.NOW.dateFormat = JSON.parse("{\"timeAgo\": false, \"dateBoth\": false}");
        } catch (e) {
                window.NOW.dateFormat = {timeAgo: false, dateBoth: false};
        }

        window.NOW.dateFormat.dateStringFormat = "yyyy-MM-dd";
        window.NOW.dateFormat.timeStringFormat = "HH:mm:ss";
        window.NOW.shortDateFormat = false;
        window.NOW.listTableWrap = true;
        window.NOW.compact = false;
        window.NOW.templateToggle = false;
        window.NOW.tabbed = true;
        window.NOW.permalink = true;
        window.NOW.useSimpleStorage = true;
        window.NOW.httpRequestCompressionThreshold = 40000;
        window.NOW.httpRequestCompressionLevel = -1;
        window.NOW.httpRequestCompressionMemoryLevel = -1;
        window.NOW.deferAmbConnection = false;
        window.NOW.deferredAmbConnectionTimeout = 10000;
        window.NOW.simpleStorageSynch = "a38d0130e03102107f446d41db8bd865";
        window.NOW.language =  'en';
        window.NOW.listOpenInAppTab = false;
        window.NOW.floatingScrollbars = false;

        window.NOW.user = {};
        window.NOW.user.preferences = [];
        window.NOW.user.roles = '';
        window.NOW.user.allRoles = '';
        window.NOW.user.userID = '5136503cc611227c0183e96598c4f706';
        window.NOW.user.departmentID = '';
        window.NOW.user.firstName = '';
        window.NOW.user.lastName = 'Guest';
        window.NOW.user.name = 'guest';
        window.NOW.user.isImpersonating = false;
        window.NOW.batch_glide_ajax_requests = 'true' === 'true';
        window.NOW.batch_glide_ajax_requests_max_time_in_queue = ~~'50';
        window.NOW.batch_glide_ajax_disable_time = ~~'1000';

        window.NOW.currency = {};
        window.NOW.currency.code = 'USD';
        window.NOW.locale = {};
        window.NOW.locale.code = 'en_US';

        window.NOW.attachment = {};

        window.NOW.attachment.overflow_limit =  parseInt('3', 10);
        window.NOW.isPolarisEnabled = "true";
        window.NOW.polaris_page_info ={"canUsePolarisCSS":true,"canUsePolarisTemplates":true,"jvar_form_name":"welcome"};</script><script data-comment="GlideUser initialization">(function() {
                 g_render_functions.push(setGlideUser);
                function setGlideUser() {
                        if (window.g_user || !window.GlideUser)
                return;

                window.g_user = new GlideUser(NOW.user.name,
                          NOW.user.firstName,
                          NOW.user.lastName,
                          NOW.user.roles,
                          NOW.user.userID,
                          NOW.user.departmentID);
                window.g_user.setRoles(NOW.user.allRoles, true);
                }
        })();</script><script data-description="NOW glide web analytics siteid and url">window.snWebaConfig = window.snWebaConfig || {};
                // glide web analytics config
                window.snWebaConfig.siteId = "0";
                window.snWebaConfig.trackerURL = "";
                window.snWebaConfig.webaScriptPath = "/scripts/piwik-3.1.1/thirdparty/piwik.min.js";
                window.snWebaConfig.ambClient = (window.g_ambClient) ? window.g_ambClient : ((window.amb)? window.amb.getClient(): "");
                window.snWebaConfig.subscribed = false;</script><script type="text/javascript" src="/ConditionalFocus.jsdbx?v=09-16-2022_1610&amp;c=8_102"></script><link href="favicon.ico?v=5" rel="shortcut icon"></link><script>// window.performance in Chrome, Firefox, and Internet Explorer 9+ (not Safari)
                                window.NOW.xperf = window.performance || {};
                                if (!NOW.xperf.now) {
                                        NOW.xperf.now = function() { return new Date().getTime(); };
                                }
                                NOW.xperf.parseBegin = NOW.xperf.now();
                                NOW.xperf.cssBegin = NOW.xperf.now();</script><link type="text/css" rel="stylesheet" href="/styles/css_includes_doctype_polaris.cssx?v=09-16-2022_1610&amp;c=6a025a33e0c1d21c7f446d41db8bd877&amp;theme=Polaris"></link><script>window.NOW = window.NOW || {};
                 NOW.isUsingPolaris = true;</script><link type="text/css" rel="stylesheet" href="/styles/polarisberg/css_includes_polarisberg.cssx?v=09-16-2022_1610&amp;c=6a025a33e0c1d21c7f446d41db8bd877&amp;theme=Polaris"></link><script>NOW.exclude_dark_theme = "true";</script><link type="text/css" rel="stylesheet" href="/polarisberg_theme_variables.do?c=UL3tmCMCcC9tXGL%2F%2FmIVU5V1gyk%3D&amp;exclude_dark=true" id="polarisberg_theme_variables"></link><script>NOW.xperf.cssEnd = NOW.xperf.now();
                        NOW.xperf.scriptBegin = NOW.xperf.now();</script><script type="text/javascript" src="/scripts/doctype/js_includes_doctype.jsx?v=09-16-2022_1610&amp;lp=Fri_Sep_30_17_08_52_UTC_2022&amp;c=8_102"></script><script type="text/javascript" src="/scripts/js_includes_customer.jsx?v=09-16-2022_1610&amp;lp=Fri_Sep_30_17_08_52_UTC_2022&amp;c=8_102"></script><script>NOW.xperf.scriptEnd = NOW.xperf.now();
                                NOW.xperf.parseEnd = NOW.xperf.now();
                                $j(function() {
                                        var x = NOW.xperf;
                                        var last = x.lastDoctypeEnd - x.lastDoctypeBegin;
                                        if (window.console) {
                                                console.log("+-- Parse times");
                                                console.log("| CSS parse: " + (x.cssEnd - x.cssBegin));
                                                console.log("| JS  doctype: " + (x.scriptEnd - x.scriptBegin));
                                                console.log("| JS at end of page: " + last);
                                                console.log("+-- All parsing: " + (x.parseEnd - x.parseBegin + last));
                                        }

                                        var ms = Math.round(x.parseEnd - x.parseBegin + last);
                                        CustomEvent.fire('page_timing', { name: 'PARS', ms: ms, win: window });

                                        if (window.performance && performance.timing) {
                                                NOW.xperf.z = new Date().getTime();
                                                setTimeout(function () {
                                                   var x = performance.timing.loadEventEnd - performance.timing.domContentLoadedEventStart;
                                                   CustomEvent.fire('page_timing', { name: 'DOMC', ms: x, win: window });
                                                   x = performance.timing.loadEventStart - NOW.xperf.z;
                                                   CustomEvent.fire('page_timing', { name: 'PROC', ms: x, win: window });
                                                }, 250);  // has to be done after the loadEvent ends
                                        }
                                })</script><script type="text/javascript" src="/scripts/doctype/js_includes_legacy.jsx?v=09-16-2022_1610&amp;lp=Fri_Sep_30_17_08_52_UTC_2022&amp;c=8_102"></script><script type="text/javascript" data-comment="navpage layout preferences, onfocus observation">/**
        * Every window needs to observe these events.
        */
        if (Prototype.Browser.IE && !isMSIE9) {
                document.onfocusout = function() { CustomEvent.fireTop(GlideEvent.WINDOW_BLURRED, window); };
                document.onfocusin = function() { CustomEvent.fireTop(GlideEvent.WINDOW_FOCUSED, window); };
        } else {
                Event.observe(window, 'blur', function() { CustomEvent.fireTop(GlideEvent.WINDOW_BLURRED, window); });
                Event.observe(window, 'focus', function() { CustomEvent.fireTop(GlideEvent.WINDOW_FOCUSED, window); });
        }</script><script type="text/javascript">g_swLoadTime = new StopWatch(g_loadTime);

    if (window.CustomEvent){
        CustomEvent.fireAll("ck_updated", "613454d2e019da1c7f446d41db8bd81903bd82ecc7345fb313d34d311014af61781c03fc");
            CustomEvent.fireTop("navigation.complete", window);
        }

    addLoadEvent( function() {

                if (isValidTouchDevice())
                        addTouchScrollClassToBody();

      if (typeof g_ck != 'undefined') {
        CustomEvent.observe("ck_updated", function(ck) { g_ck = ck; });
        CustomEvent.fireAll("ck_updated", "613454d2e019da1c7f446d41db8bd81903bd82ecc7345fb313d34d311014af61781c03fc");}try {
              var helpico = getTopWindow().document.getElementById("help_ico");

              if (helpico) {
                var urlname=window.location.pathname.split("?");
                var search_str = window.location.search;

                // if this is a form, extract the record's sys_id...
                var sys_id_loc = search_str.search(/sys_id=[0-9a-f]{32}/i);
                var sys_id_str = (sys_id_loc != -1) ? search_str.substr(sys_id_loc, 39) : null;

                // make the URL to our context help processor...
                var url_search = "?sysparm_url=" + urlname[0];
                if (sys_id_loc != -1)
                   url_search += "&" + sys_id_str;

                helpico.href="context_help.do" + url_search;
              }
            } catch (exception) {}

      synchCache();
      pageLoaded();
    });

    function synchCache() {
      try {
        var w = getTopWindow();
        if (w.g_cache_message)
          w.g_cache_message.stamp("a38d0130e03102107f446d41db8bd865");

        if (w.g_cache_td)
          w.g_cache_td.stamp("f7505c96e059da1c7f446d41db8bd8ef");
      } catch(e) {}
    }

    function isValidTouchDevice() {
                var navigator = window.navigator || {};
                var devices;
                try {
                        devices = 'iPad,Android'.split(',');
                } catch(ex) {
                        devices = [];
                }
                return devices.some(function(item) {return item.trim() === navigator.platform;});
        }

        function addTouchScrollClassToBody() {
                if ('ontouchstart' in window ||
                                (navigator.maxTouchPoints !== 'undefined' && navigator.maxTouchPoints > 0) ||
                                (navigator.msMaxTouchPoints !== 'undefined' && navigator.msMaxTouchPoints > 0)) {
                        if (typeof document.body != undefined) {
                                document.body.classList.add('touch_scroll');
                        }
                }
        }
  </script><!--googleoff: all--><noscript>This site requires JavaScript to be enabled</noscript> <!--googleon: all--><script type="text/javascript" src="/scripts/app.guided_tours/js_guided_tours_includes.jsx?v=09-16-2022_1610"></script></head><body class="                -polaris " data-formName="welcome"><span class="sr-only"><div id="html_page_aria_live_polite" r

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:50:30.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "455a6a60e799d8ef8c09cad5e1100d47",
         "bodymmh3" : 231945519,
         "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
         "headermmh3" : -111232896,
         "title" : "ServiceNow"
      },
      "length" : 16384
   },
   "asn" : "AS16509",
   "city" : "Boardman",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 21 Nov 2024 08:50:30 GMT\r\nServer: nginx\r\nContent-Length: 46782\r\nContent-Type: text/html\r\n\r\n<!DOCTYPE html><html lang=\"en\" class=\" ltr \" data-doctype=\"true\" dir=\"ltr\" ontouchend=\"CustomEvent.fireAll('body_clicked', event);\" onclick=\"CustomEvent.fireAll('body_clicked', event);\"><head><script type=\"text/javascript\"></script><title>ServiceNow</title><meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge,chrome=1\"></meta><meta http-equiv=\"cache-control\" content=\"public\"></meta><script src=\"/uxasset/externals/service-worker/loader.jsdbx?sysparm_substitute=false\"></script><script>var mswDisabledValue = \"false\";\n                        var disabled = mswDisabledValue === 'true' ? true : false;\n                        var serviceWorkers = JSON.parse(\"[{\\\"scope\\\":\\\"/\\\",\\\"serviceWorkerUrl\\\":\\\"/uxsw/scope/root.js\\\"},{\\\"scope\\\":\\\"/x\\\",\\\"serviceWorkerUrl\\\":\\\"/uxsw/scope/now_x.js\\\"},{\\\"scope\\\":\\\"/now\\\",\\\"serviceWorkerUrl\\\":\\\"/uxsw/scope/now_x.js\\\"}]\");\n                        var SERVICE_WORKER_MANAGER_CONFIG = {disabled, serviceWorkers};\n                        if (window.serviceWorkerManager) window.serviceWorkerManager.init(SERVICE_WORKER_MANAGER_CONFIG);</script><meta name=\"viewport\" content=\"initial-scale=1.0\"></meta><script type=\"text/javascript\" data-description=\"globals population\">\n        window.NOW = window.NOW || {};\n        var g_loadTime = new Date();\n        var lastActivity = new Date();\n        var g_lang = 'en';\n        var g_system_lang = 'en';\n        var g_enhanced_activated = 'true';\n          var g_popup_timeout = parseInt(100);\n        var g_export_warn_threshold = parseInt(10000);\n          var g_event_handler_ids = {};\n        var g_event_handlers = [];\n        var g_event_handlers_onLoad = [];\n        var g_event_handlers_onSubmit = [];\n        var g_event_handlers_onChange = [];\n        var g_event_handlers_onCellEdit = {};\n        var g_event_handlers_localCache = {};\n        var g_event_handlers_queryTracking = true;\n        var g_user_date_time_format = \"yyyy-MM-dd HH:mm:ss\";\n        var g_user_date_format = \"yyyy-MM-dd\";\n        var g_user_decimal_separator = \".\";\n        var g_user_grouping_separator = \",\";\n        var g_glide_list_separator = \", \";\n        var g_allow_field_dependency_for_templates = (\"true\" === \"true\");\n        var g_tz_offset = 0;\n          var g_tz_user_offset = true;\n        var g_first_day_of_week = parseInt(1, 10);\n        var g_date_picker_first_day_of_week = parseInt(0, 10);\n          var g_full_calendar_edit = true;\n        var g_submitted = false;\n        var g_max_table_length = 80;\n        var g_fontSizePreference = \"\";\n        var g_fontSize = \"10pt\";\n        // use to be the sys_property glide.ui.js_error_notify, hard coded for PRB603998\n        var g_jsErrorNotify = \"true\";\n        var g_cancelPreviousTransaction = true;\n        var g_text_direction = \"ltr\";\n        var g_glide_list_filter_max_length =  parseInt(\"0\", 10);\n        var g_accessibility = false;\n        var g_accessibility_tooltips = false;\n        var g_accessibility_tooltip_duration = parseInt(\"10\", 10);\n        var g_accessibility_visual_patterns = false;\n        var g_accessibility_screen_reader_table = false;\n        var g_detail_row = false;\n        var g_builddate = \"09-16-2022_1610\";\n        // default values to be used in absence of user preferences are hard coded below\n        // as well as in keyboardShortcuts.js and keyboard_preference_changer.xml\n        window.g_keyboard_shortcuts = {};\n        window.g_keyboard_shortcuts.allow_in_input_fields = false;\n        window.g_keyboard_shortcuts.enabled = true;\n        window.g_keyboard_shortcuts.global_search = {};\n        window.g_keyboard_shortcuts.global_search.enabled = true;\n        window.g_keyboard_shortcuts.global_search.key_combination = 'ctrl+alt+g';\n        window.g_keyboard_shortcuts.main_frame = {};\n        window.g_keyboard_shortcuts.main_frame.enabled = true;\n        window.g_keyboard_shortcuts.main_frame.key_combination = 'ctrl+alt+p';\n        window.g_keyboard_shortcuts.navigator_toggle = {};\n        window.g_keyboard_shortcuts.navigator_toggle.enabled = true;\n        window.g_keyboard_shortcuts.navigator_toggle.key_combination = 'ctrl+alt+c';\n        window.g_keyboard_shortcuts.navigator_filter = {};\n        window.g_keyboard_shortcuts.navigator_filter.enabled = true;\n        window.g_keyboard_shortcuts.navigator_filter.key_combination = 'ctrl+alt+f';\n        window.g_keyboard_shortcuts.impersonator = {}\n        window.g_keyboard_shortcuts.impersonator.enabled = true;\n        window.g_keyboard_shortcuts.impersonator.key_combination = 'ctrl+alt+i';\n        var g_concourse_onmessage_enforce_same_origin = 'true'.toLowerCase() === 'true';\n        var g_concourse_onmessage_enforce_same_origin_whitelist = '';\n        window.g_load_functions = [];\n        window.g_render_functions = [];\n        window.g_late_load_functions = [];\n        window.g_tiny_url = {};\n        window.g_tiny_url.use_tiny = 'true' === 'true';\n        window.g_tiny_url.min_length = parseInt('1024');\n\n\n        var g_ck = '613454d2e019da1c7f446d41db8bd81903bd82ecc7345fb313d34d311014af61781c03fc';\n\n\n\n        var g_acWaitTime = parseInt(250);\n\n\n        var g_autoRequest = '';\n\n        try {\n                window.NOW.dateFormat = JSON.parse(\"{\\\"timeAgo\\\": false, \\\"dateBoth\\\": false}\");\n        } catch (e) {\n                window.NOW.dateFormat = {timeAgo: false, dateBoth: false};\n        }\n\n        window.NOW.dateFormat.dateStringFormat = \"yyyy-MM-dd\";\n        window.NOW.dateFormat.timeStringFormat = \"HH:mm:ss\";\n        window.NOW.shortDateFormat = false;\n        window.NOW.listTableWrap = true;\n        window.NOW.compact = false;\n        window.NOW.templateToggle = false;\n        window.NOW.tabbed = true;\n        window.NOW.permalink = true;\n        window.NOW.useSimpleStorage = true;\n        window.NOW.httpRequestCompressionThreshold = 40000;\n        window.NOW.httpRequestCompressionLevel = -1;\n        window.NOW.httpRequestCompressionMemoryLevel = -1;\n        window.NOW.deferAmbConnection = false;\n        window.NOW.deferredAmbConnectionTimeout = 10000;\n        window.NOW.simpleStorageSynch = \"a38d0130e03102107f446d41db8bd865\";\n        window.NOW.language =  'en';\n        window.NOW.listOpenInAppTab = false;\n        window.NOW.floatingScrollbars = false;\n\n        window.NOW.user = {};\n        window.NOW.user.preferences = [];\n        window.NOW.user.roles = '';\n        window.NOW.user.allRoles = '';\n        window.NOW.user.userID = '5136503cc611227c0183e96598c4f706';\n        window.NOW.user.departmentID = '';\n        window.NOW.user.firstName = '';\n        window.NOW.user.lastName = 'Guest';\n        window.NOW.user.name = 'guest';\n        window.NOW.user.isImpersonating = false;\n        window.NOW.batch_glide_ajax_requests = 'true' === 'true';\n        window.NOW.batch_glide_ajax_requests_max_time_in_queue = ~~'50';\n        window.NOW.batch_glide_ajax_disable_time = ~~'1000';\n\n        window.NOW.currency = {};\n        window.NOW.currency.code = 'USD';\n        window.NOW.locale = {};\n        window.NOW.locale.code = 'en_US';\n\n        window.NOW.attachment = {};\n\n        window.NOW.attachment.overflow_limit =  parseInt('3', 10);\n        window.NOW.isPolarisEnabled = \"true\";\n        window.NOW.polaris_page_info ={\"canUsePolarisCSS\":true,\"canUsePolarisTemplates\":true,\"jvar_form_name\":\"welcome\"};</script><script data-comment=\"GlideUser initialization\">(function() {\n                 g_render_functions.push(setGlideUser);\n                function setGlideUser() {\n                        if (window.g_user || !window.GlideUser)\n                return;\n\n                window.g_user = new GlideUser(NOW.user.name,\n                          NOW.user.firstName,\n                          NOW.user.lastName,\n                          NOW.user.roles,\n                          NOW.user.userID,\n                          NOW.user.departmentID);\n                window.g_user.setRoles(NOW.user.allRoles, true);\n                }\n        })();</script><script data-description=\"NOW glide web analytics siteid and url\">window.snWebaConfig = window.snWebaConfig || {};\n                // glide web analytics config\n                window.snWebaConfig.siteId = \"0\";\n                window.snWebaConfig.trackerURL = \"\";\n                window.snWebaConfig.webaScriptPath = \"/scripts/piwik-3.1.1/thirdparty/piwik.min.js\";\n                window.snWebaConfig.ambClient = (window.g_ambClient) ? window.g_ambClient : ((window.amb)? window.amb.getClient(): \"\");\n                window.snWebaConfig.subscribed = false;</script><script type=\"text/javascript\" src=\"/ConditionalFocus.jsdbx?v=09-16-2022_1610&amp;c=8_102\"></script><link href=\"favicon.ico?v=5\" rel=\"shortcut icon\"></link><script>// window.performance in Chrome, Firefox, and Internet Explorer 9+ (not Safari)\n                                window.NOW.xperf = window.performance || {};\n                                if (!NOW.xperf.now) {\n                                        NOW.xperf.now = function() { return new Date().getTime(); };\n                                }\n                                NOW.xperf.parseBegin = NOW.xperf.now();\n                                NOW.xperf.cssBegin = NOW.xperf.now();</script><link type=\"text/css\" rel=\"stylesheet\" href=\"/styles/css_includes_doctype_polaris.cssx?v=09-16-2022_1610&amp;c=6a025a33e0c1d21c7f446d41db8bd877&amp;theme=Polaris\"></link><script>window.NOW = window.NOW || {};\n                 NOW.isUsingPolaris = true;</script><link type=\"text/css\" rel=\"stylesheet\" href=\"/styles/polarisberg/css_includes_polarisberg.cssx?v=09-16-2022_1610&amp;c=6a025a33e0c1d21c7f446d41db8bd877&amp;theme=Polaris\"></link><script>NOW.exclude_dark_theme = \"true\";</script><link type=\"text/css\" rel=\"stylesheet\" href=\"/polarisberg_theme_variables.do?c=UL3tmCMCcC9tXGL%2F%2FmIVU5V1gyk%3D&amp;exclude_dark=true\" id=\"polarisberg_theme_variables\"></link><script>NOW.xperf.cssEnd = NOW.xperf.now();\n                        NOW.xperf.scriptBegin = NOW.xperf.now();</script><script type=\"text/javascript\" src=\"/scripts/doctype/js_includes_doctype.jsx?v=09-16-2022_1610&amp;lp=Fri_Sep_30_17_08_52_UTC_2022&amp;c=8_102\"></script><script type=\"text/javascript\" src=\"/scripts/js_includes_customer.jsx?v=09-16-2022_1610&amp;lp=Fri_Sep_30_17_08_52_UTC_2022&amp;c=8_102\"></script><script>NOW.xperf.scriptEnd = NOW.xperf.now();\n                                NOW.xperf.parseEnd = NOW.xperf.now();\n                                $j(function() {\n                                        var x = NOW.xperf;\n                                        var last = x.lastDoctypeEnd - x.lastDoctypeBegin;\n                                        if (window.console) {\n                                                console.log(\"+-- Parse times\");\n                                                console.log(\"| CSS parse: \" + (x.cssEnd - x.cssBegin));\n                                                console.log(\"| JS  doctype: \" + (x.scriptEnd - x.scriptBegin));\n                                                console.log(\"| JS at end of page: \" + last);\n                                                console.log(\"+-- All parsing: \" + (x.parseEnd - x.parseBegin + last));\n                                        }\n\n                                        var ms = Math.round(x.parseEnd - x.parseBegin + last);\n                                        CustomEvent.fire('page_timing', { name: 'PARS', ms: ms, win: window });\n\n                                        if (window.performance && performance.timing) {\n                                                NOW.xperf.z = new Date().getTime();\n                                                setTimeout(function () {\n                                                   var x = performance.timing.loadEventEnd - performance.timing.domContentLoadedEventStart;\n                                                   CustomEvent.fire('page_timing', { name: 'DOMC', ms: x, win: window });\n                                                   x = performance.timing.loadEventStart - NOW.xperf.z;\n                                                   CustomEvent.fire('page_timing', { name: 'PROC', ms: x, win: window });\n                                                }, 250);  // has to be done after the loadEvent ends\n                                        }\n                                })</script><script type=\"text/javascript\" src=\"/scripts/doctype/js_includes_legacy.jsx?v=09-16-2022_1610&amp;lp=Fri_Sep_30_17_08_52_UTC_2022&amp;c=8_102\"></script><script type=\"text/javascript\" data-comment=\"navpage layout preferences, onfocus observation\">/**\n        * Every window needs to observe these events.\n        */\n        if (Prototype.Browser.IE && !isMSIE9) {\n                document.onfocusout = function() { CustomEvent.fireTop(GlideEvent.WINDOW_BLURRED, window); };\n                document.onfocusin = function() { CustomEvent.fireTop(GlideEvent.WINDOW_FOCUSED, window); };\n        } else {\n                Event.observe(window, 'blur', function() { CustomEvent.fireTop(GlideEvent.WINDOW_BLURRED, window); });\n                Event.observe(window, 'focus', function() { CustomEvent.fireTop(GlideEvent.WINDOW_FOCUSED, window); });\n        }</script><script type=\"text/javascript\">g_swLoadTime = new StopWatch(g_loadTime);\n\n    if (window.CustomEvent){\n        CustomEvent.fireAll(\"ck_updated\", \"613454d2e019da1c7f446d41db8bd81903bd82ecc7345fb313d34d311014af61781c03fc\");\n            CustomEvent.fireTop(\"navigation.complete\", window);\n        }\n\n    addLoadEvent( function() {\n\n                if (isValidTouchDevice())\n                        addTouchScrollClassToBody();\n\n      if (typeof g_ck != 'undefined') {\n        CustomEvent.observe(\"ck_updated\", function(ck) { g_ck = ck; });\n        CustomEvent.fireAll(\"ck_updated\", \"613454d2e019da1c7f446d41db8bd81903bd82ecc7345fb313d34d311014af61781c03fc\");}try {\n              var helpico = getTopWindow().document.getElementById(\"help_ico\");\n\n              if (helpico) {\n                var urlname=window.location.pathname.split(\"?\");\n                var search_str = window.location.search;\n\n                // if this is a form, extract the record's sys_id...\n                var sys_id_loc = search_str.search(/sys_id=[0-9a-f]{32}/i);\n                var sys_id_str = (sys_id_loc != -1) ? search_str.substr(sys_id_loc, 39) : null;\n\n                // make the URL to our context help processor...\n                var url_search = \"?sysparm_url=\" + urlname[0];\n                if (sys_id_loc != -1)\n                   url_search += \"&\" + sys_id_str;\n\n                helpico.href=\"context_help.do\" + url_search;\n              }\n            } catch (exception) {}\n\n      synchCache();\n      pageLoaded();\n    });\n\n    function synchCache() {\n      try {\n        var w = getTopWindow();\n        if (w.g_cache_message)\n          w.g_cache_message.stamp(\"a38d0130e03102107f446d41db8bd865\");\n\n        if (w.g_cache_td)\n          w.g_cache_td.stamp(\"f7505c96e059da1c7f446d41db8bd8ef\");\n      } catch(e) {}\n    }\n\n    function isValidTouchDevice() {\n                var navigator = window.navigator || {};\n                var devices;\n                try {\n                        devices = 'iPad,Android'.split(',');\n                } catch(ex) {\n                        devices = [];\n                }\n                return devices.some(function(item) {return item.trim() === navigator.platform;});\n        }\n\n        function addTouchScrollClassToBody() {\n                if ('ontouchstart' in window ||\n                                (navigator.maxTouchPoints !== 'undefined' && navigator.maxTouchPoints > 0) ||\n                                (navigator.msMaxTouchPoints !== 'undefined' && navigator.msMaxTouchPoints > 0)) {\n                        if (typeof document.body != undefined) {\n                                document.body.classList.add('touch_scroll');\n                        }\n                }\n        }\n  </script><!--googleoff: all--><noscript>This site requires JavaScript to be enabled</noscript> <!--googleon: all--><script type=\"text/javascript\" src=\"/scripts/app.guided_tours/js_guided_tours_includes.jsx?v=09-16-2022_1610\"></script></head><body class=\"                -polaris \" data-formName=\"welcome\"><span class=\"sr-only\"><div id=\"html_page_aria_live_polite\" r",
   "datamd5" : "8fa99d6203111ea7c849f7781cd918ff",
   "datammh3" : 86490418,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AMAZO-ZPDX",
      "organization" : "Amazon.com, Inc.",
      "subnet" : "18.236.0.0/15"
   },
   "host" : [
      "ec2-18-236-135-103"
   ],
   "hostname" : [
      "ec2-18-236-135-103.us-west-2.compute.amazonaws.com"
   ],
   "ip" : "18.236.135.103",
   "ipv6" : "false",
   "latitude" : "45.8491",
   "location" : "45.8491,-119.7143",
   "longitude" : "-119.7143",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1222,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-18-236-135-103.us-west-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "us-west-2.compute.amazonaws.com"
   ],
   "subnet" : "18.236.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

211.83.1.110

Network

211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.1.110:1222/ 200

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Product

Apache HTTP Server

CPE(s)

<enterprise field>: cpe

Data MD5

62ab25019fbf0c3a371d7b717d22b998

HTTP Header MD5

97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5

0cfe89b29a930cc5df1de4f17d1106b0

HTTP/1.1 200 ok
Server: Apache
Content-Length:  223
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:1222/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:50:30.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "211.83.41.225",
            "10.100.100.114"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "0cfe89b29a930cc5df1de4f17d1106b0",
         "bodymmh3" : 1203874028,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : -2113301773
      },
      "length" : 311
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  223\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:1222/'</script>\r\n\r\n",
   "datamd5" : "62ab25019fbf0c3a371d7b717d22b998",
   "datammh3" : -526719700,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.1.110",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 1222,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}