ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 34 in 0.107 second(s)

  • 71.176.215.137:9997 (tcp/http) - last seen on 2024-11-07 at 05:09:31 UTC

    • IP
      71.176.215.137
      Network
      71.176.0.0/16
      Domain(s)
      verizon.net
      Device

      <enterprise field>: device.class

      URL

      http://71.176.215.137:9997/prelogin 200

      HTTP Title
      Login
      Reverse DNS
      static-71-176-215-137.rcmdva.fios.verizon.net
      ASN
      AS701
      Organization
      UUNET
      Protocol
      http
      Source
      urlscan::redirect
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      verizon.net
      Hostname(s)
      71.176.215.137 pool-173-54-244-170.nwrknj.fios.verizon.net pool-72-81-170-129.bltmmd.fios.verizon.net pool-74-101-201-82.nycmny.fios.verizon.net pool-74-105-158-145.nwrknj.fios.verizon.net static-71-176-215-137.rcmdva.fios.verizon.net static-96-244-108-74.bltmmd.fios.verizon.net
      IP(s)
      173.54.244.170 71.176.215.137 72.81.170.129 74.101.201.82 74.105.158.145 96.244.108.74
      Port(s)
      9997
      Protocol(s)
      http unknown
      Tag(s)
      URL(s)
      / /login /ord /prelogin

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      fd671d12c69697f2c9082716b931f6dd
      HTTP Header MD5
      5a8a2248112c3d3ab43de01f35bb89b2
      HTTP Body MD5
      ff4115b78e481eb99b9e659b5a2ee1bb 
    • HTTP/1.1 200 OK
Connection: close
Content-Security-Policy: connect-src 'self' workbench ws://<ip>:9997 wss://<ip>:9997; default-src 'self' workbench; img-src 'self' workbench data: module:; report-uri /csp-reports; script-src 'self' workbench 'unsafe-inline' 'unsafe-eval'; style-src 'self' workbench 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Type: text/html;charset=utf-8
Set-Cookie: niagara_current_sso_scheme=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; SameSite=Lax
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: niagara_failure_cause=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; SameSite=Lax
Set-Cookie: niagara_failure_info=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; SameSite=Lax
Content-Length: 2592

<!DOCTYPE html>
<html>
<head>
  <meta http-equiv='Content-type' content='text/html;charset=UTF-8'>
  <meta name="viewport" content="width=device-width initial-scale=1.0 maximum-scale=1.0 target-densityDpi=medium-dpi">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <title>Login</title>
  <link rel="stylesheet" type="text/css" href="/login/loginN4.css">
  <script type="text/javascript" src="login/loginN4.js"></script>
  
</head>
<body onload="checkFail()">
  <script type='text/javascript'>
    if ('ontouchstart' in window) {
      document.body.className += ' touch-enabled';
    }
  </script>
  <script>
    if ( window.history.replaceState ) {
      window.history.replaceState( null, null, window.location.href );
    }
  </script>
  <div id="outer-login-form-container">
    <div id="login-logo-container">
  <img id="login-logo" src="login/logo" alt="Custom Logo"/>
</div>
    <div id="login-form-container">
      <div id="login-title-container">
        <div id="login-title">WeinsteinJCC</div>
      </div>
      <div>
        <noscript>JavaScript must be enabled to login</noscript>
      </div>
      <div id="login-failed">
        Login Failed
      </div>
      
      <div id="login-image">
        <img src="login/keys.png" />
      </div>
      <form id="main-login-form" method="POST" action=login>
  	    <div id="login-credentials">
    <div class="login-group">
        <label class="login-label" for="userName">Username:</label>
        <input class="login-input" type="text" name="j_username" autofocus autocomplete="on" autocapitalize="none"/>
    </div>
    

    <input id="login-submit" type="submit" value="Login"/>
</div>
      </form>
  	  
    </div>
    <div id="blanket" style="display:none">
  <div id="licenseDiv" style="display:block">
    <div id="licenseTitle"><div id="licenseFileName"></div><div><img id="closeButton" src="login/close.png" alt="Close" onclick="closeLicense()"/></div></div>
    <div id="licenseFrameDiv">
        <iframe id="licenseFile" onload="fixStyle(this)" src=""></iframe>
    </div>
  </div>
</div>

<div id="licenseAgreements">
    Use of this software is subject to the <br />
    <a href="#" onclick="openLicense('End User License Agreement', 'eula');">End User License Agreement</a>
    and other <a href="#" onclick="openLicense('Third Party Licenses', 'thirdPartyLicenses');">Third Party Licenses</a>
</div>

  </div>
  
  
  <p></p>
<div id="webStartLogin" class="">
  To connect using Niagara Web Launcher <a id="niagara_webLauncherExternalLink" href="/webstart/nwl">click here</a>
</div>

</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:09:31.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ff4115b78e481eb99b9e659b5a2ee1bb",
         "bodymmh3" : 153425630,
         "headermd5" : "5a8a2248112c3d3ab43de01f35bb89b2",
         "headermmh3" : 1632284745,
         "title" : "Login"
      },
      "length" : 3468
   },
   "asn" : "AS701",
   "city" : "Henrico",
   "country" : "US",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Security-Policy: connect-src 'self' workbench ws://<ip>:9997 wss://<ip>:9997; default-src 'self' workbench; img-src 'self' workbench data: module:; report-uri /csp-reports; script-src 'self' workbench 'unsafe-inline' 'unsafe-eval'; style-src 'self' workbench 'unsafe-inline'\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nContent-Type: text/html;charset=utf-8\r\nSet-Cookie: niagara_current_sso_scheme=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; SameSite=Lax\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nSet-Cookie: niagara_failure_cause=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; SameSite=Lax\r\nSet-Cookie: niagara_failure_info=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; HttpOnly; SameSite=Lax\r\nContent-Length: 2592\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n  <meta http-equiv='Content-type' content='text/html;charset=UTF-8'>\n  <meta name=\"viewport\" content=\"width=device-width initial-scale=1.0 maximum-scale=1.0 target-densityDpi=medium-dpi\">\n  <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n  <title>Login</title>\n  <link rel=\"stylesheet\" type=\"text/css\" href=\"/login/loginN4.css\">\n  <script type=\"text/javascript\" src=\"login/loginN4.js\"></script>\n  \n</head>\n<body onload=\"checkFail()\">\n  <script type='text/javascript'>\n    if ('ontouchstart' in window) {\n      document.body.className += ' touch-enabled';\n    }\n  </script>\n  <script>\n    if ( window.history.replaceState ) {\n      window.history.replaceState( null, null, window.location.href );\n    }\n  </script>\n  <div id=\"outer-login-form-container\">\n    <div id=\"login-logo-container\">\n  <img id=\"login-logo\" src=\"login/logo\" alt=\"Custom Logo\"/>\n</div>\n    <div id=\"login-form-container\">\n      <div id=\"login-title-container\">\n        <div id=\"login-title\">WeinsteinJCC</div>\n      </div>\n      <div>\n        <noscript>JavaScript must be enabled to login</noscript>\n      </div>\n      <div id=\"login-failed\">\n        Login Failed\n      </div>\n      \n      <div id=\"login-image\">\n        <img src=\"login/keys.png\" />\n      </div>\n      <form id=\"main-login-form\" method=\"POST\" action=login>\n  \t    <div id=\"login-credentials\">\n    <div class=\"login-group\">\n        <label class=\"login-label\" for=\"userName\">Username:</label>\n        <input class=\"login-input\" type=\"text\" name=\"j_username\" autofocus autocomplete=\"on\" autocapitalize=\"none\"/>\n    </div>\n    \n\n    <input id=\"login-submit\" type=\"submit\" value=\"Login\"/>\n</div>\n      </form>\n  \t  \n    </div>\n    <div id=\"blanket\" style=\"display:none\">\n  <div id=\"licenseDiv\" style=\"display:block\">\n    <div id=\"licenseTitle\"><div id=\"licenseFileName\"></div><div><img id=\"closeButton\" src=\"login/close.png\" alt=\"Close\" onclick=\"closeLicense()\"/></div></div>\n    <div id=\"licenseFrameDiv\">\n        <iframe id=\"licenseFile\" onload=\"fixStyle(this)\" src=\"\"></iframe>\n    </div>\n  </div>\n</div>\n\n<div id=\"licenseAgreements\">\n    Use of this software is subject to the <br />\n    <a href=\"#\" onclick=\"openLicense('End User License Agreement', 'eula');\">End User License Agreement</a>\n    and other <a href=\"#\" onclick=\"openLicense('Third Party Licenses', 'thirdPartyLicenses');\">Third Party Licenses</a>\n</div>\n\n  </div>\n  \n  \n  <p></p>\n<div id=\"webStartLogin\" class=\"\">\n  To connect using Niagara Web Launcher <a id=\"niagara_webLauncherExternalLink\" href=\"/webstart/nwl\">click here</a>\n</div>\n\n</body>\n</html>\n",
   "datamd5" : "fd671d12c69697f2c9082716b931f6dd",
   "datammh3" : 1942814860,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "verizon.net"
   ],
   "forward" : "71.176.215.137",
   "geolocus" : {
      "asn" : "AS701",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "verizon.com",
         "verizon.net",
         "verizonbusiness.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "VIS-BLOCK",
      "organization" : "Verizon Business",
      "subnet" : "71.176.0.0/16"
   },
   "host" : [
      "static-71-176-215-137"
   ],
   "hostname" : [
      "71.176.215.137",
      "static-71-176-215-137.rcmdva.fios.verizon.net"
   ],
   "ip" : "71.176.215.137",
   "ipv6" : "false",
   "latitude" : "37.4612",
   "location" : "37.4612,-77.3950",
   "longitude" : "-77.3950",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UUNET",
   "port" : 9997,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "static-71-176-215-137.rcmdva.fios.verizon.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 200,
   "subdomains" : [
      "rcmdva.fios.verizon.net",
      "fios.verizon.net"
   ],
   "subnet" : "71.176.0.0/16",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/prelogin"
}

  • 71.176.215.137:9997 (tcp/http) - last seen on 2024-11-07 at 03:09:42 UTC

    • IP
      71.176.215.137
      Network
      71.176.0.0/16
      Domain(s)
      verizon.net
      Device

      <enterprise field>: device.class

      URL

      http://71.176.215.137:9997/login 302

      Reverse DNS
      static-71-176-215-137.rcmdva.fios.verizon.net
      ASN
      AS701
      Organization
      UUNET
      Protocol
      http
      Source
      urlscan::redirect
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      verizon.net
      Hostname(s)
      71.176.215.137 pool-173-54-244-170.nwrknj.fios.verizon.net pool-72-81-170-129.bltmmd.fios.verizon.net pool-74-101-201-82.nycmny.fios.verizon.net pool-74-105-158-145.nwrknj.fios.verizon.net static-71-176-215-137.rcmdva.fios.verizon.net static-96-244-108-74.bltmmd.fios.verizon.net
      IP(s)
      173.54.244.170 71.176.215.137 72.81.170.129 74.101.201.82 74.105.158.145 96.244.108.74
      Port(s)
      9997
      Protocol(s)
      http unknown
      Tag(s)
      URL(s)
      / /login /ord /prelogin

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a9c42e98b563e57843cae00ae2bf82b8
      HTTP Header MD5
      d82a67d6985c840b4f376c87dcc81a88
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Connection: close
Content-Security-Policy: connect-src 'self' workbench ws://<ip>:9997 wss://<ip>:9997; default-src 'self' workbench; img-src 'self' workbench data: module:; report-uri /csp-reports; script-src 'self' workbench 'unsafe-inline' 'unsafe-eval'; style-src 'self' workbench 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Location: http://<ip>:9997/prelogin


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:09:42.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "d82a67d6985c840b4f376c87dcc81a88",
         "headermmh3" : -1218618595
      },
      "length" : 457
   },
   "asn" : "AS701",
   "city" : "Henrico",
   "country" : "US",
   "data" : "HTTP/1.1 302 Found\r\nConnection: close\r\nContent-Security-Policy: connect-src 'self' workbench ws://<ip>:9997 wss://<ip>:9997; default-src 'self' workbench; img-src 'self' workbench data: module:; report-uri /csp-reports; script-src 'self' workbench 'unsafe-inline' 'unsafe-eval'; style-src 'self' workbench 'unsafe-inline'\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nLocation: http://<ip>:9997/prelogin\r\n\r\n",
   "datamd5" : "a9c42e98b563e57843cae00ae2bf82b8",
   "datammh3" : 712992699,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "verizon.net"
   ],
   "forward" : "71.176.215.137",
   "geolocus" : {
      "asn" : "AS701",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "verizon.com",
         "verizon.net",
         "verizonbusiness.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "VIS-BLOCK",
      "organization" : "Verizon Business",
      "subnet" : "71.176.0.0/16"
   },
   "host" : [
      "static-71-176-215-137"
   ],
   "hostname" : [
      "71.176.215.137",
      "static-71-176-215-137.rcmdva.fios.verizon.net"
   ],
   "ip" : "71.176.215.137",
   "ipv6" : "false",
   "latitude" : "37.4612",
   "location" : "37.4612,-77.3950",
   "longitude" : "-77.3950",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UUNET",
   "port" : 9997,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "static-71-176-215-137.rcmdva.fios.verizon.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 302,
   "subdomains" : [
      "fios.verizon.net",
      "rcmdva.fios.verizon.net"
   ],
   "subnet" : "71.176.0.0/16",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/login"
}

  • 71.176.215.137:9997 (tcp/http) - last seen on 2024-11-07 at 01:15:38 UTC

    • IP
      71.176.215.137
      Network
      71.176.0.0/16
      Domain(s)
      verizon.net
      Device

      <enterprise field>: device.class

      URL

      http://71.176.215.137:9997/ord 302

      Reverse DNS
      static-71-176-215-137.rcmdva.fios.verizon.net
      ASN
      AS701
      Organization
      UUNET
      Protocol
      http
      Source
      urlscan::redirect
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      verizon.net
      Hostname(s)
      71.176.215.137 pool-173-54-244-170.nwrknj.fios.verizon.net pool-72-81-170-129.bltmmd.fios.verizon.net pool-74-101-201-82.nycmny.fios.verizon.net pool-74-105-158-145.nwrknj.fios.verizon.net static-71-176-215-137.rcmdva.fios.verizon.net static-96-244-108-74.bltmmd.fios.verizon.net
      IP(s)
      173.54.244.170 71.176.215.137 72.81.170.129 74.101.201.82 74.105.158.145 96.244.108.74
      Port(s)
      9997
      Protocol(s)
      http unknown
      Tag(s)
      URL(s)
      / /login /ord /prelogin

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      369ab970d5321436bbca9a0fb8bc9c26
      HTTP Header MD5
      f45b23d796cbcaa499c1db5c017c4556
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Connection: close
Set-Cookie: niagara_origin_uri=%2Ford; Path=/; HttpOnly; SameSite=Lax
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://<ip>:9997/login


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T01:15:38.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "f45b23d796cbcaa499c1db5c017c4556",
         "headermmh3" : 1690141092
      },
      "length" : 186
   },
   "asn" : "AS701",
   "city" : "Henrico",
   "country" : "US",
   "data" : "HTTP/1.1 302 Found\r\nConnection: close\r\nSet-Cookie: niagara_origin_uri=%2Ford; Path=/; HttpOnly; SameSite=Lax\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nLocation: http://<ip>:9997/login\r\n\r\n",
   "datamd5" : "369ab970d5321436bbca9a0fb8bc9c26",
   "datammh3" : 600864518,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "verizon.net"
   ],
   "forward" : "71.176.215.137",
   "geolocus" : {
      "asn" : "AS701",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "verizon.com",
         "verizon.net",
         "verizonbusiness.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "VIS-BLOCK",
      "organization" : "Verizon Business",
      "subnet" : "71.176.0.0/16"
   },
   "host" : [
      "static-71-176-215-137"
   ],
   "hostname" : [
      "71.176.215.137",
      "static-71-176-215-137.rcmdva.fios.verizon.net"
   ],
   "ip" : "71.176.215.137",
   "ipv6" : "false",
   "latitude" : "37.4612",
   "location" : "37.4612,-77.3950",
   "longitude" : "-77.3950",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UUNET",
   "port" : 9997,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "static-71-176-215-137.rcmdva.fios.verizon.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 302,
   "subdomains" : [
      "fios.verizon.net",
      "rcmdva.fios.verizon.net"
   ],
   "subnet" : "71.176.0.0/16",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/ord"
}

  • 74.101.201.82:9997 (tcp/http) - last seen on 2024-11-06 at 23:35:49 UTC

    • IP
      74.101.201.82
      Network
      74.101.0.0/16
      Domain(s)
      verizon.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://74.101.201.82:9997/ 401

      HTTP Title
      Unauthorized
      Reverse DNS
      pool-74-101-201-82.nycmny.fios.verizon.net
      ASN
      AS701
      Organization
      UUNET
      Protocol
      http
      Source
      datascan
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      verizon.net
      Hostname(s)
      71.176.215.137 pool-173-54-244-170.nwrknj.fios.verizon.net pool-72-81-170-129.bltmmd.fios.verizon.net pool-74-101-201-82.nycmny.fios.verizon.net pool-74-105-158-145.nwrknj.fios.verizon.net static-71-176-215-137.rcmdva.fios.verizon.net static-96-244-108-74.bltmmd.fios.verizon.net
      IP(s)
      173.54.244.170 71.176.215.137 72.81.170.129 74.101.201.82 74.105.158.145 96.244.108.74
      Port(s)
      9997
      Protocol(s)
      http unknown
      Tag(s)
      URL(s)
      / /login /ord /prelogin
    • Operating System
      Linux Linux Kernel
      HTTP Component(s)
      Plex Media Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2de861031040181ee2188040cc83180e
      HTTP Header MD5
      9ca01530123920eac6307b32e7d89d3b
      HTTP Body MD5
      58839c8a9d6616ca62adc7b6e3610676 
    • HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Wed, 06 Nov 2024 23:35:48 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T23:35:49.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "product" : "Media Server",
               "productvendor" : "Plex"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : -509166743,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS701",
   "city" : "New York",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Wed, 06 Nov 2024 23:35:48 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "verizon.net"
   ],
   "geolocus" : {
      "asn" : "AS701",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "verizon-gni.net",
         "verizon.com",
         "verizon.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "VIS-BLOCK",
      "organization" : "Verizon Business",
      "subnet" : "74.101.0.0/16"
   },
   "host" : [
      "pool-74-101-201-82"
   ],
   "hostname" : [
      "pool-74-101-201-82.nycmny.fios.verizon.net"
   ],
   "ip" : "74.101.201.82",
   "ipv6" : "false",
   "latitude" : "40.7683",
   "location" : "40.7683,-73.9802",
   "longitude" : "-73.9802",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UUNET",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9997,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "pool-74-101-201-82.nycmny.fios.verizon.net"
   ],
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "fios.verizon.net",
      "nycmny.fios.verizon.net"
   ],
   "subnet" : "74.101.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 71.176.215.137:9997 (tcp/http) - last seen on 2024-11-06 at 23:35:20 UTC

  • 74.105.158.145:9997 (tcp/http) - last seen on 2024-11-06 at 22:02:47 UTC

    • IP
      74.105.158.145
      Network
      74.104.0.0/15
      Domain(s)
      verizon.net
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://74.105.158.145:9997/ 401

      HTTP Title
      Unauthorized
      Reverse DNS
      pool-74-105-158-145.nwrknj.fios.verizon.net
      ASN
      AS701
      Organization
      UUNET
      Protocol
      http
      Source
      datascan
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      verizon.net
      Hostname(s)
      71.176.215.137 pool-173-54-244-170.nwrknj.fios.verizon.net pool-72-81-170-129.bltmmd.fios.verizon.net pool-74-101-201-82.nycmny.fios.verizon.net pool-74-105-158-145.nwrknj.fios.verizon.net static-71-176-215-137.rcmdva.fios.verizon.net static-96-244-108-74.bltmmd.fios.verizon.net
      IP(s)
      173.54.244.170 71.176.215.137 72.81.170.129 74.101.201.82 74.105.158.145 96.244.108.74
      Port(s)
      9997
      Protocol(s)
      http unknown
      Tag(s)
      URL(s)
      / /login /ord /prelogin
    • Operating System
      Microsoft Windows
      HTTP Component(s)
      Plex Media Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2de861031040181ee2188040cc83180e
      HTTP Header MD5
      9ca01530123920eac6307b32e7d89d3b
      HTTP Body MD5
      58839c8a9d6616ca62adc7b6e3610676 
    • HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Wed, 06 Nov 2024 22:02:45 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T22:02:47.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "productvendor" : "Plex",
               "product" : "Media Server"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : 295909821,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS701",
   "city" : "Eatontown",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Wed, 06 Nov 2024 22:02:45 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "verizon.net"
   ],
   "geolocus" : {
      "asn" : "AS701",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "verizon.com",
         "verizon.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "VIS-BLOCK",
      "organization" : "Verizon Business",
      "subnet" : "74.104.0.0/15"
   },
   "host" : [
      "pool-74-105-158-145"
   ],
   "hostname" : [
      "pool-74-105-158-145.nwrknj.fios.verizon.net"
   ],
   "ip" : "74.105.158.145",
   "ipv6" : "false",
   "latitude" : "40.3014",
   "location" : "40.3014,-74.0705",
   "longitude" : "-74.0705",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UUNET",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9997,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "pool-74-105-158-145.nwrknj.fios.verizon.net"
   ],
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "fios.verizon.net",
      "nwrknj.fios.verizon.net"
   ],
   "subnet" : "74.104.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 96.244.108.74:9997 (tcp/unknown) - last seen on 2024-11-06 at 00:36:12 UTC

  • <access denied by policy>:<access denied by policy> (<access denied by policy>/<access denied by policy>) - last seen on 2024-11-05 at 23:05:55 UTC

    • IP

      <access denied by policy>

      Network

      <access denied by policy>

      Domain(s)
      Operating System

      <access denied by policy> <access denied by policy>

      Reverse DNS

      <access denied by policy>

      ASN

      <access denied by policy>

      Organization

      <access denied by policy>

      Protocol

      <access denied by policy>

      Source

      <access denied by policy>

    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      verizon.net
      Hostname(s)
      71.176.215.137 pool-173-54-244-170.nwrknj.fios.verizon.net pool-72-81-170-129.bltmmd.fios.verizon.net pool-74-101-201-82.nycmny.fios.verizon.net pool-74-105-158-145.nwrknj.fios.verizon.net static-71-176-215-137.rcmdva.fios.verizon.net static-96-244-108-74.bltmmd.fios.verizon.net
      IP(s)
      173.54.244.170 71.176.215.137 72.81.170.129 74.101.201.82 74.105.158.145 96.244.108.74
      Port(s)
      9997
      Protocol(s)
      http unknown
      Tag(s)
      URL(s)
      / /login /ord /prelogin
    • Operating System

      <access denied by policy> <access denied by policy>

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5

      <access denied by policy>

    • <access denied by policy>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T23:05:55.000Z",
   "app" : "<enterprise field>: app",
   "asn" : "<access denied by policy>",
   "city" : "<access denied by policy>",
   "country" : "<access denied by policy>",
   "data" : "<access denied by policy>",
   "datamd5" : "<access denied by policy>",
   "datammh3" : "<access denied by policy>",
   "device" : "<enterprise field>: device",
   "domain" : "<access denied by policy>",
   "geolocus" : "<enterprise field>: geolocus",
   "host" : "<access denied by policy>",
   "hostname" : "<access denied by policy>",
   "ip" : "<access denied by policy>",
   "ipv6" : "<access denied by policy>",
   "latitude" : "<access denied by policy>",
   "location" : "<access denied by policy>",
   "longitude" : "<access denied by policy>",
   "node" : "<enterprise field>: node",
   "organization" : "<access denied by policy>",
   "os" : "<access denied by policy>",
   "osvendor" : "<access denied by policy>",
   "port" : "<access denied by policy>",
   "protocol" : "<access denied by policy>",
   "protocolversion" : "<access denied by policy>",
   "reason" : "<access denied by policy>",
   "reverse" : "<access denied by policy>",
   "seen_date" : "<access denied by policy>",
   "source" : "<access denied by policy>",
   "status" : "<access denied by policy>",
   "subdomains" : "<access denied by policy>",
   "subnet" : "<access denied by policy>",
   "tag" : "<enterprise field>: tag",
   "tld" : "<access denied by policy>",
   "tls" : "<access denied by policy>",
   "transport" : "<access denied by policy>",
   "url" : "<access denied by policy>"
}

  • 173.54.244.170:9997 (tcp/http) - last seen on 2024-11-05 at 09:20:20 UTC

    • IP
      173.54.244.170
      Network
      173.54.0.0/16
      Domain(s)
      verizon.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://173.54.244.170:9997/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      Reverse DNS
      pool-173-54-244-170.nwrknj.fios.verizon.net
      ASN
      AS701
      Organization
      UUNET
      Protocol
      http
      Source
      datascan
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      verizon.net
      Hostname(s)
      71.176.215.137 pool-173-54-244-170.nwrknj.fios.verizon.net pool-72-81-170-129.bltmmd.fios.verizon.net pool-74-101-201-82.nycmny.fios.verizon.net pool-74-105-158-145.nwrknj.fios.verizon.net static-71-176-215-137.rcmdva.fios.verizon.net static-96-244-108-74.bltmmd.fios.verizon.net
      IP(s)
      173.54.244.170 71.176.215.137 72.81.170.129 74.101.201.82 74.105.158.145 96.244.108.74
      Port(s)
      9997
      Protocol(s)
      http unknown
      Tag(s)
      URL(s)
      / /login /ord /prelogin
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0c1820e0d381850a77897bf32978a1f0
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      ea425366a98dfc499c0cbeedb9a4f02a 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Tue, 05 Nov 2024 09:20:19 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T09:20:20.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 1083901978,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS701",
   "city" : "Bergenfield",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Tue, 05 Nov 2024 09:20:19 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "verizon.net"
   ],
   "geolocus" : {
      "asn" : "AS701",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "verizon-gni.net",
         "verizon.com",
         "verizon.net",
         "verizonbusiness.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "VIS-BLOCK",
      "organization" : "Verizon Business",
      "subnet" : "173.54.0.0/16"
   },
   "host" : [
      "pool-173-54-244-170"
   ],
   "hostname" : [
      "pool-173-54-244-170.nwrknj.fios.verizon.net"
   ],
   "ip" : "173.54.244.170",
   "ipv6" : "false",
   "latitude" : "40.9175",
   "location" : "40.9175,-73.9912",
   "longitude" : "-73.9912",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UUNET",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9997,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "pool-173-54-244-170.nwrknj.fios.verizon.net"
   ],
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "nwrknj.fios.verizon.net",
      "fios.verizon.net"
   ],
   "subnet" : "173.54.0.0/16",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 72.81.170.129:9997 (tcp/http) - last seen on 2024-11-02 at 12:23:21 UTC

    • IP
      72.81.170.129
      Network
      72.81.128.0/17
      Domain(s)
      verizon.net
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://72.81.170.129:9997/ 401

      Reverse DNS
      pool-72-81-170-129.bltmmd.fios.verizon.net
      ASN
      AS701
      Organization
      UUNET
      Protocol
      http
      Source
      datascan
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      verizon.net
      Hostname(s)
      71.176.215.137 pool-173-54-244-170.nwrknj.fios.verizon.net pool-72-81-170-129.bltmmd.fios.verizon.net pool-74-101-201-82.nycmny.fios.verizon.net pool-74-105-158-145.nwrknj.fios.verizon.net static-71-176-215-137.rcmdva.fios.verizon.net static-96-244-108-74.bltmmd.fios.verizon.net
      IP(s)
      173.54.244.170 71.176.215.137 72.81.170.129 74.101.201.82 74.105.158.145 96.244.108.74
      Port(s)
      9997
      Protocol(s)
      http unknown
      Tag(s)
      URL(s)
      / /login /ord /prelogin
    • Operating System
      Microsoft Windows
      Product
      Kestrel Kestrel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a52ea6427651db6824b0a4488878923b
      HTTP Header MD5
      94bd565db1aa7217bf2fa8494d76e34c
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Nov 2024 12:23:20 GMT
Server: Kestrel
Content-Length: 0
WWW-Authenticate: Negotiate


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-02T12:23:21.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "94bd565db1aa7217bf2fa8494d76e34c",
         "headermmh3" : -227233273
      },
      "length" : 150
   },
   "asn" : "AS701",
   "city" : "Cockeysville",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nConnection: close\r\nDate: Sat, 02 Nov 2024 12:23:20 GMT\r\nServer: Kestrel\r\nContent-Length: 0\r\nWWW-Authenticate: Negotiate\r\n\r\n",
   "datamd5" : "a52ea6427651db6824b0a4488878923b",
   "datammh3" : -4433724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "verizon.net"
   ],
   "geolocus" : {
      "asn" : "AS701",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "verizon-gni.net",
         "verizon.com",
         "verizon.net",
         "verizonbusiness.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "VIS-72-64",
      "organization" : "Verizon Business",
      "subnet" : "72.81.128.0/17"
   },
   "host" : [
      "pool-72-81-170-129"
   ],
   "hostname" : [
      "pool-72-81-170-129.bltmmd.fios.verizon.net"
   ],
   "ip" : "72.81.170.129",
   "ipv6" : "false",
   "latitude" : "39.4791",
   "location" : "39.4791,-76.6571",
   "longitude" : "-76.6571",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UUNET",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9997,
   "product" : "Kestrel",
   "productvendor" : "Kestrel",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "pool-72-81-170-129.bltmmd.fios.verizon.net"
   ],
   "seen_date" : "2024-11-02",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "bltmmd.fios.verizon.net",
      "fios.verizon.net"
   ],
   "subnet" : "72.81.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}