IP

202.128.122.175

Network

202.128.112.0/20

Domain(s)

leaptel.network

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://202.128.122.175:8080/ 403

Reverse DNS

202.128.122.175.vic.leaptel.network

ASN

AS134090

Organization

Leaptel

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

Cherrypy Cherrypy 18.9.0

CPE(s)

<enterprise field>: cpe

Data MD5

9f0379bba3e035da0ba1fd6beb8fc5e3

HTTP Header MD5

cdab5fbc97d0e1a4216bf8e95662b0e9

HTTP Body MD5

4801efdcd421c6299bb4adb9669ff79c

Favicon MD5

3e2cb2774a515a5826925214ec124b03

Favicon MMH3

-1939892142

HTTP/1.1 403 Forbidden
Content-Type: text/html;charset=utf-8
Server: CherryPy/18.9.0
Date: Thu, 07 Nov 2024 01:49:56 GMT
X-Frame-Options: SameOrigin
Vary: Accept-Encoding
Content-Length: 67
Connection: close

External internet access denied - https://sabnzbd.org/access-denied

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:29.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "sabnzbd.org"
         ],
         "hostname" : [
            "sabnzbd.org"
         ],
         "url" : [
            "https://sabnzbd.org/access-denied"
         ]
      },
      "favicon" : {
         "image" : "AAABAAIAEBAAAAEAIABoBAAAJgAAACAgAAABACAAqBAAAI4EAAAoAAAAEAAAACAAAAABACAAAAAAAEAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAP8AAAD/AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAP8AaZb/AGmW/wAAAP8AAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAP8AaZb/GMH//xfA//8AaZb/AAAA/wAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAP8AaZb/ALP//yTI//8kx///ALP//wBplv8AAAD/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8AaZb/ALP//wq4//8oyv//KMr//wm4//8As///AGmW/wAAAP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8AaZb/ALP//wCz//8XwP//KMr//yjK//8WwP//ALP//wCz//8AaZb/AAAA/wAAAAAAAAAAAAAAAAAAAP8AaZb/ALP//wCz//8As///JMf//yjK//8oyv//I8f//wCz//8As///ALP//wBplv8AAAD/AAAAAAAAAP8AYYr/ALP//wCz//8As///Cbj//yjK//8oyv//KMr//yjK//8It///ALP//wCz//8As///AGmW/wAAAP8AAAD/AENf9ABDX/gAs///ALP//xa///8oyv//KMr//yjK//8oyv//Fb///wCz//8As///AENf+ABDX/QAAAD/AAAAAAAAAAAAAAD/ALP//wCz//8jx///KMr//yjK//8oyv//KMr//yLG//8As///ALP//wAAAP8AAAAAAAAAAAAAAAAAAAAAAAAA/wCz//8It///KMr//yjK//8oyv//KMr//yjK//8oyv//B7f//wCz//8AAAD/AAAAAAAAAAAAAAAAAAAAAAAAAP8As///Fb///yjK//8oyv//KMr//yjK//8oyv//KMr//xS+//8As///AAAA/wAAAAAAAAAAAAAAAAAAAAAAAAD/ALP//yLG//8oyv//KMr//yjK//8oyv//KMr//yjK//8hxv//ALP//wAAAP8AAAAAAAAAAAAAAAAAAAAAAAAA/wCz//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//wCz//8AAAD/AAAAAAAAAAAAAAAAAAAAAAAAAP8As///KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8As///AAAA/wAAAAAAAAAAAAAAAAAAAAAAAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAAAAAAAAP5/AAD8PwAA+B8AAPAPAADgBwAAwAMAAIABAAAAAAAAAAAAAMADAADAAwAAwAMAAMADAADAAwAAwAMAAMADAAAoAAAAIAAAAEAAAAABACAAAAAAAIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUAAAAWgAAAFoAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAFoAAAD/AAAA/wAAAFoAAAAOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AAABaAAAA/wCz//8As///AAAA/wAAAFoAAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAAAAWgAAAP8As///HcT//xzD//8As///AAAA/wAAAFoAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgAAAFoAAAD/ALP//wO0//8nyf//Jsn//wK0//8As///AAAA/wAAAFoAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAABaAAAA/wCz//8As///D7v//yjK//8oyv//Drv//wCz//8As///AAAA/wAAAFoAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAWgAAAP8As///ALP//wCz//8cw///KMr//yjK//8awv//ALP//wCz//8As///AAAA/wAAAFoAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAFoAAAD/ALP//wCz//8As///ArT//ybJ//8oyv//KMr//ybJ//8Bs///ALP//wCz//8As///AAAA/wAAAFoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABaAAAA/wCz//8As///ALP//wCz//8Ou///KMr//yjK//8oyv//KMr//wy6//8As///ALP//wCz//8As///AAAA/wAAAFoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWgAAAP8As///ALP//wCz//8As///ALP//xvC//8oyv//KMr//yjK//8oyv//GcH//wCz//8As///ALP//wCz//8As///AAAA/wAAAFoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFoAAAD/ALP//wCz//8As///ALP//wCz//8BtP//Jsn//yjK//8oyv//KMr//yjK//8lyP//AbP//wCz//8As///ALP//wCz//8As///AAAA/wAAAFoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABaAAAA/wCz//8As///ALP//wCz//8As///ALP//w26//8oyv//KMr//yjK//8oyv//KMr//yjK//8Luf//ALP//wCz//8As///ALP//wCz//8As///AAAA/wAAAFoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWgAAAP8As///ALP//wCz//8As///ALP//wCz//8As///GsL//yjK//8oyv//KMr//yjK//8oyv//KMr//xjB//8As///ALP//wCz//8As///ALP//wCz//8As///AAAA/wAAAFoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAAD/ALP//wCz//8As///ALP//wCz//8As///ALP//wGz//8lyP//KMr//yjK//8oyv//KMr//yjK//8oyv//JMj//wCz//8As///ALP//wCz//8As///ALP//wCz//8As///AAAA/wAAAEoAAAAAAAAAAAAAAAAAAABGAAAA/wCz//8As///ALP//wCz//8As///ALP//wCz//8As///DLn//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//Crn//wCz//8As///ALP//wCz//8As///ALP//wCz//8As///AAAA/wAAAEAAAAAAAAAAPAAAAP8As///ALP//wCz//8As///ALP//wCz//8As///ALP//wCz//8Zwf//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8XwP//ALP//wCz//8As///ALP//wCz//8As///ALP//wCz//8As///AAAA/wAAADYAAAD/ALP//wCz//8As///ALP//wCz//8As///ALP//wCz//8As///ALP//yXI//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yTH//8As///ALP//wCz//8As///ALP//wCz//8As///ALP//wCz//8As///AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAD/AAAA/wCz//8As///ALP//wCz//8Kuf//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//wm4//8As///ALP//wCz//8As///AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAD/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ALP//wCz//8As///ALP//xjA//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//Fr///wCz//8As///ALP//wCz//8AAAD/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8As///ALP//wCz//8As///JMf//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8jx///ALP//wCz//8As///ALP//wAAAP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wCz//8As///ALP//wm4//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8It///ALP//wCz//8As///AAAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ALP//wCz//8As///FsD//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//xW///8As///ALP//wCz//8AAAD/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8As///ALP//wCz//8jx///KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//Isb//wCz//8As///ALP//wAAAP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wCz//8As///CLj//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//B7f//wCz//8As///AAAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ALP//wCz//8Vv///KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8Uvv//ALP//wCz//8AAAD/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8As///ALP//yLG//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yHG//8As///ALP//wAAAP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wCz//8Ht///KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//wa2//8As///AAAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ALP//xS+//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//E77//wCz//8AAAD/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8As///Icb//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8gxf//ALP//wAAAP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wCz//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yfJ//8As///AAAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ALP//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//yjK//8oyv//KMr//wCz//8AAAD/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8AAAAAAAAAAAAAAAAAAAAAAAAAAP/+f////D////gf///wD///4Af//8AD//+AAf//AAD//gAAf/wAAD/4AAAf8AAAD+AAAAfgAAAHwAAAA4AAAAEAAAAAAAAAAPgAAB/4AAAf+AAAH/gAAB/4AAAf+AAAH/gAAB/4AAAf+AAAH/gAAB/4AAAf+AAAH/gAAB/4AAAf",
         "imagemd5" : "3e2cb2774a515a5826925214ec124b03",
         "imagemmh3" : -1939892142,
         "length" : 5430,
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "4801efdcd421c6299bb4adb9669ff79c",
         "bodymmh3" : 1444589142,
         "headermd5" : "cdab5fbc97d0e1a4216bf8e95662b0e9",
         "headermmh3" : -2032357643
      },
      "length" : 285
   },
   "asn" : "AS134090",
   "city" : "Melbourne",
   "country" : "AU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nContent-Type: text/html;charset=utf-8\r\nServer: CherryPy/18.9.0\r\nDate: Thu, 07 Nov 2024 01:49:56 GMT\r\nX-Frame-Options: SameOrigin\r\nVary: Accept-Encoding\r\nContent-Length: 67\r\nConnection: close\r\n\r\nExternal internet access denied - https://sabnzbd.org/access-denied",
   "datamd5" : "9f0379bba3e035da0ba1fd6beb8fc5e3",
   "datammh3" : 342129061,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "leaptel.network"
   ],
   "geolocus" : {
      "asn" : "AS134090",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "leaptel.com.au",
         "leaptel.network"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "LEAP-AU",
      "organization" : "Leaptel",
      "subnet" : "202.128.112.0/20"
   },
   "host" : [
      202
   ],
   "hostname" : [
      "202.128.122.175.vic.leaptel.network"
   ],
   "ip" : "202.128.122.175",
   "ipv6" : "false",
   "latitude" : "-37.8182",
   "location" : "-37.8182,144.9443",
   "longitude" : "144.9443",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Leaptel",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8080,
   "product" : "Cherrypy",
   "productvendor" : "Cherrypy",
   "productversion" : "18.9.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "reverse" : [
      "202.128.122.175.vic.leaptel.network"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 403,
   "subdomains" : [
      "122.175.vic.leaptel.network",
      "128.122.175.vic.leaptel.network",
      "175.vic.leaptel.network",
      "vic.leaptel.network"
   ],
   "subnet" : "202.128.112.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "network"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

153.142.0.242

Network

153.128.0.0/10

Domain(s)

ocn.ne.jp

Device

<enterprise field>: device.class <enterprise field>: device.productvendor

Operating System

Linux Linux Kernel

URL

http://153.142.0.242:8080/ 200

HTTP Title

Web Viewer for Samsung DVR

Reverse DNS

p13050-ipngnfx01imazuka.yamagata.ocn.ne.jp

ASN

AS4713

Organization

NTT Communications Corporation

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

lighttpd lighttpd 1.4.35

CPE(s)

<enterprise field>: cpe

Data MD5

c04758f0b0ff9aeb589d41b31d96d267

HTTP Header MD5

0e73e24a401ed1181d1c0c8a989af9dd

HTTP Body MD5

dcb3f3178d5acbe1022f9f57171c557b

HTTP/1.1 200 OK
X-UA-Compatible: IE=EmulateIE9, requiresActiveX=true
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1278092176"
Last-Modified: Mon, 14 Aug 2017 02:26:01 GMT
Content-Length: 6773
Connection: close
Date: Thu, 07 Nov 2024 03:23:42 GMT
Server: lighttpd/1.4.35

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Web Viewer for Samsung DVR</title>
<meta http-equiv="Cache-Control" content="no-cache" />
<meta http-equiv="Expires" content="0" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<script type="text/javascript" src="/js/BrowserDetect.js" ></script>
<script type="text/javascript" language="javascript">

    function getOSInfoStr() {
        var ua = navigator.userAgent;

        if (ua.indexOf("NT 6.0") != -1) {
            return true;
        }
        else if (ua.indexOf("NT 6.1") != -1) {
            return true;
        }
        else if (ua.indexOf("NT 5.2") != -1) {
            return true;
        }
        else if (ua.indexOf("NT 5.1") != -1) {
            return true;
        }
        else if (ua.indexOf("NT 5.0") != -1) {
            return true;
        }
        else if (ua.indexOf("NT") != -1) {
            return true;
        }
        else if (ua.indexOf("9x 4.90") != -1) {
            return true;
        }
        else if (ua.indexOf("98") != -1) {
            return true;
        }
        else if (ua.indexOf("95") != -1) {
            return true;
        }
        else if (ua.indexOf("Win16") != -1) {
            return true;
        }
        else if (ua.indexOf("Windows") != -1) {
            return true;
        }
        else if (ua.indexOf("Linux") != -1) {
            return false;
        }
        else if (ua.indexOf("Macintosh") != -1) {
            return false;
        }
        else {
            return false;
        }
    }


    // by chul
    function browserCheck() {
        var ver = 0; // 브라우저  버전정보
        var strbrowser = "";
        if (navigator.appName.charAt(0) == "N") {
            if (navigator.userAgent.indexOf("Chrome") != -1) {
                strbrowser = "Chrome";
                //			ver = getInternetVersion("Chrome");
                //			alert("Chrome"+ver+"입니다."); 
            }
            else if (navigator.userAgent.indexOf("Firefox") != -1) {
                strbrowser = "Firefox";
                ///			ver = getInternetVersion("Firefox");
                //			alert("Firefox"+ver+"입니다.");
            }
            else if (navigator.userAgent.indexOf("Safari") != -1) {
                strbrowser = "Safari";
                //ver = getInternetVersion("Safari");
                //			alert("Safari"+ver+"입니다.");
            }
            //		else
            //			alert("Safari입니다.");

            return strbrowser;
        }
        else if (navigator.appName.charAt(0) == "M") {
            strbrowser = "MSIE";
            //		ver = getInternetVersion("MSIE");
            //		alert("MSIE입니다.");
            return strbrowser;
        }
        else {
            //			alert("Safari입니다.");

            return strbrowser;
        }
    }

    function stop() {
        return false;
    }
    //document.onmousewheel = stop;

    function getQuerystring(key, default_) {
        if (default_ == null) default_ = "";
        key = key.replace(/[\[]/, "\\\[").replace(/[\]]/, "\\\]");
        var regex = new RegExp("[\\?&]" + key + "=([^&#]*)");
        var qs = regex.exec(window.location.href);
        if (qs == null)
            return default_;
        else
            return qs[1];
    }

    function GetContentFrameSrc() {
        var strSrc = "about:blank";
        var strIP = getQuerystring("ip");
        var strPORT = getQuerystring("port");
        var strAction = getQuerystring("action");

        if (strAction == "" ||
            (strAction != "live" && strAction != "search"  && strAction != "setup") )
            strAction = "live";

        if (BrowserDetect.OS == 'Windows') {

            if (BrowserDetect.browser == 'Explorer') {
                strSrc = "/cgi-bin/webviewer?action=" + strAction + "&ip=" + strIP + "&port=" + strPORT;
            }
            else if ( (BrowserDetect.browser == 'Firefox' && BrowserDetect.version >= 3.6) ||
                      (BrowserDetect.browser == 'Chrome' && BrowserDetect.version >= 12) ) {
                strSrc = "/cgi-bin/sl_webviewer?ip=" + strIP + "&port=" + strPORT;
            }
            else
                strSrc = "/cgi-bin/webviewer?action=" + strAction + "&ip=" + strIP + "&port=" + strPORT;

        }
        else if (BrowserDetect.OS == 'Mac') {

            if ( (BrowserDetect.browser == 'Safari' && BrowserDetect.version >= 4) ||
                 (BrowserDetect.browser == 'Firefox' && BrowserDetect.version >= 3.6)) {
                strSrc = "/cgi-bin/sl_webviewer?ip=" + strIP + "&port=" + strPORT;
            }
            else
                strSrc = "/cgi-bin/webviewer?action=" + strAction + "&ip=" + strIP + "&port=" + strPORT;
        }

        return strSrc;
    }

    function body_onload() {

        //document.getElementById("iframeContentFrame").src = GetContentFrameSrc();

        body_onresize();
    }

    function GetContentFrameLeftPos() {
        var niFramePositionLeft;
        var niFrameWidth = document.getElementById("iframeContentFrame").width;

        niFramePositionLeft = (document.body.clientWidth - niFrameWidth) / 2;

        if (niFramePositionLeft < 0)
            niFramePositionLeft = 0;

        return niFramePositionLeft;
    }

    ///// 20120807 by kjw
    ///// ActiveX페이지에서 기존 방식으로 중앙정렬시(center 태그) ie8에서 팝업창 띄울 때 화면이 왼쪽으로 움직이는 문제가 있음.
    ///// 그래서 body 태그의 onresize 이벤트를 사용하여 중앙정렬 하도록 수정함.
    function body_onresize() {
        document.getElementById("iframeContentFrame").style.left = GetContentFrameLeftPos();
    }

</script>
</head>

<body onload="body_onload();" leftmargin=0 topmargin=0 oncontextmenu="return false" onresize="body_onresize()">

<script type="text/javascript" language="javascript">
    ///// 20120820 kjw
    ///// html 태그로 iframe 생성 후 페이지 새로 고침시 캐쉬된 페이지가 미리 로드되어
    ///// body_onload()에서 src를 중복 생성하게 되어 페이지가 2번 생성되는 문제가 있어서
    ///// 이전 방식대로 document.write를 사용하였음.
    document.write("<iframe id='iframeContentFrame' src = '" + GetContentFrameSrc() + "' style='position:absolute;top:18px;left:0px' name='content_frame' width=1000 height=655 scrolling=no frameborder=0 marginwidth=0 marginheight=0></iframe>");

    body_onresize();
</script>

</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:23.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/1999/xhtml"
         ]
      },
      "http" : {
         "bodymd5" : "dcb3f3178d5acbe1022f9f57171c557b",
         "bodymmh3" : 1848766380,
         "header" : [
            {
               "name" : "ETag",
               "value" : 1278092176
            },
            {
               "name" : "Last-Modified",
               "value" : "Mon, 14 Aug 2017 02:26:01 GMT"
            }
         ],
         "headermd5" : "0e73e24a401ed1181d1c0c8a989af9dd",
         "headermmh3" : -1456157475,
         "title" : "Web Viewer for Samsung DVR"
      },
      "length" : 7114
   },
   "asn" : "AS4713",
   "city" : "Obata",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nX-UA-Compatible: IE=EmulateIE9, requiresActiveX=true\r\nCache-Control: no-store, no-cache, must-revalidate\r\nContent-Type: text/html\r\nAccept-Ranges: bytes\r\nETag: \"1278092176\"\r\nLast-Modified: Mon, 14 Aug 2017 02:26:01 GMT\r\nContent-Length: 6773\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 03:23:42 GMT\r\nServer: lighttpd/1.4.35\r\n\r\n\ufeff<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<title>Web Viewer for Samsung DVR</title>\r\n<meta http-equiv=\"Cache-Control\" content=\"no-cache\" />\r\n<meta http-equiv=\"Expires\" content=\"0\" />\r\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\r\n<script type=\"text/javascript\" src=\"/js/BrowserDetect.js\" ></script>\r\n<script type=\"text/javascript\" language=\"javascript\">\r\n\r\n    function getOSInfoStr() {\r\n        var ua = navigator.userAgent;\r\n\r\n        if (ua.indexOf(\"NT 6.0\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"NT 6.1\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"NT 5.2\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"NT 5.1\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"NT 5.0\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"NT\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"9x 4.90\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"98\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"95\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"Win16\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"Windows\") != -1) {\r\n            return true;\r\n        }\r\n        else if (ua.indexOf(\"Linux\") != -1) {\r\n            return false;\r\n        }\r\n        else if (ua.indexOf(\"Macintosh\") != -1) {\r\n            return false;\r\n        }\r\n        else {\r\n            return false;\r\n        }\r\n    }\r\n\r\n\r\n    // by chul\r\n    function browserCheck() {\r\n        var ver = 0; // \ube0c\ub77c\uc6b0\uc800  \ubc84\uc804\uc815\ubcf4\r\n        var strbrowser = \"\";\r\n        if (navigator.appName.charAt(0) == \"N\") {\r\n            if (navigator.userAgent.indexOf(\"Chrome\") != -1) {\r\n                strbrowser = \"Chrome\";\r\n                //\t\t\tver = getInternetVersion(\"Chrome\");\r\n                //\t\t\talert(\"Chrome\"+ver+\"\uc785\ub2c8\ub2e4.\"); \r\n            }\r\n            else if (navigator.userAgent.indexOf(\"Firefox\") != -1) {\r\n                strbrowser = \"Firefox\";\r\n                ///\t\t\tver = getInternetVersion(\"Firefox\");\r\n                //\t\t\talert(\"Firefox\"+ver+\"\uc785\ub2c8\ub2e4.\");\r\n            }\r\n            else if (navigator.userAgent.indexOf(\"Safari\") != -1) {\r\n                strbrowser = \"Safari\";\r\n                //ver = getInternetVersion(\"Safari\");\r\n                //\t\t\talert(\"Safari\"+ver+\"\uc785\ub2c8\ub2e4.\");\r\n            }\r\n            //\t\telse\r\n            //\t\t\talert(\"Safari\uc785\ub2c8\ub2e4.\");\r\n\r\n            return strbrowser;\r\n        }\r\n        else if (navigator.appName.charAt(0) == \"M\") {\r\n            strbrowser = \"MSIE\";\r\n            //\t\tver = getInternetVersion(\"MSIE\");\r\n            //\t\talert(\"MSIE\uc785\ub2c8\ub2e4.\");\r\n            return strbrowser;\r\n        }\r\n        else {\r\n            //\t\t\talert(\"Safari\uc785\ub2c8\ub2e4.\");\r\n\r\n            return strbrowser;\r\n        }\r\n    }\r\n\r\n    function stop() {\r\n        return false;\r\n    }\r\n    //document.onmousewheel = stop;\r\n\r\n    function getQuerystring(key, default_) {\r\n        if (default_ == null) default_ = \"\";\r\n        key = key.replace(/[\\[]/, \"\\\\\\[\").replace(/[\\]]/, \"\\\\\\]\");\r\n        var regex = new RegExp(\"[\\\\?&]\" + key + \"=([^&#]*)\");\r\n        var qs = regex.exec(window.location.href);\r\n        if (qs == null)\r\n            return default_;\r\n        else\r\n            return qs[1];\r\n    }\r\n\r\n    function GetContentFrameSrc() {\r\n        var strSrc = \"about:blank\";\r\n        var strIP = getQuerystring(\"ip\");\r\n        var strPORT = getQuerystring(\"port\");\r\n        var strAction = getQuerystring(\"action\");\r\n\r\n        if (strAction == \"\" ||\r\n            (strAction != \"live\" && strAction != \"search\"  && strAction != \"setup\") )\r\n            strAction = \"live\";\r\n\r\n        if (BrowserDetect.OS == 'Windows') {\r\n\r\n            if (BrowserDetect.browser == 'Explorer') {\r\n                strSrc = \"/cgi-bin/webviewer?action=\" + strAction + \"&ip=\" + strIP + \"&port=\" + strPORT;\r\n            }\r\n            else if ( (BrowserDetect.browser == 'Firefox' && BrowserDetect.version >= 3.6) ||\r\n                      (BrowserDetect.browser == 'Chrome' && BrowserDetect.version >= 12) ) {\r\n                strSrc = \"/cgi-bin/sl_webviewer?ip=\" + strIP + \"&port=\" + strPORT;\r\n            }\r\n            else\r\n                strSrc = \"/cgi-bin/webviewer?action=\" + strAction + \"&ip=\" + strIP + \"&port=\" + strPORT;\r\n\r\n        }\r\n        else if (BrowserDetect.OS == 'Mac') {\r\n\r\n            if ( (BrowserDetect.browser == 'Safari' && BrowserDetect.version >= 4) ||\r\n                 (BrowserDetect.browser == 'Firefox' && BrowserDetect.version >= 3.6)) {\r\n                strSrc = \"/cgi-bin/sl_webviewer?ip=\" + strIP + \"&port=\" + strPORT;\r\n            }\r\n            else\r\n                strSrc = \"/cgi-bin/webviewer?action=\" + strAction + \"&ip=\" + strIP + \"&port=\" + strPORT;\r\n        }\r\n\r\n        return strSrc;\r\n    }\r\n\r\n    function body_onload() {\r\n\r\n        //document.getElementById(\"iframeContentFrame\").src = GetContentFrameSrc();\r\n\r\n        body_onresize();\r\n    }\r\n\r\n    function GetContentFrameLeftPos() {\r\n        var niFramePositionLeft;\r\n        var niFrameWidth = document.getElementById(\"iframeContentFrame\").width;\r\n\r\n        niFramePositionLeft = (document.body.clientWidth - niFrameWidth) / 2;\r\n\r\n        if (niFramePositionLeft < 0)\r\n            niFramePositionLeft = 0;\r\n\r\n        return niFramePositionLeft;\r\n    }\r\n\r\n    ///// 20120807 by kjw\r\n    ///// ActiveX\ud398\uc774\uc9c0\uc5d0\uc11c \uae30\uc874 \ubc29\uc2dd\uc73c\ub85c \uc911\uc559\uc815\ub82c\uc2dc(center \ud0dc\uadf8) ie8\uc5d0\uc11c \ud31d\uc5c5\ucc3d \ub744\uc6b8 \ub54c \ud654\uba74\uc774 \uc67c\ucabd\uc73c\ub85c \uc6c0\uc9c1\uc774\ub294 \ubb38\uc81c\uac00 \uc788\uc74c.\r\n    ///// \uadf8\ub798\uc11c body \ud0dc\uadf8\uc758 onresize \uc774\ubca4\ud2b8\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc911\uc559\uc815\ub82c \ud558\ub3c4\ub85d \uc218\uc815\ud568.\r\n    function body_onresize() {\r\n        document.getElementById(\"iframeContentFrame\").style.left = GetContentFrameLeftPos();\r\n    }\r\n\r\n</script>\r\n</head>\r\n\r\n<body onload=\"body_onload();\" leftmargin=0 topmargin=0 oncontextmenu=\"return false\" onresize=\"body_onresize()\">\r\n\r\n<script type=\"text/javascript\" language=\"javascript\">\r\n    ///// 20120820 kjw\r\n    ///// html \ud0dc\uadf8\ub85c iframe \uc0dd\uc131 \ud6c4 \ud398\uc774\uc9c0 \uc0c8\ub85c \uace0\uce68\uc2dc \uce90\uc26c\ub41c \ud398\uc774\uc9c0\uac00 \ubbf8\ub9ac \ub85c\ub4dc\ub418\uc5b4\r\n    ///// body_onload()\uc5d0\uc11c src\ub97c \uc911\ubcf5 \uc0dd\uc131\ud558\uac8c \ub418\uc5b4 \ud398\uc774\uc9c0\uac00 2\ubc88 \uc0dd\uc131\ub418\ub294 \ubb38\uc81c\uac00 \uc788\uc5b4\uc11c\r\n    ///// \uc774\uc804 \ubc29\uc2dd\ub300\ub85c document.write\ub97c \uc0ac\uc6a9\ud558\uc600\uc74c.\r\n    document.write(\"<iframe id='iframeContentFrame' src = '\" + GetContentFrameSrc() + \"' style='position:absolute;top:18px;left:0px' name='content_frame' width=1000 height=655 scrolling=no frameborder=0 marginwidth=0 marginheight=0></iframe>\");\r\n\r\n    body_onresize();\r\n</script>\r\n\r\n</body>\r\n</html>",
   "datamd5" : "c04758f0b0ff9aeb589d41b31d96d267",
   "datammh3" : 1962017179,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "ocn.ne.jp"
   ],
   "geolocus" : {
      "asn" : "AS4713",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "nic.ad.jp",
         "ocn.ad.jp"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "OCN",
      "organization" : "NTT Communications Corporation",
      "subnet" : "153.128.0.0/10"
   },
   "host" : [
      "p13050-ipngnfx01imazuka"
   ],
   "hostname" : [
      "p13050-ipngnfx01imazuka.yamagata.ocn.ne.jp"
   ],
   "ip" : "153.142.0.242",
   "ipv6" : "false",
   "latitude" : "36.2530",
   "location" : "36.2530,138.8780",
   "longitude" : "138.8780",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "NTT Communications Corporation",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8080,
   "product" : "lighttpd",
   "productvendor" : "lighttpd",
   "productversion" : "1.4.35",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "p13050-ipngnfx01imazuka.yamagata.ocn.ne.jp"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "yamagata.ocn.ne.jp"
   ],
   "subnet" : "153.128.0.0/10",
   "tld" : [
      "ne.jp"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

104.22.52.150

Network

104.16.0.0/12

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://104.22.52.150:8080/ 403

ASN

AS13335

Organization

CLOUDFLARENET

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

Cloudflare Cloudflare

CPE(s)

<enterprise field>: cpe

Data MD5

ca761ee029789ca72db6c6f3b936d413

HTTP Header MD5

01c6c27d74da5007a39c22497e11b124

HTTP Body MD5

53f80a90b30f477d3a50c23d37458769

HTTP/1.1 403 Forbidden
Date: Thu, 07 Nov 2024 03:27:21 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 8dea3a1ccc4c848e-HKG

error code: 1003

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:22.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "53f80a90b30f477d3a50c23d37458769",
         "bodymmh3" : 90341761,
         "headermd5" : "01c6c27d74da5007a39c22497e11b124",
         "headermmh3" : -1229027510
      },
      "length" : 407
   },
   "asn" : "AS13335",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nDate: Thu, 07 Nov 2024 03:27:21 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nContent-Length: 16\r\nConnection: close\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: same-origin\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nServer: cloudflare\r\nCF-RAY: 8dea3a1ccc4c848e-HKG\r\n\r\nerror code: 1003",
   "datamd5" : "ca761ee029789ca72db6c6f3b936d413",
   "datammh3" : 1482332680,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS13335",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cloudflare.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CLOUDFLARENET",
      "organization" : "Cloudflare, Inc.",
      "subnet" : "104.16.0.0/13"
   },
   "ip" : "104.22.52.150",
   "ipv6" : "false",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CLOUDFLARENET",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8080,
   "product" : "Cloudflare",
   "productvendor" : "Cloudflare",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 403,
   "subnet" : "104.16.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

175.230.2.153

Network

175.224.0.0/11

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://175.230.2.153:8080/ 404

ASN

AS4766

Organization

Korea Telecom

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Data MD5

9b75dae3a83cd77a429d19d05b0682b6

HTTP Header MD5

9d5c667c01a93392fff19727a7b0ed11

HTTP Body MD5

c0655496e1fcbdeaee5fc78cb9e56cdb

HTTP/1.1 404 Not Found
Content-Type: text/plain
Content-Length: 30
Connection: close

Error 404: Not Found
Not Found

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:21.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "c0655496e1fcbdeaee5fc78cb9e56cdb",
         "bodymmh3" : 491246029,
         "headermd5" : "9d5c667c01a93392fff19727a7b0ed11",
         "headermmh3" : 178653510
      },
      "length" : 121
   },
   "asn" : "AS4766",
   "country" : "KR",
   "data" : "HTTP/1.1 404 Not Found\r\nContent-Type: text/plain\r\nContent-Length: 30\r\nConnection: close\r\n\r\nError 404: Not Found\nNot Found",
   "datamd5" : "9b75dae3a83cd77a429d19d05b0682b6",
   "datammh3" : 886450533,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4766",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "kt.com",
         "nic.or.kr"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "KORNET",
      "organization" : "Korea Telecom",
      "subnet" : "175.224.0.0/11"
   },
   "ip" : "175.230.2.153",
   "ipv6" : "false",
   "latitude" : "37.5112",
   "location" : "37.5112,126.9741",
   "longitude" : "126.9741",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Korea Telecom",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "175.224.0.0/11",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

14.94.218.194

Network

14.64.0.0/11

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://14.94.218.194:8080/ 404

ASN

AS4766

Organization

Korea Telecom

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Data MD5

9b75dae3a83cd77a429d19d05b0682b6

HTTP Header MD5

9d5c667c01a93392fff19727a7b0ed11

HTTP Body MD5

c0655496e1fcbdeaee5fc78cb9e56cdb

HTTP/1.1 404 Not Found
Content-Type: text/plain
Content-Length: 30
Connection: close

Error 404: Not Found
Not Found

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:21.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "c0655496e1fcbdeaee5fc78cb9e56cdb",
         "bodymmh3" : 491246029,
         "headermd5" : "9d5c667c01a93392fff19727a7b0ed11",
         "headermmh3" : 178653510
      },
      "length" : 121
   },
   "asn" : "AS4766",
   "country" : "KR",
   "data" : "HTTP/1.1 404 Not Found\r\nContent-Type: text/plain\r\nContent-Length: 30\r\nConnection: close\r\n\r\nError 404: Not Found\nNot Found",
   "datamd5" : "9b75dae3a83cd77a429d19d05b0682b6",
   "datammh3" : 886450533,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS38683",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "kt.com",
         "nic.or.kr"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "KORNET",
      "organization" : "Korea Telecom",
      "subnet" : "14.64.0.0/11"
   },
   "ip" : "14.94.218.194",
   "ipv6" : "false",
   "latitude" : "37.5112",
   "location" : "37.5112,126.9741",
   "longitude" : "126.9741",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Korea Telecom",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "14.64.0.0/11",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

178.61.225.181

Network

178.61.0.0/16

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://178.61.225.181:8080/ 400

ASN

AS21050

Organization

Fast Communication Company Ltd

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Data MD5

f4731c338a5d6765112c012c3c781d14

HTTP Header MD5

694667c4cf9e739a08312cfe96102f40

HTTP Body MD5

d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 400 Bad Request
Connection: close
Content-Type: text/plain
Transfer-Encoding: chunked

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:21.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "headermd5" : "694667c4cf9e739a08312cfe96102f40",
         "headermmh3" : -941490440
      },
      "length" : 101
   },
   "asn" : "AS21050",
   "city" : "Kuwait City",
   "country" : "KW",
   "data" : "HTTP/1.1 400 Bad Request\r\nConnection: close\r\nContent-Type: text/plain\r\nTransfer-Encoding: chunked\r\n\r\n",
   "datamd5" : "f4731c338a5d6765112c012c3c781d14",
   "datammh3" : 1346652258,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS21050",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KW",
      "countryname" : "Kuwait",
      "domain" : [
         "fasttelco.net"
      ],
      "isineu" : "false",
      "latitude" : "29.31166",
      "location" : "29.31166,47.481766",
      "longitude" : "47.481766",
      "netname" : "KW-FAST-TELCO-20100222",
      "organization" : "Fast Communication Company Ltd",
      "subnet" : "178.61.0.0/16"
   },
   "ip" : "178.61.225.181",
   "ipv6" : "false",
   "latitude" : "29.3645",
   "location" : "29.3645,47.9889",
   "longitude" : "47.9889",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Fast Communication Company Ltd",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "178.61.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

98.248.220.18

Network

98.248.220.0/23

Domain(s)

comcast.net

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://98.248.220.18:8080/ 200

HTTP Title

Xfinity

Reverse DNS

c-98-248-220-18.hsd1.ca.comcast.net

ASN

AS7922

Organization

COMCAST-7922

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

lighttpd lighttpd

HTTP Component(s)

jQuery jQuery 1.9.1 PHP PHP 5.6.31

CPE(s)

<enterprise field>: cpe

Data MD5

d0122d29e1292c4de6e5c9d3975abc55

HTTP Header MD5

c1599a83ffb7e229273dd0b14298045f

HTTP Body MD5

bd0a1cbd7f20357dd2159bfefd1bb02f

HTTP/1.1 200 OK
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: img-src 'self'; font-src 'self'; form-action 'self';
X-Powered-By: PHP/5.6.31
Content-type: text/html; charset=UTF-8
Content-Length: 15337
Connection: close
Date: Thu, 07 Nov 2024 03:27:02 GMT
Server: lighttpd

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
	<title>Xfinity</title>
	<!--CSS-->
	<link rel="stylesheet" type="text/css" media="screen" href="./cmn/css/common-min.css" />
	<!--[if IE 6]>
	<link rel="stylesheet" type="text/css" href="./cmn/css/ie6-min.css" />
	<![endif]-->
	<!--[if IE 7]>
	<link rel="stylesheet" type="text/css" href="./cmn/css/ie7-min.css" />
	<![endif]-->
	<link rel="stylesheet" type="text/css" media="print" href="./cmn/css/print.css" />
	<link rel="stylesheet" type="text/css" media="screen" href="./cmn/css/lib/jquery.radioswitch.css" />
	<!--Character Encoding-->
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
	<script type="text/javascript" src="./cmn/js/lib/jquery-1.9.1.js"></script>
	<script type="text/javascript" src="./cmn/js/lib/jquery-migrate-1.2.1.js"></script>
	<script type="text/javascript" src="./cmn/js/lib/jquery.validate.js"></script>
	<script type="text/javascript" src="./cmn/js/lib/jquery.alerts.js"></script>
	<script type="text/javascript" src="./cmn/js/lib/jquery.alerts.progress.js"></script>
	<script type="text/javascript" src="./cmn/js/lib/jquery.ciscoExt.js"></script>
	<script type="text/javascript" src="./cmn/js/lib/jquery.highContrastDetect.js"></script>
	<script type="text/javascript" src="./cmn/js/lib/jquery.radioswitch.js"></script>
	<script type="text/javascript" src="./cmn/js/lib/jquery.virtualDialog.js"></script>
	<script type="text/javascript" src="./cmn/js/utilityFunctions.js"></script>
	<script type="text/javascript" src="./cmn/js/comcast.js"></script>
	<style>
		#div-skip-to {
			position:relative;
			left: 150px;
			top: -300px;
		}
		#div-skip-to a {
			position: absolute;
			top: 0;
		}
		#div-skip-to a:active, #div-skip-to a:focus {
			top: 300px;
			color: #0000FF;
			/*background-color: #b3d4fc;*/
		}
	</style>
</head>
<body>
	<!--Main Container - Centers Everything-->
	<div id="container">
		<!--Header-->
		<div id="header">
			<h2 id="logo"><img src="./cmn/img/logo_xfinity.png" alt="Xfinity" title="Xfinity" /></h2>
		</div> <!-- end #header -->
		<div id='div-skip-to' style="display: none;">
			<a id="skip-link" name="skip-link" href="#content">Skip to content</a>
		</div>
		<!--Main Content-->
		<div id="main-content">
<!-- $Id: at_a_glance.dory.php 2943 2009-08-25 20:58:43Z slemoine $ -->
<div id="sub-header">
	<!--dynamic generate user bar icon and tips-->
		<script type="text/javascript">
	$(document).ready(function() {
	});
</script>
<style>
	#status a:link, #status a:visited {
		text-decoration: none;
		color: #808080;
	}
</style>
<ul id="status">
	<li id="sta_batt" class="battery first-child"><div class="sprite_cont"><span class="bat-0" ><img src="./cmn/img/icn_battery.png"  alt="Battery icon" title="Battery icon" /></span></div><a role="toolbar" href="javascript: void(0);" tabindex="0">0%</a>
		<!-- NOTE: When this value changes JS will set the battery icon -->
	</li><li id="sta_inet" class="internet"><span class="value on-off sprite_cont"><img src="./cmn/img/icn_on_off.png" alt="Internet Online" /></span><a href="javascript: void(0);" tabindex="0">Internet<div class="tooltip">Loading...</div></a></li><li id="sta_wifi" class="wifi"><span class="value on-off sprite_cont"><img src="./cmn/img/icn_on_off.png" alt="Wi-Fi Online" /></span><a href="javascript: void(0);" tabindex="0">Wi-Fi<div class="tooltip">Loading...</div></a></li><li id="sta_moca" class="MoCA off"><span class="value on-off sprite_cont"><img src="./cmn/img/icn_on_off.png" alt="MoCA Offline" /></span><a href="javascript: void(0);" tabindex="0">MoCA<div class="tooltip">Loading...</div></a></li><li id="sta_fire" class="security last off"><span class="value on-off sprite_cont"><img src="./cmn/img/icn_on_off.png" alt="Security Off" /></span><a href="javascript: void(0);" tabindex="0"><span>Low Security</span><div class="tooltip">Loading...</div></a></li></ul>
</div><!-- end #sub-header -->
<!--div id="nav"-->
<div style="float: left; margin: 0 20px 20px 0; width: 182px;">
	<form action="check.php" method="post" id="pageForm"  onsubmit="return f();">
	<div>
		<table>
			<tr>
				<td><label for="username"><b>Username:</b></label></td>
				<td><input type="text"     id="username" name="username" style="width: 120px;" class="text" autocomplete="off" /></td>
			</tr>
			<tr>
				<td><label for="password"><b>Password:</b></label></td>
				<td><input type="password" id="password" name="password" style="width: 120px;" class="text" autocomplete="off" /></td>
			</tr>
		</table>
	</div>
	<div class="form-btn">
		<input type="submit" class="btn" value="Login" />
	</div>
</form>
</div>
<script type="text/javascript">
$(document).ready(function() {
	var sta_batt = "0";
	var sta_inet = "true";
	var sta_wifi = "true";
	var sta_moca = "false";
	var sta_fire = "Low";
	var user_type = "admin";
	/*
	* get status when hover or tab focused one by one
	* but for screen reader we have to load all status once
	* below code can easily rollback
	*/
	// $("[id^='sta_']:not(#sta_batt)").one("mouseenter",function(){
	// var theObj = $(this);
	// var target = theObj.attr("id");
	// var status = ("sta_fire"==target)? sta_fire : !(theObj.hasClass("off"));
	// var jsConfig = '{"status":"'+status+'", "target":"'+target+'"}';
	var jsConfig = '{"target":"'+"sta_inet,sta_wifi,sta_moca,sta_fire"
	+'", "status":"'+sta_inet+','+sta_wifi+','+sta_moca+','+sta_fire+'"'
	+', "user_type":"'+user_type+'"}';
	$.ajax({
		type: "POST",
		url: "actionHandler/ajaxSet_index_userbar.php",
		data: { configInfo: jsConfig },
		dataType: "json",
		success: function(msg) {
			// theObj.find(".tooltip").html(msg.tips);
			for (var i=0; i<msg.tags.length; i++){
				$("#"+msg.tags[i]).find(".tooltip").html(msg.tips[i].replace(/-/g, "<br/>"));
			}
		},
		error: function(){
			// does something
		}
	});
	// });
	// show pop-up info when focus
	$("#status a").focus(function() {
		$(this).mouseenter();
	});
	// disappear previous pop-up
	$("#status a").blur(function() {
		$(".tooltip").hide();
	});
	comcast.page.init("Login", "nav-login");
	$("#pageForm").validate({
		errorElement : "p"
		,errorContainer : "#error-msg-box"
		,invalidHandler: function(form, validator) {
			var errors = validator.numberOfInvalids();
			if (errors) {
				var message = errors == 1 ? 'You missed 1 field. It has been highlighted' : 'You missed ' + errors + ' fields. They have been highlighted';
				$("div.error").html(message);
				$("div.error").show();
			} else {
				$("div.error").hide();
			}
		}
		,rules : {
			username: {
				required: true
				,minlength: 3
			}
			,password: {
				required: true
				,minlength: 3
			}
		}
		,messages: {
			username: {
				required: "Username cannot be blank. Please enter a valid username."
			}
			,password: {
				required: "Password cannot be blank. Please enter a valid password."
				,minlength: "Password must be at least 3 characters."
			}
		}
	});
	$("#username").focus();
	$("#username").val("");
	$("#password").val("");
});
function f()
{
	var username;
	username = document.getElementById("username");
	username.value = (username.value.toLowerCase());
	//get the form id and submit it
	var form = document.getElementById("pageForm");
	form.submit();
	return true;
}
</script>
<div id="content">
	<h1>Gateway > Login</h1>
	<div id="educational-tip">
		<p class="tip">Please login to view your Wi-Fi passkey or to view and edit detailed network settings.</p>
	</div>
<div class="module block" id="wifi-config"><div><h2>Wi-Fi Configuration</h2></div><div class="form-row even"><div class="form-row even"><span class="readonlyLabel">Wi-Fi SSID (2.4GHz):</span><span style="font-weight: bold; white-space: pre;" class="value">HOME-E3E9-2.4</span></div><div class="form-row even"><span class="readonlyLabel">Wi-Fi Passkey (2.4GHz):</span><span class="value">Log in to view passkey</span></div></div><div class="form-row odd"><div class="form-row even"><span class="readonlyLabel">Wi-Fi SSID (5GHz):</span><span style="font-weight: bold; white-space: pre;" class="value">HOME-E3E9-5</span></div><div class="form-row odd"><span class="readonlyLabel">Wi-Fi Passkey (5GHz):</span><span class="value">Log in to view passkey</span></div></div></div><div class="module block" id="home-network"><div><h2>Home Network</h2><div class="form-row"><span class="on-off sprite_cont"><img src="./cmn/img/icn_on_off.png" alt='Ethernet On' /></span> <span class="readonlyLabel">Ethernet</span></div><div class="form-row odd"><span class="on-off sprite_cont"><img src="./cmn/img/icn_on_off.png" alt='Wi-Fi On' /></span> <span class="readonlyLabel">Wi-Fi</span></div><div class="form-row off"><span class="on-off sprite_cont"><img src="./cmn/img/icn_on_off.png" alt='MoCA Off' /></span> <span class="readonlyLabel">MoCA</span></div>			<div class="form-row odd">
				<span class="readonlyLabel">Firewall Security Level:</span> <span class="value">Low</span>
			</div>
		</div>
	</div> <!-- end .module -->
	<div id="internet-usage" class="module form">
		<h2 style="margin-bottom: -5px;">Connected Devices</h2>
		<table class="data" summary="This table displays Online Devices connected">
		    <tr>
			<th style="background: #f85f01;" id="active-icon" ></th>
			<th style="background: #f85f01;" id="host-name" >Host Name</th>
			<th style="background: #f85f01;" id="mac-address" >MAC Address</th>
			<th style="background: #f85f01;" id="connection-type" >Connection Type</th>
		    </tr>
		<tr class='form-row '>
							<td width='5%' class='readonlyLabel' headers='active-icon'><span class="on-off sprite_cont"><img src="./cmn/img/icn_on_off.png" alt='Host On' /></span></td>
							<td width='40%' class='readonlyLabel' headers='host-name'>DESKTOP-EV4CFFL</td>
							<td width='' class='readonlyLabel' headers='mac-address'>94:65:9C:1E:08:84</td>
							<td width='' class='readonlyLabel' headers='connection-type'>Wi-Fi 2.4G</td>
						      </tr>
								</table>
			</div> <!-- end .module -->
	<!--div class="module">
		<div class="select-row">
			<span class="readonlyLabel label">IGMP Snooping:&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp</span>
						<ul id="IGMP_snooping_switch" class="radio-btns enable">
				<li>
					<input id="IGMP_snooping_enabled" name="IGMP_snooping" type="radio"  value="Enabled"/>
					<label for="IGMP_snooping_enabled" >Enable </label>
				</li>
				<li class="radio-off">
					<input id="IGMP_snooping_disabled" name="IGMP_snooping" type="radio"  value="Disabled" checked="checked"/>
					<label for="IGMP_snooping_disabled" >Disable </label>
				</li>
			</ul>
					</div>
	</div-->
</div><!-- end #content -->
<!-- $Id: footer.php 2976 2009-09-02 21:42:51Z cporto $ -->
		</div> <!-- end #main-content-->
		<!--Footer-->
		<div id="footer">
			<ul id="footer-links">
				<li class="first-child"><a href="http://www.xfinity.com" target="_blank">Xfinity.com</a></li>
				<li style="list-style:none outside none; margin-left:10px">&#8226;&nbsp;&nbsp;<a href="https://customer.comcast.com/" target="_blank">customerCentral</a></li>
				<li style="list-style:none outside none; margin-left:10px">&#8226;&nbsp;&nbsp;<a href="http://customer.comcast.com/userguides" target="_blank">User Guide</a></li>
			</ul>
		</div> <!-- end #footer -->
	</div> <!-- end #container -->
<script type="text/javascript">
$(document).ready(function() {
	// focus current page link, must after page.init()
	//$('#nav [href="'+location.href.replace(/^.*\//g, '')+'"]').focus();		// need a "skip nav" function
	$("#skip-link").click(function () {
        $('#content').attr('tabIndex', -1).focus();  //this is to fix skip-link doesn't work on webkit-based Chrome
    });
	// change radio-btn status and do ajax when press "enter"
	//$(".radio-btns a").keydown(function(event){
	$(".radio-btns a").keypress(function(event){
		var keycode = (event.keyCode ? event.keyCode : event.which);
		if(13 == keycode){
			if (!$(this).parent(".radio-btns").find("li").hasClass("selected")){
				return;		// do nothing if has disabled class, don't detect disabled attr for radio-btn
			}
			// console.log($(this).find(":radio").hasClass("disabled"));
			$(this).find(":radio").trigger('click');
			$(this).find(":radio").trigger('change');
			$(this).parent(".radio-btns").radioToButton();
		}
	});
	// press Esc to skip menu and goto first control of content
	// Esc:keypress:which is zero in FF, Esc:keypress is not work in Chrome
	$("#nav").keydown(function(event){
		var keycode = (event.keyCode ? event.keyCode : event.which);
		if(27 == keycode){
			$("#content textarea:eq(0)").focus();
			$("#content input:eq(0)").focus();
			$("#content a:eq(0)").focus();			// high priority element to focus			
		}
		// alert(event.keyCode+"---"+event.which+"---"+event.charCode);		
	});
	/* changes for high contrast mode */
	$.highContrastDetect({useExtraCss: true, debugInNormalMode: false});
	if ($.__isHighContrast) {
		/* change plus/minus tree indicator of nav menu */
		$("#nav a.top-level").prepend('<span class="hi_nav_top_indi">[+]</span>');
		$("#nav a.folder").prepend('<span class="hi_nav_folder_indi">[+]</span>');
		$("#nav a.top-level-active span.hi_nav_top_indi").text("[-]");
		$("#nav a.folder").click(function() {
			/* this should be called after nav state changed */
			var $link = $(this);
			if ($link.hasClass("folder-open")) {
				$link.children("span.hi_nav_folder_indi").text("[-]");
			}
			else {
				$link.children("span.hi_nav_folder_indi").text("[+]");
			}
		});
	}
	/*
	*	these 3 sections for radio-btn accessibility, as a workaround, maybe should put at the front of .ready().
	*/
	// add "role" and "title" for ARIA, attr may need to be embedded into html
	$(".radio-btns a").each(function(){
		$(this).attr("role", "radio").attr("title", $(this).closest("ul").prev().text() + $(this).find("label").text());
	});
	// monitor "aria-checked" status for JAWS, NOTE: better depends on input element
	$(".radio-btns").change(function(){
		$(this).find("a").each(function(){
			$(this).attr("aria-checked", $(this).find("input").attr("checked") ? "true" : "false");
		});
	});
	//give the initial status, do not trigger change above
	$(".radio-btns").find("a").each(function(){
		$(this).attr("aria-checked", $(this).find("input").attr("checked") ? "true" : "false");
	});

       // grey any 2.4G operation
       if ("0" == ctrl11n) {
               // radio
               $(".div_enable_radio:lt(1)").find(".radioswitch_cont").radioswitch("doEnable", false).find(".rs_selected label").css("color", "black");
               $(".div_radio_setting:lt(2)").find("input,select").prop("disabled", true);
               // ssid of private/xhs/hhs
               var $theObj = $("#pageForm");
               if ($theObj.find("h2").text().indexOf('2.4 GHz') != -1) {
                       $theObj.find(".radioswitch_cont").radioswitch("doEnable", false).find(".rs_selected label").css("color", "black");
                       $theObj.find("input,select").prop("disabled", true);
               }
               // wizard
               $("#wizard-form-buttons").closest('form').find('div:lt(3) *').prop("disabled", true);
       }

});
</script>	
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:16.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "comcast.com",
            "w3.org",
            "xfinity.com"
         ],
         "file" : [
            "ajaxset_index_userbar.php",
            "check.php"
         ],
         "hostname" : [
            "customer.comcast.com",
            "www.w3.org",
            "www.xfinity.com"
         ],
         "url" : [
            "http://customer.comcast.com/userguides",
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd",
            "http://www.xfinity.com",
            "https://customer.comcast.com/"
         ]
      },
      "http" : {
         "bodymd5" : "bd0a1cbd7f20357dd2159bfefd1bb02f",
         "bodymmh3" : -893457592,
         "component" : [
            {
               "productversion" : "5.6.31",
               "productvendor" : "PHP",
               "product" : "PHP"
            },
            {
               "product" : "jQuery",
               "productversion" : "1.9.1",
               "productvendor" : "jQuery"
            }
         ],
         "headermd5" : "c1599a83ffb7e229273dd0b14298045f",
         "headermmh3" : -1436341991,
         "title" : "Xfinity"
      },
      "length" : 15687
   },
   "asn" : "AS7922",
   "city" : "Dublin",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nX-Frame-Options: deny\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: img-src 'self'; font-src 'self'; form-action 'self';\r\nX-Powered-By: PHP/5.6.31\r\nContent-type: text/html; charset=UTF-8\r\nContent-Length: 15337\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 03:27:02 GMT\r\nServer: lighttpd\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n<head>\n\t<title>Xfinity</title>\n\t<!--CSS-->\n\t<link rel=\"stylesheet\" type=\"text/css\" media=\"screen\" href=\"./cmn/css/common-min.css\" />\n\t<!--[if IE 6]>\n\t<link rel=\"stylesheet\" type=\"text/css\" href=\"./cmn/css/ie6-min.css\" />\n\t<![endif]-->\n\t<!--[if IE 7]>\n\t<link rel=\"stylesheet\" type=\"text/css\" href=\"./cmn/css/ie7-min.css\" />\n\t<![endif]-->\n\t<link rel=\"stylesheet\" type=\"text/css\" media=\"print\" href=\"./cmn/css/print.css\" />\n\t<link rel=\"stylesheet\" type=\"text/css\" media=\"screen\" href=\"./cmn/css/lib/jquery.radioswitch.css\" />\n\t<!--Character Encoding-->\n\t<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\" />\n\t<script type=\"text/javascript\" src=\"./cmn/js/lib/jquery-1.9.1.js\"></script>\n\t<script type=\"text/javascript\" src=\"./cmn/js/lib/jquery-migrate-1.2.1.js\"></script>\n\t<script type=\"text/javascript\" src=\"./cmn/js/lib/jquery.validate.js\"></script>\n\t<script type=\"text/javascript\" src=\"./cmn/js/lib/jquery.alerts.js\"></script>\n\t<script type=\"text/javascript\" src=\"./cmn/js/lib/jquery.alerts.progress.js\"></script>\n\t<script type=\"text/javascript\" src=\"./cmn/js/lib/jquery.ciscoExt.js\"></script>\n\t<script type=\"text/javascript\" src=\"./cmn/js/lib/jquery.highContrastDetect.js\"></script>\n\t<script type=\"text/javascript\" src=\"./cmn/js/lib/jquery.radioswitch.js\"></script>\n\t<script type=\"text/javascript\" src=\"./cmn/js/lib/jquery.virtualDialog.js\"></script>\n\t<script type=\"text/javascript\" src=\"./cmn/js/utilityFunctions.js\"></script>\n\t<script type=\"text/javascript\" src=\"./cmn/js/comcast.js\"></script>\n\t<style>\n\t\t#div-skip-to {\n\t\t\tposition:relative;\n\t\t\tleft: 150px;\n\t\t\ttop: -300px;\n\t\t}\n\t\t#div-skip-to a {\n\t\t\tposition: absolute;\n\t\t\ttop: 0;\n\t\t}\n\t\t#div-skip-to a:active, #div-skip-to a:focus {\n\t\t\ttop: 300px;\n\t\t\tcolor: #0000FF;\n\t\t\t/*background-color: #b3d4fc;*/\n\t\t}\n\t</style>\n</head>\n<body>\n\t<!--Main Container - Centers Everything-->\n\t<div id=\"container\">\n\t\t<!--Header-->\n\t\t<div id=\"header\">\n\t\t\t<h2 id=\"logo\"><img src=\"./cmn/img/logo_xfinity.png\" alt=\"Xfinity\" title=\"Xfinity\" /></h2>\n\t\t</div> <!-- end #header -->\n\t\t<div id='div-skip-to' style=\"display: none;\">\n\t\t\t<a id=\"skip-link\" name=\"skip-link\" href=\"#content\">Skip to content</a>\n\t\t</div>\n\t\t<!--Main Content-->\n\t\t<div id=\"main-content\">\n<!-- $Id: at_a_glance.dory.php 2943 2009-08-25 20:58:43Z slemoine $ -->\n<div id=\"sub-header\">\n\t<!--dynamic generate user bar icon and tips-->\n\t\t<script type=\"text/javascript\">\n\t$(document).ready(function() {\n\t});\n</script>\n<style>\n\t#status a:link, #status a:visited {\n\t\ttext-decoration: none;\n\t\tcolor: #808080;\n\t}\n</style>\n<ul id=\"status\">\n\t<li id=\"sta_batt\" class=\"battery first-child\"><div class=\"sprite_cont\"><span class=\"bat-0\" ><img src=\"./cmn/img/icn_battery.png\"  alt=\"Battery icon\" title=\"Battery icon\" /></span></div><a role=\"toolbar\" href=\"javascript: void(0);\" tabindex=\"0\">0%</a>\n\t\t<!-- NOTE: When this value changes JS will set the battery icon -->\n\t</li><li id=\"sta_inet\" class=\"internet\"><span class=\"value on-off sprite_cont\"><img src=\"./cmn/img/icn_on_off.png\" alt=\"Internet Online\" /></span><a href=\"javascript: void(0);\" tabindex=\"0\">Internet<div class=\"tooltip\">Loading...</div></a></li><li id=\"sta_wifi\" class=\"wifi\"><span class=\"value on-off sprite_cont\"><img src=\"./cmn/img/icn_on_off.png\" alt=\"Wi-Fi Online\" /></span><a href=\"javascript: void(0);\" tabindex=\"0\">Wi-Fi<div class=\"tooltip\">Loading...</div></a></li><li id=\"sta_moca\" class=\"MoCA off\"><span class=\"value on-off sprite_cont\"><img src=\"./cmn/img/icn_on_off.png\" alt=\"MoCA Offline\" /></span><a href=\"javascript: void(0);\" tabindex=\"0\">MoCA<div class=\"tooltip\">Loading...</div></a></li><li id=\"sta_fire\" class=\"security last off\"><span class=\"value on-off sprite_cont\"><img src=\"./cmn/img/icn_on_off.png\" alt=\"Security Off\" /></span><a href=\"javascript: void(0);\" tabindex=\"0\"><span>Low Security</span><div class=\"tooltip\">Loading...</div></a></li></ul>\n</div><!-- end #sub-header -->\n<!--div id=\"nav\"-->\n<div style=\"float: left; margin: 0 20px 20px 0; width: 182px;\">\n\t<form action=\"check.php\" method=\"post\" id=\"pageForm\"  onsubmit=\"return f();\">\n\t<div>\n\t\t<table>\n\t\t\t<tr>\n\t\t\t\t<td><label for=\"username\"><b>Username:</b></label></td>\n\t\t\t\t<td><input type=\"text\"     id=\"username\" name=\"username\" style=\"width: 120px;\" class=\"text\" autocomplete=\"off\" /></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td><label for=\"password\"><b>Password:</b></label></td>\n\t\t\t\t<td><input type=\"password\" id=\"password\" name=\"password\" style=\"width: 120px;\" class=\"text\" autocomplete=\"off\" /></td>\n\t\t\t</tr>\n\t\t</table>\n\t</div>\n\t<div class=\"form-btn\">\n\t\t<input type=\"submit\" class=\"btn\" value=\"Login\" />\n\t</div>\n</form>\n</div>\n<script type=\"text/javascript\">\n$(document).ready(function() {\n\tvar sta_batt = \"0\";\n\tvar sta_inet = \"true\";\n\tvar sta_wifi = \"true\";\n\tvar sta_moca = \"false\";\n\tvar sta_fire = \"Low\";\n\tvar user_type = \"admin\";\n\t/*\n\t* get status when hover or tab focused one by one\n\t* but for screen reader we have to load all status once\n\t* below code can easily rollback\n\t*/\n\t// $(\"[id^='sta_']:not(#sta_batt)\").one(\"mouseenter\",function(){\n\t// var theObj = $(this);\n\t// var target = theObj.attr(\"id\");\n\t// var status = (\"sta_fire\"==target)? sta_fire : !(theObj.hasClass(\"off\"));\n\t// var jsConfig = '{\"status\":\"'+status+'\", \"target\":\"'+target+'\"}';\n\tvar jsConfig = '{\"target\":\"'+\"sta_inet,sta_wifi,sta_moca,sta_fire\"\n\t+'\", \"status\":\"'+sta_inet+','+sta_wifi+','+sta_moca+','+sta_fire+'\"'\n\t+', \"user_type\":\"'+user_type+'\"}';\n\t$.ajax({\n\t\ttype: \"POST\",\n\t\turl: \"actionHandler/ajaxSet_index_userbar.php\",\n\t\tdata: { configInfo: jsConfig },\n\t\tdataType: \"json\",\n\t\tsuccess: function(msg) {\n\t\t\t// theObj.find(\".tooltip\").html(msg.tips);\n\t\t\tfor (var i=0; i<msg.tags.length; i++){\n\t\t\t\t$(\"#\"+msg.tags[i]).find(\".tooltip\").html(msg.tips[i].replace(/-/g, \"<br/>\"));\n\t\t\t}\n\t\t},\n\t\terror: function(){\n\t\t\t// does something\n\t\t}\n\t});\n\t// });\n\t// show pop-up info when focus\n\t$(\"#status a\").focus(function() {\n\t\t$(this).mouseenter();\n\t});\n\t// disappear previous pop-up\n\t$(\"#status a\").blur(function() {\n\t\t$(\".tooltip\").hide();\n\t});\n\tcomcast.page.init(\"Login\", \"nav-login\");\n\t$(\"#pageForm\").validate({\n\t\terrorElement : \"p\"\n\t\t,errorContainer : \"#error-msg-box\"\n\t\t,invalidHandler: function(form, validator) {\n\t\t\tvar errors = validator.numberOfInvalids();\n\t\t\tif (errors) {\n\t\t\t\tvar message = errors == 1 ? 'You missed 1 field. It has been highlighted' : 'You missed ' + errors + ' fields. They have been highlighted';\n\t\t\t\t$(\"div.error\").html(message);\n\t\t\t\t$(\"div.error\").show();\n\t\t\t} else {\n\t\t\t\t$(\"div.error\").hide();\n\t\t\t}\n\t\t}\n\t\t,rules : {\n\t\t\tusername: {\n\t\t\t\trequired: true\n\t\t\t\t,minlength: 3\n\t\t\t}\n\t\t\t,password: {\n\t\t\t\trequired: true\n\t\t\t\t,minlength: 3\n\t\t\t}\n\t\t}\n\t\t,messages: {\n\t\t\tusername: {\n\t\t\t\trequired: \"Username cannot be blank. Please enter a valid username.\"\n\t\t\t}\n\t\t\t,password: {\n\t\t\t\trequired: \"Password cannot be blank. Please enter a valid password.\"\n\t\t\t\t,minlength: \"Password must be at least 3 characters.\"\n\t\t\t}\n\t\t}\n\t});\n\t$(\"#username\").focus();\n\t$(\"#username\").val(\"\");\n\t$(\"#password\").val(\"\");\n});\nfunction f()\n{\n\tvar username;\n\tusername = document.getElementById(\"username\");\n\tusername.value = (username.value.toLowerCase());\n\t//get the form id and submit it\n\tvar form = document.getElementById(\"pageForm\");\n\tform.submit();\n\treturn true;\n}\n</script>\n<div id=\"content\">\n\t<h1>Gateway > Login</h1>\n\t<div id=\"educational-tip\">\n\t\t<p class=\"tip\">Please login to view your Wi-Fi passkey or to view and edit detailed network settings.</p>\n\t</div>\n<div class=\"module block\" id=\"wifi-config\"><div><h2>Wi-Fi Configuration</h2></div><div class=\"form-row even\"><div class=\"form-row even\"><span class=\"readonlyLabel\">Wi-Fi SSID (2.4GHz):</span><span style=\"font-weight: bold; white-space: pre;\" class=\"value\">HOME-E3E9-2.4</span></div><div class=\"form-row even\"><span class=\"readonlyLabel\">Wi-Fi Passkey (2.4GHz):</span><span class=\"value\">Log in to view passkey</span></div></div><div class=\"form-row odd\"><div class=\"form-row even\"><span class=\"readonlyLabel\">Wi-Fi SSID (5GHz):</span><span style=\"font-weight: bold; white-space: pre;\" class=\"value\">HOME-E3E9-5</span></div><div class=\"form-row odd\"><span class=\"readonlyLabel\">Wi-Fi Passkey (5GHz):</span><span class=\"value\">Log in to view passkey</span></div></div></div><div class=\"module block\" id=\"home-network\"><div><h2>Home Network</h2><div class=\"form-row\"><span class=\"on-off sprite_cont\"><img src=\"./cmn/img/icn_on_off.png\" alt='Ethernet On' /></span> <span class=\"readonlyLabel\">Ethernet</span></div><div class=\"form-row odd\"><span class=\"on-off sprite_cont\"><img src=\"./cmn/img/icn_on_off.png\" alt='Wi-Fi On' /></span> <span class=\"readonlyLabel\">Wi-Fi</span></div><div class=\"form-row off\"><span class=\"on-off sprite_cont\"><img src=\"./cmn/img/icn_on_off.png\" alt='MoCA Off' /></span> <span class=\"readonlyLabel\">MoCA</span></div>\t\t\t<div class=\"form-row odd\">\n\t\t\t\t<span class=\"readonlyLabel\">Firewall Security Level:</span> <span class=\"value\">Low</span>\n\t\t\t</div>\n\t\t</div>\n\t</div> <!-- end .module -->\n\t<div id=\"internet-usage\" class=\"module form\">\n\t\t<h2 style=\"margin-bottom: -5px;\">Connected Devices</h2>\n\t\t<table class=\"data\" summary=\"This table displays Online Devices connected\">\n\t\t    <tr>\n\t\t\t<th style=\"background: #f85f01;\" id=\"active-icon\" ></th>\n\t\t\t<th style=\"background: #f85f01;\" id=\"host-name\" >Host Name</th>\n\t\t\t<th style=\"background: #f85f01;\" id=\"mac-address\" >MAC Address</th>\n\t\t\t<th style=\"background: #f85f01;\" id=\"connection-type\" >Connection Type</th>\n\t\t    </tr>\n\t\t<tr class='form-row '>\n\t\t\t\t\t\t\t<td width='5%' class='readonlyLabel' headers='active-icon'><span class=\"on-off sprite_cont\"><img src=\"./cmn/img/icn_on_off.png\" alt='Host On' /></span></td>\n\t\t\t\t\t\t\t<td width='40%' class='readonlyLabel' headers='host-name'>DESKTOP-EV4CFFL</td>\n\t\t\t\t\t\t\t<td width='' class='readonlyLabel' headers='mac-address'>94:65:9C:1E:08:84</td>\n\t\t\t\t\t\t\t<td width='' class='readonlyLabel' headers='connection-type'>Wi-Fi 2.4G</td>\n\t\t\t\t\t\t      </tr>\n\t\t\t\t\t\t\t\t</table>\n\t\t\t</div> <!-- end .module -->\n\t<!--div class=\"module\">\n\t\t<div class=\"select-row\">\n\t\t\t<span class=\"readonlyLabel label\">IGMP Snooping:&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp</span>\n\t\t\t\t\t\t<ul id=\"IGMP_snooping_switch\" class=\"radio-btns enable\">\n\t\t\t\t<li>\n\t\t\t\t\t<input id=\"IGMP_snooping_enabled\" name=\"IGMP_snooping\" type=\"radio\"  value=\"Enabled\"/>\n\t\t\t\t\t<label for=\"IGMP_snooping_enabled\" >Enable </label>\n\t\t\t\t</li>\n\t\t\t\t<li class=\"radio-off\">\n\t\t\t\t\t<input id=\"IGMP_snooping_disabled\" name=\"IGMP_snooping\" type=\"radio\"  value=\"Disabled\" checked=\"checked\"/>\n\t\t\t\t\t<label for=\"IGMP_snooping_disabled\" >Disable </label>\n\t\t\t\t</li>\n\t\t\t</ul>\n\t\t\t\t\t</div>\n\t</div-->\n</div><!-- end #content -->\n<!-- $Id: footer.php 2976 2009-09-02 21:42:51Z cporto $ -->\r\n\t\t</div> <!-- end #main-content-->\r\n\t\t<!--Footer-->\r\n\t\t<div id=\"footer\">\r\n\t\t\t<ul id=\"footer-links\">\r\n\t\t\t\t<li class=\"first-child\"><a href=\"http://www.xfinity.com\" target=\"_blank\">Xfinity.com</a></li>\r\n\t\t\t\t<li style=\"list-style:none outside none; margin-left:10px\">&#8226;&nbsp;&nbsp;<a href=\"https://customer.comcast.com/\" target=\"_blank\">customerCentral</a></li>\r\n\t\t\t\t<li style=\"list-style:none outside none; margin-left:10px\">&#8226;&nbsp;&nbsp;<a href=\"http://customer.comcast.com/userguides\" target=\"_blank\">User Guide</a></li>\r\n\t\t\t</ul>\r\n\t\t</div> <!-- end #footer -->\r\n\t</div> <!-- end #container -->\r\n<script type=\"text/javascript\">\r\n$(document).ready(function() {\r\n\t// focus current page link, must after page.init()\r\n\t//$('#nav [href=\"'+location.href.replace(/^.*\\//g, '')+'\"]').focus();\t\t// need a \"skip nav\" function\r\n\t$(\"#skip-link\").click(function () {\r\n        $('#content').attr('tabIndex', -1).focus();  //this is to fix skip-link doesn't work on webkit-based Chrome\r\n    });\r\n\t// change radio-btn status and do ajax when press \"enter\"\r\n\t//$(\".radio-btns a\").keydown(function(event){\r\n\t$(\".radio-btns a\").keypress(function(event){\r\n\t\tvar keycode = (event.keyCode ? event.keyCode : event.which);\r\n\t\tif(13 == keycode){\r\n\t\t\tif (!$(this).parent(\".radio-btns\").find(\"li\").hasClass(\"selected\")){\r\n\t\t\t\treturn;\t\t// do nothing if has disabled class, don't detect disabled attr for radio-btn\r\n\t\t\t}\r\n\t\t\t// console.log($(this).find(\":radio\").hasClass(\"disabled\"));\r\n\t\t\t$(this).find(\":radio\").trigger('click');\r\n\t\t\t$(this).find(\":radio\").trigger('change');\r\n\t\t\t$(this).parent(\".radio-btns\").radioToButton();\r\n\t\t}\r\n\t});\r\n\t// press Esc to skip menu and goto first control of content\r\n\t// Esc:keypress:which is zero in FF, Esc:keypress is not work in Chrome\r\n\t$(\"#nav\").keydown(function(event){\r\n\t\tvar keycode = (event.keyCode ? event.keyCode : event.which);\r\n\t\tif(27 == keycode){\r\n\t\t\t$(\"#content textarea:eq(0)\").focus();\r\n\t\t\t$(\"#content input:eq(0)\").focus();\r\n\t\t\t$(\"#content a:eq(0)\").focus();\t\t\t// high priority element to focus\t\t\t\r\n\t\t}\r\n\t\t// alert(event.keyCode+\"---\"+event.which+\"---\"+event.charCode);\t\t\r\n\t});\r\n\t/* changes for high contrast mode */\r\n\t$.highContrastDetect({useExtraCss: true, debugInNormalMode: false});\r\n\tif ($.__isHighContrast) {\r\n\t\t/* change plus/minus tree indicator of nav menu */\r\n\t\t$(\"#nav a.top-level\").prepend('<span class=\"hi_nav_top_indi\">[+]</span>');\r\n\t\t$(\"#nav a.folder\").prepend('<span class=\"hi_nav_folder_indi\">[+]</span>');\r\n\t\t$(\"#nav a.top-level-active span.hi_nav_top_indi\").text(\"[-]\");\r\n\t\t$(\"#nav a.folder\").click(function() {\r\n\t\t\t/* this should be called after nav state changed */\r\n\t\t\tvar $link = $(this);\r\n\t\t\tif ($link.hasClass(\"folder-open\")) {\r\n\t\t\t\t$link.children(\"span.hi_nav_folder_indi\").text(\"[-]\");\r\n\t\t\t}\r\n\t\t\telse {\r\n\t\t\t\t$link.children(\"span.hi_nav_folder_indi\").text(\"[+]\");\r\n\t\t\t}\r\n\t\t});\r\n\t}\r\n\t/*\r\n\t*\tthese 3 sections for radio-btn accessibility, as a workaround, maybe should put at the front of .ready().\r\n\t*/\r\n\t// add \"role\" and \"title\" for ARIA, attr may need to be embedded into html\r\n\t$(\".radio-btns a\").each(function(){\r\n\t\t$(this).attr(\"role\", \"radio\").attr(\"title\", $(this).closest(\"ul\").prev().text() + $(this).find(\"label\").text());\r\n\t});\r\n\t// monitor \"aria-checked\" status for JAWS, NOTE: better depends on input element\r\n\t$(\".radio-btns\").change(function(){\r\n\t\t$(this).find(\"a\").each(function(){\r\n\t\t\t$(this).attr(\"aria-checked\", $(this).find(\"input\").attr(\"checked\") ? \"true\" : \"false\");\r\n\t\t});\r\n\t});\r\n\t//give the initial status, do not trigger change above\r\n\t$(\".radio-btns\").find(\"a\").each(function(){\r\n\t\t$(this).attr(\"aria-checked\", $(this).find(\"input\").attr(\"checked\") ? \"true\" : \"false\");\r\n\t});\r\n\r\n       // grey any 2.4G operation\r\n       if (\"0\" == ctrl11n) {\r\n               // radio\r\n               $(\".div_enable_radio:lt(1)\").find(\".radioswitch_cont\").radioswitch(\"doEnable\", false).find(\".rs_selected label\").css(\"color\", \"black\");\r\n               $(\".div_radio_setting:lt(2)\").find(\"input,select\").prop(\"disabled\", true);\r\n               // ssid of private/xhs/hhs\r\n               var $theObj = $(\"#pageForm\");\r\n               if ($theObj.find(\"h2\").text().indexOf('2.4 GHz') != -1) {\r\n                       $theObj.find(\".radioswitch_cont\").radioswitch(\"doEnable\", false).find(\".rs_selected label\").css(\"color\", \"black\");\r\n                       $theObj.find(\"input,select\").prop(\"disabled\", true);\r\n               }\r\n               // wizard\r\n               $(\"#wizard-form-buttons\").closest('form').find('div:lt(3) *').prop(\"disabled\", true);\r\n       }\r\n\r\n});\r\n</script>\t\r\n</body>\r\n</html>\r\n",
   "datamd5" : "d0122d29e1292c4de6e5c9d3975abc55",
   "datammh3" : -323415075,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "comcast.net"
   ],
   "geolocus" : {
      "asn" : "AS7922",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "comcast.com",
         "comcast.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "BAYAREA-CPE-28",
      "organization" : "Comcast Cable Communications, LLC",
      "subnet" : "98.248.0.0/16"
   },
   "host" : [
      "c-98-248-220-18"
   ],
   "hostname" : [
      "c-98-248-220-18.hsd1.ca.comcast.net"
   ],
   "ip" : "98.248.220.18",
   "ipv6" : "false",
   "latitude" : "37.7022",
   "location" : "37.7022,-121.9358",
   "longitude" : "-121.9358",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "COMCAST-7922",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8080,
   "product" : "lighttpd",
   "productvendor" : "lighttpd",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "c-98-248-220-18.hsd1.ca.comcast.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ca.comcast.net",
      "hsd1.ca.comcast.net"
   ],
   "subnet" : "98.248.220.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

104.129.45.155

Network

104.129.40.0/21

Domain(s)

quadranet.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://104.129.45.155:8080/ 400

HTTP Title

ERROR: The requested URL could not be retrieved

Reverse DNS

104.129.45.155.static.quadranet.com

ASN

AS8100

Organization

ASN-QUADRANET-GLOBAL

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

squid-cache Squid 3.5.20

HTTP Component(s)

squid-cache Squid

CPE(s)

<enterprise field>: cpe

Data MD5

467dc579eb206fbbb4f26ff7829c8c80

HTTP Header MD5

49a24a427634ec054cb11ad596f68961

HTTP Body MD5

258e0c3ab22c18c1fdb8122cb7e50569

HTTP/1.1 400 Bad Request
Server: squid/3.5.20
Mime-Version: 1.0
Date: Thu, 07 Nov 2024 03:35:37 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3414
X-Squid-Error: ERR_INVALID_URL 0
Connection: close


<html><head>
<meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!-- 
 /*
 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/*
 Stylesheet for Squid Error pages
 Adapted from design by Free CSS Templates
 http://www.freecsstemplates.org
 Released for free under a Creative Commons Attribution 2.5 License
*/

/* Page basics */
* {
	font-family: verdana, sans-serif;
}

html body {
	margin: 0;
	padding: 0;
	background: #efefef;
	font-size: 12px;
	color: #1e1e1e;
}

/* Page displayed title area */
#titles {
	margin-left: 15px;
	padding: 10px;
	padding-left: 100px;
	background: url('/squid-internal-static/icons/SN.png') no-repeat left;
}

/* initial title */
#titles h1 {
	color: #000000;
}
#titles h2 {
	color: #000000;
}

/* special event: FTP success page titles */
#titles ftpsuccess {
	background-color:#00ff00;
	width:100%;
}

/* Page displayed body content area */
#content {
	padding: 10px;
	background: #ffffff;
}

/* General text */
p {
}

/* error brief description */
#error p {
}

/* some data which may have caused the problem */
#data {
}

/* the error message received from the system or other software */
#sysmsg {
}

pre {
    font-family:sans-serif;
}

/* special event: FTP / Gopher directory listing */
#dirmsg {
    font-family: courier;
    color: black;
    font-size: 10pt;
}
#dirlisting {
    margin-left: 2%;
    margin-right: 2%;
}
#dirlisting tr.entry td.icon,td.filename,td.size,td.date {
    border-bottom: groove;
}
#dirlisting td.size {
    width: 50px;
    text-align: right;
    padding-right: 5px;
}

/* horizontal lines */
hr {
	margin: 0;
}

/* page displayed footer area */
#footer {
	font-size: 9px;
	padding-left: 10px;
}


body
:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }
:lang(he) { direction: rtl; }
 --></style>
</head><body id="ERR_INVALID_URL">
<div id="titles">
<h1>ERROR</h1>
<h2>The requested URL could not be retrieved</h2>
</div>
<hr>

<div id="content">
<p>The following error was encountered while trying to retrieve the URL: <a href="/">/</a></p>

<blockquote id="error">
<p><b>Invalid URL</b></p>
</blockquote>

<p>Some aspect of the requested URL is incorrect.</p>

<p>Some possible problems are:</p>
<ul>
<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>
<li><p>Missing hostname</p></li>
<li><p>Illegal double-escape in the URL-Path</p></li>
<li><p>Illegal character in hostname; underscores are not allowed.</p></li>
</ul>

<p>Your cache administrator is <a href="mailto:root?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20host%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Thu,%2007%20Nov%202024%2003%3A35%3A37%20GMT%0D%0A%0D%0AClientIP%3A%20<srcip>%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A">root</a>.</p>
<br>
</div>

<hr>
<div id="footer">
<p>Generated Thu, 07 Nov 2024 03:35:37 GMT by host (squid/3.5.20)</p>
<!-- ERR_INVALID_URL -->
</div>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:14.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "freecsstemplates.org"
         ],
         "hostname" : [
            "www.freecsstemplates.org"
         ],
         "url" : [
            "http://www.freecsstemplates.org"
         ]
      },
      "http" : {
         "bodymd5" : "258e0c3ab22c18c1fdb8122cb7e50569",
         "bodymmh3" : 313390560,
         "component" : [
            {
               "product" : "Squid",
               "productvendor" : "squid-cache"
            }
         ],
         "headermd5" : "49a24a427634ec054cb11ad596f68961",
         "headermmh3" : -861719333,
         "title" : "ERROR: The requested URL could not be retrieved"
      },
      "length" : 3631
   },
   "asn" : "AS8100",
   "city" : "Miami",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: squid/3.5.20\r\nMime-Version: 1.0\r\nDate: Thu, 07 Nov 2024 03:35:37 GMT\r\nContent-Type: text/html;charset=utf-8\r\nContent-Length: 3414\r\nX-Squid-Error: ERR_INVALID_URL 0\r\nConnection: close\r\n\r\n\n<html><head>\n<meta type=\"copyright\" content=\"Copyright (C) 1996-2016 The Squid Software Foundation and contributors\">\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>ERROR: The requested URL could not be retrieved</title>\n<style type=\"text/css\"><!-- \n /*\n * Copyright (C) 1996-2016 The Squid Software Foundation and contributors\n *\n * Squid software is distributed under GPLv2+ license and includes\n * contributions from numerous individuals and organizations.\n * Please see the COPYING and CONTRIBUTORS files for details.\n */\n\n/*\n Stylesheet for Squid Error pages\n Adapted from design by Free CSS Templates\n http://www.freecsstemplates.org\n Released for free under a Creative Commons Attribution 2.5 License\n*/\n\n/* Page basics */\n* {\n\tfont-family: verdana, sans-serif;\n}\n\nhtml body {\n\tmargin: 0;\n\tpadding: 0;\n\tbackground: #efefef;\n\tfont-size: 12px;\n\tcolor: #1e1e1e;\n}\n\n/* Page displayed title area */\n#titles {\n\tmargin-left: 15px;\n\tpadding: 10px;\n\tpadding-left: 100px;\n\tbackground: url('/squid-internal-static/icons/SN.png') no-repeat left;\n}\n\n/* initial title */\n#titles h1 {\n\tcolor: #000000;\n}\n#titles h2 {\n\tcolor: #000000;\n}\n\n/* special event: FTP success page titles */\n#titles ftpsuccess {\n\tbackground-color:#00ff00;\n\twidth:100%;\n}\n\n/* Page displayed body content area */\n#content {\n\tpadding: 10px;\n\tbackground: #ffffff;\n}\n\n/* General text */\np {\n}\n\n/* error brief description */\n#error p {\n}\n\n/* some data which may have caused the problem */\n#data {\n}\n\n/* the error message received from the system or other software */\n#sysmsg {\n}\n\npre {\n    font-family:sans-serif;\n}\n\n/* special event: FTP / Gopher directory listing */\n#dirmsg {\n    font-family: courier;\n    color: black;\n    font-size: 10pt;\n}\n#dirlisting {\n    margin-left: 2%;\n    margin-right: 2%;\n}\n#dirlisting tr.entry td.icon,td.filename,td.size,td.date {\n    border-bottom: groove;\n}\n#dirlisting td.size {\n    width: 50px;\n    text-align: right;\n    padding-right: 5px;\n}\n\n/* horizontal lines */\nhr {\n\tmargin: 0;\n}\n\n/* page displayed footer area */\n#footer {\n\tfont-size: 9px;\n\tpadding-left: 10px;\n}\n\n\nbody\n:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }\n:lang(he) { direction: rtl; }\n --></style>\n</head><body id=\"ERR_INVALID_URL\">\n<div id=\"titles\">\n<h1>ERROR</h1>\n<h2>The requested URL could not be retrieved</h2>\n</div>\n<hr>\n\n<div id=\"content\">\n<p>The following error was encountered while trying to retrieve the URL: <a href=\"/\">/</a></p>\n\n<blockquote id=\"error\">\n<p><b>Invalid URL</b></p>\n</blockquote>\n\n<p>Some aspect of the requested URL is incorrect.</p>\n\n<p>Some possible problems are:</p>\n<ul>\n<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>\n<li><p>Missing hostname</p></li>\n<li><p>Illegal double-escape in the URL-Path</p></li>\n<li><p>Illegal character in hostname; underscores are not allowed.</p></li>\n</ul>\n\n<p>Your cache administrator is <a href=\"mailto:root?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20host%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Thu,%2007%20Nov%202024%2003%3A35%3A37%20GMT%0D%0A%0D%0AClientIP%3A%20<srcip>%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A\">root</a>.</p>\n<br>\n</div>\n\n<hr>\n<div id=\"footer\">\n<p>Generated Thu, 07 Nov 2024 03:35:37 GMT by host (squid/3.5.20)</p>\n<!-- ERR_INVALID_URL -->\n</div>\n</body></html>\n",
   "datamd5" : "467dc579eb206fbbb4f26ff7829c8c80",
   "datammh3" : 2128717148,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "quadranet.com"
   ],
   "geolocus" : {
      "asn" : "AS8100",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "quadranet.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "QUADRANET",
      "organization" : "QuadraNet Enterprises LLC",
      "subnet" : "104.129.40.0/21"
   },
   "host" : [
      104
   ],
   "hostname" : [
      "104.129.45.155.static.quadranet.com"
   ],
   "ip" : "104.129.45.155",
   "ipv6" : "false",
   "latitude" : "25.7838",
   "location" : "25.7838,-80.1866",
   "longitude" : "-80.1866",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-QUADRANET-GLOBAL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8080,
   "product" : "Squid",
   "productvendor" : "squid-cache",
   "productversion" : "3.5.20",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "104.129.45.155.static.quadranet.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "129.45.155.static.quadranet.com",
      "155.static.quadranet.com",
      "45.155.static.quadranet.com",
      "static.quadranet.com"
   ],
   "subnet" : "104.129.40.0/21",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

38.152.196.101

Network

38.152.196.0/22

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://38.152.196.101:8080/ 400

HTTP Title

ERROR: The requested URL could not be retrieved

ASN

AS36352

Organization

AS-COLOCROSSING

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

squid-cache Squid 3.5.20

HTTP Component(s)

squid-cache Squid

CPE(s)

<enterprise field>: cpe

Data MD5

8af94b0d5f814d296aa8321ddf34c8f5

HTTP Header MD5

49a24a427634ec054cb11ad596f68961

HTTP Body MD5

258e0c3ab22c18c1fdb8122cb7e50569

HTTP/1.1 400 Bad Request
Server: squid/3.5.20
Mime-Version: 1.0
Date: Thu, 07 Nov 2024 03:27:13 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3414
X-Squid-Error: ERR_INVALID_URL 0
Connection: close


<html><head>
<meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!-- 
 /*
 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/*
 Stylesheet for Squid Error pages
 Adapted from design by Free CSS Templates
 http://www.freecsstemplates.org
 Released for free under a Creative Commons Attribution 2.5 License
*/

/* Page basics */
* {
	font-family: verdana, sans-serif;
}

html body {
	margin: 0;
	padding: 0;
	background: #efefef;
	font-size: 12px;
	color: #1e1e1e;
}

/* Page displayed title area */
#titles {
	margin-left: 15px;
	padding: 10px;
	padding-left: 100px;
	background: url('/squid-internal-static/icons/SN.png') no-repeat left;
}

/* initial title */
#titles h1 {
	color: #000000;
}
#titles h2 {
	color: #000000;
}

/* special event: FTP success page titles */
#titles ftpsuccess {
	background-color:#00ff00;
	width:100%;
}

/* Page displayed body content area */
#content {
	padding: 10px;
	background: #ffffff;
}

/* General text */
p {
}

/* error brief description */
#error p {
}

/* some data which may have caused the problem */
#data {
}

/* the error message received from the system or other software */
#sysmsg {
}

pre {
    font-family:sans-serif;
}

/* special event: FTP / Gopher directory listing */
#dirmsg {
    font-family: courier;
    color: black;
    font-size: 10pt;
}
#dirlisting {
    margin-left: 2%;
    margin-right: 2%;
}
#dirlisting tr.entry td.icon,td.filename,td.size,td.date {
    border-bottom: groove;
}
#dirlisting td.size {
    width: 50px;
    text-align: right;
    padding-right: 5px;
}

/* horizontal lines */
hr {
	margin: 0;
}

/* page displayed footer area */
#footer {
	font-size: 9px;
	padding-left: 10px;
}


body
:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }
:lang(he) { direction: rtl; }
 --></style>
</head><body id="ERR_INVALID_URL">
<div id="titles">
<h1>ERROR</h1>
<h2>The requested URL could not be retrieved</h2>
</div>
<hr>

<div id="content">
<p>The following error was encountered while trying to retrieve the URL: <a href="/">/</a></p>

<blockquote id="error">
<p><b>Invalid URL</b></p>
</blockquote>

<p>Some aspect of the requested URL is incorrect.</p>

<p>Some possible problems are:</p>
<ul>
<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>
<li><p>Missing hostname</p></li>
<li><p>Illegal double-escape in the URL-Path</p></li>
<li><p>Illegal character in hostname; underscores are not allowed.</p></li>
</ul>

<p>Your cache administrator is <a href="mailto:root?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20host%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Thu,%2007%20Nov%202024%2003%3A27%3A13%20GMT%0D%0A%0D%0AClientIP%3A%20<srcip>%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A">root</a>.</p>
<br>
</div>

<hr>
<div id="footer">
<p>Generated Thu, 07 Nov 2024 03:27:13 GMT by host (squid/3.5.20)</p>
<!-- ERR_INVALID_URL -->
</div>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:13.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "freecsstemplates.org"
         ],
         "hostname" : [
            "www.freecsstemplates.org"
         ],
         "url" : [
            "http://www.freecsstemplates.org"
         ]
      },
      "http" : {
         "bodymd5" : "258e0c3ab22c18c1fdb8122cb7e50569",
         "bodymmh3" : -1486661046,
         "component" : [
            {
               "product" : "Squid",
               "productvendor" : "squid-cache"
            }
         ],
         "headermd5" : "49a24a427634ec054cb11ad596f68961",
         "headermmh3" : -598626457,
         "title" : "ERROR: The requested URL could not be retrieved"
      },
      "length" : 3631
   },
   "asn" : "AS36352",
   "city" : "Los Angeles",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: squid/3.5.20\r\nMime-Version: 1.0\r\nDate: Thu, 07 Nov 2024 03:27:13 GMT\r\nContent-Type: text/html;charset=utf-8\r\nContent-Length: 3414\r\nX-Squid-Error: ERR_INVALID_URL 0\r\nConnection: close\r\n\r\n\n<html><head>\n<meta type=\"copyright\" content=\"Copyright (C) 1996-2016 The Squid Software Foundation and contributors\">\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>ERROR: The requested URL could not be retrieved</title>\n<style type=\"text/css\"><!-- \n /*\n * Copyright (C) 1996-2016 The Squid Software Foundation and contributors\n *\n * Squid software is distributed under GPLv2+ license and includes\n * contributions from numerous individuals and organizations.\n * Please see the COPYING and CONTRIBUTORS files for details.\n */\n\n/*\n Stylesheet for Squid Error pages\n Adapted from design by Free CSS Templates\n http://www.freecsstemplates.org\n Released for free under a Creative Commons Attribution 2.5 License\n*/\n\n/* Page basics */\n* {\n\tfont-family: verdana, sans-serif;\n}\n\nhtml body {\n\tmargin: 0;\n\tpadding: 0;\n\tbackground: #efefef;\n\tfont-size: 12px;\n\tcolor: #1e1e1e;\n}\n\n/* Page displayed title area */\n#titles {\n\tmargin-left: 15px;\n\tpadding: 10px;\n\tpadding-left: 100px;\n\tbackground: url('/squid-internal-static/icons/SN.png') no-repeat left;\n}\n\n/* initial title */\n#titles h1 {\n\tcolor: #000000;\n}\n#titles h2 {\n\tcolor: #000000;\n}\n\n/* special event: FTP success page titles */\n#titles ftpsuccess {\n\tbackground-color:#00ff00;\n\twidth:100%;\n}\n\n/* Page displayed body content area */\n#content {\n\tpadding: 10px;\n\tbackground: #ffffff;\n}\n\n/* General text */\np {\n}\n\n/* error brief description */\n#error p {\n}\n\n/* some data which may have caused the problem */\n#data {\n}\n\n/* the error message received from the system or other software */\n#sysmsg {\n}\n\npre {\n    font-family:sans-serif;\n}\n\n/* special event: FTP / Gopher directory listing */\n#dirmsg {\n    font-family: courier;\n    color: black;\n    font-size: 10pt;\n}\n#dirlisting {\n    margin-left: 2%;\n    margin-right: 2%;\n}\n#dirlisting tr.entry td.icon,td.filename,td.size,td.date {\n    border-bottom: groove;\n}\n#dirlisting td.size {\n    width: 50px;\n    text-align: right;\n    padding-right: 5px;\n}\n\n/* horizontal lines */\nhr {\n\tmargin: 0;\n}\n\n/* page displayed footer area */\n#footer {\n\tfont-size: 9px;\n\tpadding-left: 10px;\n}\n\n\nbody\n:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }\n:lang(he) { direction: rtl; }\n --></style>\n</head><body id=\"ERR_INVALID_URL\">\n<div id=\"titles\">\n<h1>ERROR</h1>\n<h2>The requested URL could not be retrieved</h2>\n</div>\n<hr>\n\n<div id=\"content\">\n<p>The following error was encountered while trying to retrieve the URL: <a href=\"/\">/</a></p>\n\n<blockquote id=\"error\">\n<p><b>Invalid URL</b></p>\n</blockquote>\n\n<p>Some aspect of the requested URL is incorrect.</p>\n\n<p>Some possible problems are:</p>\n<ul>\n<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>\n<li><p>Missing hostname</p></li>\n<li><p>Illegal double-escape in the URL-Path</p></li>\n<li><p>Illegal character in hostname; underscores are not allowed.</p></li>\n</ul>\n\n<p>Your cache administrator is <a href=\"mailto:root?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20host%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Thu,%2007%20Nov%202024%2003%3A27%3A13%20GMT%0D%0A%0D%0AClientIP%3A%20<srcip>%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A\">root</a>.</p>\n<br>\n</div>\n\n<hr>\n<div id=\"footer\">\n<p>Generated Thu, 07 Nov 2024 03:27:13 GMT by host (squid/3.5.20)</p>\n<!-- ERR_INVALID_URL -->\n</div>\n</body></html>\n",
   "datamd5" : "8af94b0d5f814d296aa8321ddf34c8f5",
   "datammh3" : -1108607421,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS36352",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "24shells.net",
         "cogentco.com",
         "servermania.com"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "BNS-34",
      "organization" : "B2 Net Solutions Inc.",
      "subnet" : "38.152.196.0/22"
   },
   "ip" : "38.152.196.101",
   "ipv6" : "false",
   "latitude" : "34.0544",
   "location" : "34.0544,-118.2441",
   "longitude" : "-118.2441",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AS-COLOCROSSING",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8080,
   "product" : "Squid",
   "productvendor" : "squid-cache",
   "productversion" : "3.5.20",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "38.152.196.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

185.212.85.69

Network

185.212.84.0/22

Domain(s)

geobuyer.eu

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://185.212.85.69:8080/ 403

Reverse DNS

hst.rv19.geobuyer.eu

ASN

AS201942

Organization

Soltia Consulting SL

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

c20a45b29127fa9b995166927b711667

HTTP Header MD5

e5a8cee57f9661844c495abbda0682bf

HTTP Body MD5

35c8c2139c520e262bb774579cbed909

HTTP/1.0 403 Access denied because Web Monitor access is not permitted from this source(no certificate presented). Please consult http-access directive in PMTA User Guide.
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

<html><body>Access denied because Web Monitor access is not permitted from this source(no certificate presented). Please consult http-access directive in PMTA User Guide.</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:13.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "35c8c2139c520e262bb774579cbed909",
         "bodymmh3" : -540154546,
         "headermd5" : "e5a8cee57f9661844c495abbda0682bf",
         "headermmh3" : 1534775900
      },
      "length" : 448
   },
   "asn" : "AS201942",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 403 Access denied because Web Monitor access is not permitted from this source(no certificate presented). Please consult http-access directive in PMTA User Guide.\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\n\r\n<html><body>Access denied because Web Monitor access is not permitted from this source(no certificate presented). Please consult http-access directive in PMTA User Guide.</body></html>\r\n",
   "datamd5" : "c20a45b29127fa9b995166927b711667",
   "datammh3" : 1741562256,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "geobuyer.eu"
   ],
   "geolocus" : {
      "asn" : "AS201942",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "ES",
      "countryname" : "Spain",
      "domain" : [
         "intermanaged.com"
      ],
      "isineu" : "true",
      "latitude" : "40.463667",
      "location" : "40.463667,-3.74922",
      "longitude" : "-3.74922",
      "netname" : "ES-INTERMANAGED-20170711",
      "organization" : "Invermae Solutions SL",
      "subnet" : "185.212.84.0/22"
   },
   "host" : [
      "hst"
   ],
   "hostname" : [
      "hst.rv19.geobuyer.eu"
   ],
   "ip" : "185.212.85.69",
   "ipv6" : "false",
   "latitude" : "40.4172",
   "location" : "40.4172,-3.6840",
   "longitude" : "-3.6840",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Soltia Consulting SL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8080,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Access denied because Web Monitor access is not permitted from this source(no certificate presented). Please consult http-access directive in PMTA User Guide.",
   "reverse" : [
      "hst.rv19.geobuyer.eu"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 403,
   "subdomains" : [
      "rv19.geobuyer.eu"
   ],
   "subnet" : "185.212.84.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "eu"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}