ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 272,056 in 0.058 second(s)

  • 154.6.166.212:9527 (tcp/http) - last seen on 2024-11-07 at 03:22:41 UTC

    • IP
      154.6.166.212
      Network
      154.6.166.0/24
      Domain(s)
      seminoleorder.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://154.6.166.212:9527/ 407

      Reverse DNS
      eblast.seminoleorder.net
      ASN
      AS212238
      Organization
      Datacamp Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      beff904528226673ee6dbdb9e7fe6002
      HTTP Header MD5
      4bd5a82db187fbf06a2b7f25b880c717
      HTTP Body MD5
      917a0ae17b6e9db13c448d39f37c69ca 
    • HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:41.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS212238",
   "city" : "Manila",
   "country" : "PH",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "seminoleorder.net"
   ],
   "geolocus" : {
      "asn" : "AS212238",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cogentco.com",
         "logicweb.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LOGICWEB",
      "organization" : "LogicWeb Inc.",
      "subnet" : "154.6.166.0/24"
   },
   "host" : [
      "eblast"
   ],
   "hostname" : [
      "eblast.seminoleorder.net"
   ],
   "ip" : "154.6.166.212",
   "ipv6" : "false",
   "latitude" : "14.6019",
   "location" : "14.6019,120.9896",
   "longitude" : "120.9896",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Datacamp Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9527,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "reverse" : [
      "eblast.seminoleorder.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "154.6.166.0/24",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 45.58.136.103:9527 (tcp/http) - last seen on 2024-11-07 at 03:22:41 UTC

    • IP
      45.58.136.103
      Network
      45.58.128.0/18
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://45.58.136.103:9527/ 404

      ASN
      AS46844
      Organization
      SHARKTECH
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      f6c3fb755ebf319bd4f7adf8a8f004a4
      HTTP Header MD5
      2efa45d4986bb02c3389c97c51f7d6d8
      HTTP Body MD5
      75d8bea19790a638a8dde30fd475dba6 
    • HTTP/1.1 404 Not Found
Server: github.com/arloor/HttpProxy
Content-Length: 13
connection: close

404 not found
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:41.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "75d8bea19790a638a8dde30fd475dba6",
         "bodymmh3" : -1132842553,
         "headermd5" : "2efa45d4986bb02c3389c97c51f7d6d8",
         "headermmh3" : -1903318649
      },
      "length" : 115
   },
   "asn" : "AS46844",
   "city" : "Amsterdam",
   "country" : "NL",
   "data" : "HTTP/1.1 404 Not Found\r\nServer: github.com/arloor/HttpProxy\r\nContent-Length: 13\r\nconnection: close\r\n\r\n404 not found",
   "datamd5" : "f6c3fb755ebf319bd4f7adf8a8f004a4",
   "datammh3" : -1096032576,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS46844",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "sharktech.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ST-AMS",
      "organization" : "Sharktech",
      "subnet" : "45.58.128.0/19"
   },
   "ip" : "45.58.136.103",
   "ipv6" : "false",
   "latitude" : "52.3759",
   "location" : "52.3759,4.8975",
   "longitude" : "4.8975",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SHARKTECH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9527,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "45.58.128.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 216.228.195.49:9527 (tcp/http) - last seen on 2024-11-07 at 03:22:40 UTC

    • IP
      216.228.195.49
      Network
      216.228.192.0/20
      Domain(s)
      eoni.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Ubuntu
      URL

      http://216.228.195.49:9527/ 302

      HTTP Title
      302 Found
      Reverse DNS
      216-228-195-49.eoni.com
      ASN
      AS12009
      Organization
      EONI
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Ubuntu
      Product
      Apache HTTP Server 2.4.29
      HTTP Component(s)
      Apache HTTP Server 2.4.29
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      5209e03f23fcb11ab5633cc3ffeddff6
      HTTP Header MD5
      ea4f2f348f352ba387970787851527c2
      HTTP Body MD5
      450c9165593e4af2b5fa4b8ff100c3e0 
    • HTTP/1.1 302 Found
Date: Thu, 07 Nov 2024 03:22:39 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://<ip>/
Content-Length: 289
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://<ip>/">here</a>.</p>
<hr>
<address>Apache/2.4.29 (Ubuntu) Server at <ip> Port 9527</address>
</body></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:40.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "450c9165593e4af2b5fa4b8ff100c3e0",
         "bodymmh3" : 170536895,
         "component" : [
            {
               "productversion" : "2.4.29",
               "productvendor" : "Apache",
               "product" : "HTTP Server"
            }
         ],
         "headermd5" : "ea4f2f348f352ba387970787851527c2",
         "headermmh3" : -1219387839,
         "title" : "302 Found"
      },
      "length" : 470
   },
   "asn" : "AS12009",
   "city" : "La Grande",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 03:22:39 GMT\r\nServer: Apache/2.4.29 (Ubuntu)\r\nLocation: https://<ip>/\r\nContent-Length: 289\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>302 Found</title>\n</head><body>\n<h1>Found</h1>\n<p>The document has moved <a href=\"https://<ip>/\">here</a>.</p>\n<hr>\n<address>Apache/2.4.29 (Ubuntu) Server at <ip> Port 9527</address>\n</body></html>\n",
   "datamd5" : "5209e03f23fcb11ab5633cc3ffeddff6",
   "datammh3" : 1855820411,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "eoni.com"
   ],
   "geolocus" : {
      "asn" : "AS12009",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "eoni.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "EONI",
      "organization" : "Eastern Oregon Net, Inc.",
      "subnet" : "216.228.192.0/20"
   },
   "host" : [
      "216-228-195-49"
   ],
   "hostname" : [
      "216-228-195-49.eoni.com"
   ],
   "ip" : "216.228.195.49",
   "ipv6" : "false",
   "latitude" : "45.3332",
   "location" : "45.3332,-118.0854",
   "longitude" : "-118.0854",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "EONI",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 9527,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.29",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "216-228-195-49.eoni.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "216.228.192.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 221.178.32.37:9527 (tcp/http) - last seen on 2024-11-07 at 03:22:27 UTC

    • IP
      221.178.32.37
      Network
      221.178.0.0/17
      Device

      <enterprise field>: device.class

      URL

      http://221.178.32.37:9527/ 400

      HTTP Title
      400 Bad Request
      ASN
      AS9808
      Organization
      China Mobile Communications Group Co., Ltd.
      Protocol
      http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      8a97ed3b5e8528f7f47381088029c585
      HTTP Header MD5
      07807c2fbb07e1d41fa1fd2188f9d986
      HTTP Body MD5
      d2a5eebf8595b300c2eda10581b58324 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 03:22:24 GMT
Content-Type: text/html
Content-Length: 2423
Connection: close
x-ws-request-id: 672c3270_PS-CKG-01SsH29_26859-15305

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 03:22:24 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-CKG-01SsH29
				<br>URL: http://<ip>:9527/
				<br>Request-Id: 672c3270_PS-CKG-01SsH29_26859-15305
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:9527/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:27.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d2a5eebf8595b300c2eda10581b58324",
         "bodymmh3" : -1679592916,
         "headermd5" : "07807c2fbb07e1d41fa1fd2188f9d986",
         "headermmh3" : 1566246929,
         "title" : "400 Bad Request"
      },
      "length" : 2599
   },
   "asn" : "AS9808",
   "city" : "Zhuhai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:22:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 2423\r\nConnection: close\r\nx-ws-request-id: 672c3270_PS-CKG-01SsH29_26859-15305\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 03:22:24 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-CKG-01SsH29\n\t\t\t\t<br>URL: http://<ip>:9527/\n\t\t\t\t<br>Request-Id: 672c3270_PS-CKG-01SsH29_26859-15305\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:9527/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "8a97ed3b5e8528f7f47381088029c585",
   "datammh3" : -1685539792,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "221.178.0.0/17"
   },
   "ip" : "221.178.32.37",
   "ipv6" : "false",
   "latitude" : "22.2767",
   "location" : "22.2767,113.5788",
   "longitude" : "113.5788",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "port" : 9527,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "221.178.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 138.113.7.246:9527 (tcp/http) - last seen on 2024-11-07 at 03:22:27 UTC

    • IP
      138.113.7.246
      Network
      138.113.0.0/21
      Device

      <enterprise field>: device.class

      URL

      http://138.113.7.246:9527/ 400

      HTTP Title
      400 Bad Request
      ASN
      AS54994
      Organization
      ML-1432-54994
      Protocol
      http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      299a74cb2130b3986c9056b4b935d140
      HTTP Header MD5
      0b2daef478f08b6c9dc9f4ec45b59e89
      HTTP Body MD5
      97b03c2a8c5362789ef26b1ca71b80f4 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 03:22:23 GMT
Content-Type: text/html
Content-Length: 2407
Connection: close
x-ws-request-id: 672c326f_dxun18_47868-32716

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 03:22:23 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: dxun18
				<br>URL: http://<ip>:9527/
				<br>Request-Id: 672c326f_dxun18_47868-32716
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:9527/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:27.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "97b03c2a8c5362789ef26b1ca71b80f4",
         "bodymmh3" : -187782626,
         "headermd5" : "0b2daef478f08b6c9dc9f4ec45b59e89",
         "headermmh3" : -176241275,
         "title" : "400 Bad Request"
      },
      "length" : 2575
   },
   "asn" : "AS54994",
   "country" : "CA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:22:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 2407\r\nConnection: close\r\nx-ws-request-id: 672c326f_dxun18_47868-32716\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 03:22:23 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: dxun18\n\t\t\t\t<br>URL: http://<ip>:9527/\n\t\t\t\t<br>Request-Id: 672c326f_dxun18_47868-32716\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:9527/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "299a74cb2130b3986c9056b4b935d140",
   "datammh3" : -931605075,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS54994",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "meteversecloud.com"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "METEVERSE-NETWORKS",
      "organization" : "Meteverse Limited.",
      "subnet" : "138.113.7.0/24"
   },
   "ip" : "138.113.7.246",
   "ipv6" : "false",
   "latitude" : "43.6319",
   "location" : "43.6319,-79.3716",
   "longitude" : "-79.3716",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ML-1432-54994",
   "port" : 9527,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "138.113.0.0/21",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 185.39.150.25:9527 (tcp/http) - last seen on 2024-11-07 at 03:22:26 UTC

    • IP
      185.39.150.25
      Network
      185.39.148.0/22
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://185.39.150.25:9527/ 407

      HTTP Title
      407 Proxy Authentication Required
      ASN
      AS8342
      Organization
      JSC RTComm.RU
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      bbdd0ef18ac1bb935546f899a9c15b82
      HTTP Header MD5
      7b6af4d669f1735012ccbd9b5f402335
      HTTP Body MD5
      d0733a01623260995e3203769289c13f 
    • HTTP/1.0 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="proxy"
Connection: close
Content-type: text/html; charset=utf-8

<html><head><title>407 Proxy Authentication Required</title></head>
<body><h2>407 Proxy Authentication Required</h2><h3>Access to requested resource disallowed by administrator or you need valid username/password to use this resource</h3></body></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:26.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d0733a01623260995e3203769289c13f",
         "bodymmh3" : -533483165,
         "headermd5" : "7b6af4d669f1735012ccbd9b5f402335",
         "headermmh3" : 1023953321,
         "realm" : "proxy",
         "title" : "407 Proxy Authentication Required"
      },
      "length" : 401
   },
   "asn" : "AS8342",
   "country" : "RU",
   "data" : "HTTP/1.0 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"proxy\"\r\nConnection: close\r\nContent-type: text/html; charset=utf-8\r\n\r\n<html><head><title>407 Proxy Authentication Required</title></head>\r\n<body><h2>407 Proxy Authentication Required</h2><h3>Access to requested resource disallowed by administrator or you need valid username/password to use this resource</h3></body></html>\r\n",
   "datamd5" : "bbdd0ef18ac1bb935546f899a9c15b82",
   "datammh3" : 709695866,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "185.39.150.25",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "JSC RTComm.RU",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9527,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "185.39.148.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 211.43.150.189:9527 (tcp/http) - last seen on 2024-11-07 at 03:22:07 UTC

    • IP
      211.43.150.189
      Network
      211.43.148.0/22
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://211.43.150.189:9527/ 400

      HTTP Title
      400 Bad Request
      ASN
      AS54994
      Organization
      ML-1432-54994
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2bdae717a71d745f6e5e49e4c4e94020
      HTTP Header MD5
      644ff7306c01b9ff32195c640c4be9a9
      HTTP Body MD5
      7472e3e09286d9b3324058593b96176d 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 03:22:06 GMT
Content-Type: text/html
Content-Length: 2407
Connection: close
x-ws-request-id: 672c325e_dl124_44726-59604

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 03:22:06 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: dl124
				<br>URL: http://<ip>:9527/
				<br>Request-Id: 672c325e_dl124_44726-59604
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:9527/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "7472e3e09286d9b3324058593b96176d",
         "bodymmh3" : -535419599,
         "headermd5" : "644ff7306c01b9ff32195c640c4be9a9",
         "headermmh3" : 123849200,
         "title" : "400 Bad Request"
      },
      "length" : 2572
   },
   "asn" : "AS54994",
   "city" : "San Jose",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:22:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 2407\r\nConnection: close\r\nx-ws-request-id: 672c325e_dl124_44726-59604\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 03:22:06 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: dl124\n\t\t\t\t<br>URL: http://<ip>:9527/\n\t\t\t\t<br>Request-Id: 672c325e_dl124_44726-59604\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:9527/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "2bdae717a71d745f6e5e49e4c4e94020",
   "datammh3" : -1207560351,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS54994",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "cdnetworks.com",
         "nic.or.kr"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "CDNETWORKS",
      "organization" : "CDNetworks",
      "subnet" : "211.43.148.0/22"
   },
   "ip" : "211.43.150.189",
   "ipv6" : "false",
   "latitude" : "37.1835",
   "location" : "37.1835,-121.7714",
   "longitude" : "-121.7714",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ML-1432-54994",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9527,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "211.43.148.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 188.214.157.4:9527 (tcp/http) - last seen on 2024-11-07 at 03:22:01 UTC

    • IP
      188.214.157.4
      Network
      188.214.157.0/24
      Device

      <enterprise field>: device.class

      URL

      http://188.214.157.4:9527/mifs/user/index.html 200

      ASN
      AS136258
      Organization
      BrainStorm Network, Inc
      Protocol
      http
      Source
      urlscan::redirect
    • Product
      Server Server
      HTTP Component(s)
      Oracle Java MobileIron Core
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      f45f760daff0de86172320eb7932cbb6
      HTTP Header MD5
      26b0e30e68eb5b088ca598a44f1bd7fc
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 03:21:55 UTC
Server: server
Content-Security-Policy: worker-src  'none'; connect-src *.mxpnl.com *.mixpanel.com *.mapquest.com www.mapquestapi.com *.mqcdn.com  'self'; frame-ancestors  'self'; img-src *  'self' data:; form-action  'self'; script-src  http: 'self' 'report-sample' https: 'unsafe-eval' 'unsafe-inline'; media-src  'none'; object-src  'none'; font-src  'self'; base-uri  'none'; style-src *.mqcdn.com 'unsafe-inline'  'self'; 
X-XSS-Protection: 1; mode=block
X-Frame-Options: SameOrigin
X-Content-Type-Options: nosniff
Pragma: no-cache
Cache-control: no-cache, no-store, must-revalidate
Expires: Tue, 18 Jul 2023 15:14:49 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Location: https://<ip>:9527/mifs/user/login.jsp
Set-Cookie: JSESSIONID=E4FFFA78478D0D808D892FA578AB3EC4; Path=/mifs; Secure; HttpOnly;SameSite=lax
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:01.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "product" : "Core",
               "productvendor" : "MobileIron"
            },
            {
               "product" : "Java",
               "productvendor" : "Oracle"
            }
         ],
         "headermd5" : "26b0e30e68eb5b088ca598a44f1bd7fc",
         "headermmh3" : -81324848
      },
      "length" : 983
   },
   "asn" : "AS136258",
   "city" : "Abadou",
   "country" : "MA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 03:21:55 UTC\r\nServer: server\r\nContent-Security-Policy: worker-src  'none'; connect-src *.mxpnl.com *.mixpanel.com *.mapquest.com www.mapquestapi.com *.mqcdn.com  'self'; frame-ancestors  'self'; img-src *  'self' data:; form-action  'self'; script-src  http: 'self' 'report-sample' https: 'unsafe-eval' 'unsafe-inline'; media-src  'none'; object-src  'none'; font-src  'self'; base-uri  'none'; style-src *.mqcdn.com 'unsafe-inline'  'self'; \r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: SameOrigin\r\nX-Content-Type-Options: nosniff\r\nPragma: no-cache\r\nCache-control: no-cache, no-store, must-revalidate\r\nExpires: Tue, 18 Jul 2023 15:14:49 GMT\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains\r\nLocation: https://<ip>:9527/mifs/user/login.jsp\r\nSet-Cookie: JSESSIONID=E4FFFA78478D0D808D892FA578AB3EC4; Path=/mifs; Secure; HttpOnly;SameSite=lax\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n",
   "datamd5" : "f45f760daff0de86172320eb7932cbb6",
   "datammh3" : 1398358152,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "188.214.157.4",
   "hostname" : [
      "188.214.157.4"
   ],
   "ip" : "188.214.157.4",
   "ipv6" : "false",
   "latitude" : "31.4598",
   "location" : "31.4598,-7.2863",
   "longitude" : "-7.2863",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "BrainStorm Network, Inc",
   "port" : 9527,
   "product" : "Server",
   "productvendor" : "Server",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 200,
   "subnet" : "188.214.157.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/mifs/user/index.html"
}

  • 156.231.149.223:9527 (tcp/http) - last seen on 2024-11-07 at 03:22:00 UTC

    • IP
      156.231.149.223
      Network
      156.231.144.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://156.231.149.223:9527/ 200

      HTTP Title
      登录
      ASN
      AS398993
      Organization
      PEG-TY
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      5970b7826b99f1194bf33cd852f4cca2
      HTTP Header MD5
      64270533dc449b5fb751ca76d91ab9ad
      HTTP Body MD5
      470329f5a1572d14a83580bb10264a9f 
    • HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Nov 2024 03:21:57 GMT
Connection: close
Transfer-Encoding: chunked

800
<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta name="renderer" content="webkit">
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="stylesheet" href="/assets/ant-design-vue@1.7.2/antd.min.css">
    <link rel="stylesheet" href="/assets/element-ui@2.15.0/theme-chalk/display.css">
    <link rel="stylesheet" href="/assets/css/custom.css?0.3.2">
    <style>
        [v-cloak] {
            display: none;
        }
    </style>
    <title>登录</title>
</head>

<style>

    #app {
        padding-top: 100px;
    }

    h1 {
        text-align: center;
        color: #fff;
        margin: 20px 0 50px 0;
    }

    .ant-btn, .ant-input {
        height: 50px;
        border-radius: 30px;
    }

    .ant-input-affix-wrapper .ant-input-prefix {
        left: 23px;
    }

    .ant-input-affix-wrapper .ant-input:not(:first-child) {
        padding-left: 50px;
    }

</style>
<body>
<a-layout id="app" v-cloak>
    <transition name="list" appear>
        <a-layout-content>
            <a-row type="flex" justify="center">
                <a-col :xs="22" :sm="20" :md="16" :lg="12" :xl="8">
                    <h1>登录</h1>
                </a-col>
            </a-row>
            <a-row type="flex" justify="center">
                <a-col :xs="22" :sm="20" :md="16" :lg="12" :xl="8">
                    <a-form>
                        <a-form-item>
                            <a-input v-model.trim="user.username" placeholder='username'
                                     @keydown.enter.native="login" autofocus>
                                <a-icon slot="prefix" type="user" style="color: rgba(0,0,0,.25)"/>
                            </a-input>
                        </a-form-item>
                        <a-form-item>
                            <a-input type="password" v-model.trim="user.password"
                                     placeholder='password' @keydown.enter.native="login">
800

                                <a-icon slot="prefix" type="lock" style="color: rgba(0,0,0,.25)"/>
                            </a-input>
                        </a-form-item>
                        <a-form-item>
                            <a-button block @click="login" :loading="loading">login</a-button>
                        </a-form-item>
                    </a-form>
                </a-col>
            </a-row>
        </a-layout-content>
    </transition>
</a-layout>

<script src="/assets/vue@2.6.12/vue.min.js"></script>
<script src="/assets/moment/moment.min.js"></script>
<script src="/assets/ant-design-vue@1.7.2/antd.min.js"></script>
<script src="/assets/base64/base64.min.js"></script>
<script src="/assets/axios/axios.min.js"></script>
<script src="/assets/qs/qs.min.js"></script>
<script src="/assets/qrcode/qrious.min.js"></script>
<script src="/assets/clipboard/clipboard.min.js"></script>
<script src="/assets/uri/URI.min.js"></script>
<script src="/assets/js/axios-init.js?0.3.2"></script>
<script src="/assets/js/util/common.js?0.3.2"></script>
<script src="/assets/js/util/date-util.js?0.3.2"></script>
<script src="/assets/js/util/utils.js?0.3.2"></script>
<script src="/assets/js/model/xray.js?0.3.2"></script>
<script src="/assets/js/model/models.js?0.3.2"></script>
<script>
    const basePath = '\/';
    axios.defaults.baseURL = basePath;
</script>

<script>
    const leftColor = RandomUtil.randomIntRange(0x222222, 0xFFFFFF / 2).toString(16);
    const rightColor = RandomUtil.randomIntRange(0xFFFFFF / 2, 0xDDDDDD).toString(16);
    const deg = RandomUtil.randomIntRange(0, 360);
    const background = `linear-gradient(${deg}deg, #${leftColor} 10%, #${rightColor} 100%)`;
    document.querySelector('#app').style.background = background;
    const app = new Vue({
        delimiters: ['[[', ']]'],
        el: '#app',
        data: {
            loading: false,
            user: new User(),
        },
        methods: {
            async login() {
                this.loading = true;
                con
fe
st msg = await HttpUtil.post('/login', this.user);
                this.loading = false;
                if (msg.success) {
                    location.href = basePath + 'xui/';
                }
            }
        }
    });
</script>
</body>
</html>
0


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:00.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "470329f5a1572d14a83580bb10264a9f",
         "bodymmh3" : -959015258,
         "headermd5" : "64270533dc449b5fb751ca76d91ab9ad",
         "headermmh3" : -919674631,
         "title" : "\u767b\u5f55"
      },
      "length" : 4518
   },
   "asn" : "AS398993",
   "city" : "Tokyo",
   "country" : "JP",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=utf-8\r\nDate: Thu, 07 Nov 2024 03:21:57 GMT\r\nConnection: close\r\nTransfer-Encoding: chunked\r\n\r\n800\r\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta name=\"renderer\" content=\"webkit\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <link rel=\"stylesheet\" href=\"/assets/ant-design-vue@1.7.2/antd.min.css\">\n    <link rel=\"stylesheet\" href=\"/assets/element-ui@2.15.0/theme-chalk/display.css\">\n    <link rel=\"stylesheet\" href=\"/assets/css/custom.css?0.3.2\">\n    <style>\n        [v-cloak] {\n            display: none;\n        }\n    </style>\n    <title>\u767b\u5f55</title>\n</head>\n\n<style>\n\n    #app {\n        padding-top: 100px;\n    }\n\n    h1 {\n        text-align: center;\n        color: #fff;\n        margin: 20px 0 50px 0;\n    }\n\n    .ant-btn, .ant-input {\n        height: 50px;\n        border-radius: 30px;\n    }\n\n    .ant-input-affix-wrapper .ant-input-prefix {\n        left: 23px;\n    }\n\n    .ant-input-affix-wrapper .ant-input:not(:first-child) {\n        padding-left: 50px;\n    }\n\n</style>\n<body>\n<a-layout id=\"app\" v-cloak>\n    <transition name=\"list\" appear>\n        <a-layout-content>\n            <a-row type=\"flex\" justify=\"center\">\n                <a-col :xs=\"22\" :sm=\"20\" :md=\"16\" :lg=\"12\" :xl=\"8\">\n                    <h1>\u767b\u5f55</h1>\n                </a-col>\n            </a-row>\n            <a-row type=\"flex\" justify=\"center\">\n                <a-col :xs=\"22\" :sm=\"20\" :md=\"16\" :lg=\"12\" :xl=\"8\">\n                    <a-form>\n                        <a-form-item>\n                            <a-input v-model.trim=\"user.username\" placeholder='username'\n                                     @keydown.enter.native=\"login\" autofocus>\n                                <a-icon slot=\"prefix\" type=\"user\" style=\"color: rgba(0,0,0,.25)\"/>\n                            </a-input>\n                        </a-form-item>\n                        <a-form-item>\n                            <a-input type=\"password\" v-model.trim=\"user.password\"\n                                     placeholder='password' @keydown.enter.native=\"login\">\r\n800\r\n\n                                <a-icon slot=\"prefix\" type=\"lock\" style=\"color: rgba(0,0,0,.25)\"/>\n                            </a-input>\n                        </a-form-item>\n                        <a-form-item>\n                            <a-button block @click=\"login\" :loading=\"loading\">login</a-button>\n                        </a-form-item>\n                    </a-form>\n                </a-col>\n            </a-row>\n        </a-layout-content>\n    </transition>\n</a-layout>\n\n<script src=\"/assets/vue@2.6.12/vue.min.js\"></script>\n<script src=\"/assets/moment/moment.min.js\"></script>\n<script src=\"/assets/ant-design-vue@1.7.2/antd.min.js\"></script>\n<script src=\"/assets/base64/base64.min.js\"></script>\n<script src=\"/assets/axios/axios.min.js\"></script>\n<script src=\"/assets/qs/qs.min.js\"></script>\n<script src=\"/assets/qrcode/qrious.min.js\"></script>\n<script src=\"/assets/clipboard/clipboard.min.js\"></script>\n<script src=\"/assets/uri/URI.min.js\"></script>\n<script src=\"/assets/js/axios-init.js?0.3.2\"></script>\n<script src=\"/assets/js/util/common.js?0.3.2\"></script>\n<script src=\"/assets/js/util/date-util.js?0.3.2\"></script>\n<script src=\"/assets/js/util/utils.js?0.3.2\"></script>\n<script src=\"/assets/js/model/xray.js?0.3.2\"></script>\n<script src=\"/assets/js/model/models.js?0.3.2\"></script>\n<script>\n    const basePath = '\\/';\n    axios.defaults.baseURL = basePath;\n</script>\n\n<script>\n    const leftColor = RandomUtil.randomIntRange(0x222222, 0xFFFFFF / 2).toString(16);\n    const rightColor = RandomUtil.randomIntRange(0xFFFFFF / 2, 0xDDDDDD).toString(16);\n    const deg = RandomUtil.randomIntRange(0, 360);\n    const background = `linear-gradient(${deg}deg, #${leftColor} 10%, #${rightColor} 100%)`;\n    document.querySelector('#app').style.background = background;\n    const app = new Vue({\n        delimiters: ['[[', ']]'],\n        el: '#app',\n        data: {\n            loading: false,\n            user: new User(),\n        },\n        methods: {\n            async login() {\n                this.loading = true;\n                con\r\nfe\r\nst msg = await HttpUtil.post('/login', this.user);\n                this.loading = false;\n                if (msg.success) {\n                    location.href = basePath + 'xui/';\n                }\n            }\n        }\n    });\n</script>\n</body>\n</html>\r\n0\r\n\r\n",
   "datamd5" : "5970b7826b99f1194bf33cd852f4cca2",
   "datammh3" : -71020734,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS984",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "cloudinnovation.org"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "Octopus_Web_Solution_Inc",
      "organization" : "Route",
      "subnet" : "156.231.0.0/16"
   },
   "ip" : "156.231.149.223",
   "ipv6" : "false",
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PEG-TY",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9527,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "156.231.144.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 140.150.2.144:9527 (tcp/http) - last seen on 2024-11-07 at 03:21:53 UTC

    • IP
      140.150.2.144
      Network
      140.150.2.0/23
      Device

      <enterprise field>: device.class

      URL

      http://140.150.2.144:9527/ 400

      HTTP Title
      400 Bad Request
      ASN
      AS54994
      Organization
      ML-1432-54994
      Protocol
      http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      8eed630a4f21ba1b6529af3af556fff0
      HTTP Header MD5
      751aeb1a4d81bbccd0af500017ef6c8f
      HTTP Body MD5
      46b96f1b3a62993687db61cb252c4670 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 03:21:48 GMT
Content-Type: text/html
Content-Length: 2423
Connection: close
x-ws-request-id: 672c324c_PS-KIX-01NUs68_26850-63499

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 03:21:48 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-KIX-01NUs68
				<br>URL: http://<ip>:9527/
				<br>Request-Id: 672c324c_PS-KIX-01NUs68_26850-63499
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:9527/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:53.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "46b96f1b3a62993687db61cb252c4670",
         "bodymmh3" : -1594395939,
         "headermd5" : "751aeb1a4d81bbccd0af500017ef6c8f",
         "headermmh3" : 515287378,
         "title" : "400 Bad Request"
      },
      "length" : 2599
   },
   "asn" : "AS54994",
   "country" : "CA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:21:48 GMT\r\nContent-Type: text/html\r\nContent-Length: 2423\r\nConnection: close\r\nx-ws-request-id: 672c324c_PS-KIX-01NUs68_26850-63499\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 03:21:48 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-KIX-01NUs68\n\t\t\t\t<br>URL: http://<ip>:9527/\n\t\t\t\t<br>Request-Id: 672c324c_PS-KIX-01NUs68_26850-63499\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:9527/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "8eed630a4f21ba1b6529af3af556fff0",
   "datammh3" : 1003107417,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS54994",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "SE",
      "countryname" : "Sweden",
      "isineu" : "true",
      "latitude" : "60.128161",
      "location" : "60.128161,18.643501",
      "longitude" : "18.643501",
      "netname" : "FUJITSU-SE",
      "organization" : "Fujitsu Sweden AB",
      "subnet" : "140.150.0.0/19"
   },
   "ip" : "140.150.2.144",
   "ipv6" : "false",
   "latitude" : "43.6319",
   "location" : "43.6319,-79.3716",
   "longitude" : "-79.3716",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ML-1432-54994",
   "port" : 9527,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "140.150.2.0/23",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}