Cyber Defense Search Engine

IP
180.105.72.2

Network
180.104.0.0/15

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://180.105.72.2:9999/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS4134

Organization
Chinanet

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
d99ed25e2c7a4ced3d0cdf70ae53ed15

HTTP Header MD5
e83a78b061b65fa4c46720f84991ecf3

HTTP Body MD5
b918f8b3770dc1158b467b0dd192e59e

HTTP/1.1 400 Bad Request
Server: openresty
Date: Thu, 07 Nov 2024 05:36:28 GMT
Content-Type: text/html
Content-Length: 252
Connection: close
Request-Id: 4802672c51dcb4697f16d7fe84f688a1

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>openresty</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:29.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b918f8b3770dc1158b467b0dd192e59e",
         "bodymmh3" : 1280153115,
         "headermd5" : "e83a78b061b65fa4c46720f84991ecf3",
         "headermmh3" : 1768771402,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 447
   },
   "asn" : "AS4134",
   "city" : "Guangzhou",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: openresty\r\nDate: Thu, 07 Nov 2024 05:36:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 252\r\nConnection: close\r\nRequest-Id: 4802672c51dcb4697f16d7fe84f688a1\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "d99ed25e2c7a4ced3d0cdf70ae53ed15",
   "datammh3" : -658105298,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4134",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "163.com",
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-JS",
      "organization" : "Chinanet Jiangsu Province Network",
      "subnet" : "180.104.0.0/15"
   },
   "ip" : "180.105.72.2",
   "ipv6" : "false",
   "latitude" : "23.1181",
   "location" : "23.1181,113.2539",
   "longitude" : "113.2539",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Chinanet",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9999,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "180.104.0.0/15",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
172.247.9.188

Network
172.247.0.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://172.247.9.188:9999/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS40065

Organization
CNSERVERS

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
20043fc9f7ca6862d1a9bba871b7d0db

HTTP Header MD5
9c44ef776ac05730fa40b55936cbde3b

HTTP Body MD5
b918f8b3770dc1158b467b0dd192e59e

HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:36:21 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 252
Connection: close
Server: one

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>openresty</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:21.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b918f8b3770dc1158b467b0dd192e59e",
         "bodymmh3" : 683472816,
         "headermd5" : "9c44ef776ac05730fa40b55936cbde3b",
         "headermmh3" : -1462188448,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 409
   },
   "asn" : "AS40065",
   "country" : "US",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:36:21 GMT\r\nContent-Type: text/html;charset=utf-8\r\nContent-Length: 252\r\nConnection: close\r\nServer: one\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "20043fc9f7ca6862d1a9bba871b7d0db",
   "datammh3" : -3726126,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS40065",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "ceranetworks.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "GDI-INVEST-03",
      "organization" : "CloudRadium L.L.C",
      "subnet" : "172.247.8.0/21"
   },
   "ip" : "172.247.9.188",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CNSERVERS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9999,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "172.247.0.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
211.207.73.179

Network
211.207.0.0/16

Device

<enterprise field>: device.class

URL

http://211.207.73.179:9999/login/login.cgi 200

ASN
AS9318

Organization
SK Broadband Co Ltd

Protocol
http

Source
urlscan::redirect
Product
httpd httpd

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0648e0e5eb3085c4f5cd95c72e62c499

HTTP Header MD5
2e3cf0b3cd7ae8f605f24e9da2872e1d

HTTP Body MD5
2698d7734e050c8e1627921006e4cddb

HTTP/1.0 200 OK
Date: Thu, 07 Nov 2024 05:36:16 GMT
Server: Httpd/1.0
Connection: close
Content-type: text/html; charset=utf-8

<html><script> top.location = "/sess-bin/login_session.cgi"; //session_timeout </script></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:20.000Z",
   "app" : {
      "extract" : {
         "file" : [
            "login_session.cgi"
         ]
      },
      "http" : {
         "bodymd5" : "2698d7734e050c8e1627921006e4cddb",
         "bodymmh3" : 1764082122,
         "headermd5" : "2e3cf0b3cd7ae8f605f24e9da2872e1d",
         "headermmh3" : -736912847
      },
      "length" : 227
   },
   "asn" : "AS9318",
   "city" : "Songpa-gu",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nDate: Thu, 07 Nov 2024 05:36:16 GMT\r\nServer: Httpd/1.0\r\nConnection: close\r\nContent-type: text/html; charset=utf-8\n\n<html><script> top.location = \"/sess-bin/login_session.cgi\"; //session_timeout </script></html>",
   "datamd5" : "0648e0e5eb3085c4f5cd95c72e62c499",
   "datammh3" : -594127593,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "211.207.73.179",
   "geolocus" : {
      "asn" : "AS9318",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "nic.or.kr",
         "skbroadband.com"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "broadNnet",
      "organization" : "SK Broadband Co Ltd",
      "subnet" : "211.207.0.0/16"
   },
   "hostname" : [
      "211.207.73.179"
   ],
   "ip" : "211.207.73.179",
   "ipv6" : "false",
   "latitude" : "37.5049",
   "location" : "37.5049,127.1367",
   "longitude" : "127.1367",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SK Broadband Co Ltd",
   "port" : 9999,
   "product" : "httpd",
   "productvendor" : "httpd",
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 200,
   "subnet" : "211.207.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/login/login.cgi"
}

IP
183.230.184.51

Network
183.224.0.0/13

Device

<enterprise field>: device.class

URL

http://183.230.184.51:9999/error.html 302

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
urlscan::redirect

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
9b338861ece62214e7414be8c9de38b8

HTTP Header MD5
f33c2f48cb4586401084a0362932091a

HTTP Body MD5
465981b2c7142b9fb660b39e2de874c1

HTTP/1.1 302 Found
Connection: close
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Location: /
Transfer-Encoding: chunked
Expires: 0
X-Frame-Options: SAMEORIGIN

0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:19.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "465981b2c7142b9fb660b39e2de874c1",
         "bodymmh3" : 721386996,
         "headermd5" : "f33c2f48cb4586401084a0362932091a",
         "headermmh3" : 2126553128
      },
      "length" : 193
   },
   "asn" : "AS9808",
   "country" : "CN",
   "data" : "HTTP/1.1 302 Found\r\nConnection: close\r\nContent-Type: text/html; charset=utf-8\r\nCache-Control: no-cache\r\nLocation: /\r\nTransfer-Encoding: chunked\r\nExpires: 0\r\nX-Frame-Options: SAMEORIGIN\r\n\r\n0\r\n\r\n",
   "datamd5" : "9b338861ece62214e7414be8c9de38b8",
   "datammh3" : -1661536531,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "183.230.184.51",
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile Communications Corporation",
      "subnet" : "183.228.0.0/14"
   },
   "hostname" : [
      "183.230.184.51"
   ],
   "ip" : "183.230.184.51",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "port" : 9999,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 302,
   "subnet" : "183.224.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/error.html"
}

IP
211.192.46.16

Network
211.192.32.0/20

Domain(s)
kornet.net

Device

<enterprise field>: device.class

URL

http://211.192.46.16:9999/login/login.cgi 200

Reverse DNS
hh-k6-ge1.kornet.net

ASN
AS4766

Organization
Korea Telecom

Protocol
http

Source
urlscan::redirect
Product
httpd httpd

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0648e0e5eb3085c4f5cd95c72e62c499

HTTP Header MD5
2e3cf0b3cd7ae8f605f24e9da2872e1d

HTTP Body MD5
2698d7734e050c8e1627921006e4cddb

HTTP/1.0 200 OK
Date: Thu, 07 Nov 2024 14:36:16 GMT
Server: Httpd/1.0
Connection: close
Content-type: text/html; charset=utf-8

<html><script> top.location = "/sess-bin/login_session.cgi"; //session_timeout </script></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:19.000Z",
   "app" : {
      "extract" : {
         "file" : [
            "login_session.cgi"
         ]
      },
      "http" : {
         "bodymd5" : "2698d7734e050c8e1627921006e4cddb",
         "bodymmh3" : 1764082122,
         "headermd5" : "2e3cf0b3cd7ae8f605f24e9da2872e1d",
         "headermmh3" : 881229970
      },
      "length" : 227
   },
   "asn" : "AS4766",
   "city" : "Seodaemun-gu",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nDate: Thu, 07 Nov 2024 14:36:16 GMT\r\nServer: Httpd/1.0\r\nConnection: close\r\nContent-type: text/html; charset=utf-8\n\n<html><script> top.location = \"/sess-bin/login_session.cgi\"; //session_timeout </script></html>",
   "datamd5" : "0648e0e5eb3085c4f5cd95c72e62c499",
   "datammh3" : -594127593,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "kornet.net"
   ],
   "forward" : "211.192.46.16",
   "geolocus" : {
      "asn" : "AS4766",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "kt.com",
         "nic.or.kr"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "KORNET",
      "organization" : "Korea Telecom",
      "subnet" : "211.192.32.0/20"
   },
   "host" : [
      "hh-k6-ge1"
   ],
   "hostname" : [
      "211.192.46.16",
      "hh-k6-ge1.kornet.net"
   ],
   "ip" : "211.192.46.16",
   "ipv6" : "false",
   "latitude" : "37.5551",
   "location" : "37.5551,126.9369",
   "longitude" : "126.9369",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Korea Telecom",
   "port" : 9999,
   "product" : "httpd",
   "productvendor" : "httpd",
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "reverse" : [
      "hh-k6-ge1.kornet.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 200,
   "subnet" : "211.192.32.0/20",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/login/login.cgi"
}

IP
87.125.65.59

Network
87.125.0.0/16

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://87.125.65.59:9999/ 200

ASN
AS12430

Organization
Vodafone Spain

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Apache HTTP Server 2.2.18

HTTP Component(s)
PHP PHP 5.3.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
aad65130b94a52857db4b3282e0af0f9

HTTP Header MD5
449778a676a4ce789ad558ba14693d61

HTTP Body MD5
ef15bb9fdc303dd1a141a4e865511eb3

HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 05:38:16 GMT
Server: Apache/2.2.18 (Win32) PHP/5.3.6
X-Powered-By: PHP/5.3.6
Set-Cookie: symfony=8rl9bvcegbfl7vvmalsnvai6a1; path=/
Content-Length: 139
Connection: close
Content-Type: text/html

<html><script type="text/javascript">window.location = "http://<ip>:9999/index.php/es/seguridad/login/noredirect/1"</script></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ef15bb9fdc303dd1a141a4e865511eb3",
         "bodymmh3" : 47309765,
         "component" : [
            {
               "productvendor" : "PHP",
               "productversion" : "5.3.6",
               "product" : "PHP"
            }
         ],
         "headermd5" : "449778a676a4ce789ad558ba14693d61",
         "headermmh3" : -1620215419
      },
      "length" : 374
   },
   "asn" : "AS12430",
   "city" : "Pamplona",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 05:38:16 GMT\r\nServer: Apache/2.2.18 (Win32) PHP/5.3.6\r\nX-Powered-By: PHP/5.3.6\r\nSet-Cookie: symfony=8rl9bvcegbfl7vvmalsnvai6a1; path=/\r\nContent-Length: 139\r\nConnection: close\r\nContent-Type: text/html\r\n\r\n<html><script type=\"text/javascript\">window.location = \"http://<ip>:9999/index.php/es/seguridad/login/noredirect/1\"</script></html>",
   "datamd5" : "aad65130b94a52857db4b3282e0af0f9",
   "datammh3" : -1027246911,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS12430",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "ES",
      "countryname" : "Spain",
      "domain" : [
         "vodafone.es"
      ],
      "isineu" : "true",
      "latitude" : "40.463667",
      "location" : "40.463667,-3.74922",
      "longitude" : "-3.74922",
      "netname" : "ES-AIRTEL-20050808",
      "organization" : "VODAFONE ESPANA S.A.U.",
      "subnet" : "87.125.0.0/16"
   },
   "ip" : "87.125.65.59",
   "ipv6" : "false",
   "latitude" : "42.8288",
   "location" : "42.8288,-1.6732",
   "longitude" : "-1.6732",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Vodafone Spain",
   "os" : "Windows",
   "osbits" : 32,
   "osvendor" : "Microsoft",
   "port" : 9999,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.2.18",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "87.125.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
70.28.204.108

Network
70.28.192.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://70.28.204.108:9999/ 200

HTTP Title
Power Controller

ASN
AS577

Organization
BACOM

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b0d0e06756dd407a2956bc6c62924f84

HTTP Header MD5
9e928ba1df09511f558bc95563d1ec47

HTTP Body MD5
77629d523e60c235816d06eddc698cbd

HTTP/1.1 200 OK
Transfer-Encoding: chunked
Cache-Control: max-age=0, private, must-revalidate
Content-Type: text/html; charset="utf-8"

809






<!DOCTYPE html>
<html>
<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="robots" content="noindex, nofollow">
<noscript>
<meta http-equiv="refresh" content="285">
</noscript>
<script type="text/javascript"> setTimeout(function() { window.location = window.location; }, 285000); </script>

<link rel="stylesheet" type="text/css" href="/static/css/sanitize.26b8dd15.css">
<link rel="stylesheet" type="text/css" href="/static/css/select2.d4457111.css">
<link rel="stylesheet" type="text/css" href="/static/css/style.820a6797.css">

<title>Power Controller</title>
<script type="text/javascript" src="/static/js/md5.0df4dd77.js"></script>
<script type="text/javascript">
<!--
window.addEventListener && window.addEventListener("pageshow", function(event)
{
    if (event.persisted || (window.performance && window.performance.navigation && window.performance.navigation.type === 2))
    {
        /* Reload on attempts to go back to this page to obtain a new challenge. */
        window.location = window.location;
    }
});
function calcResponse(){
var str;
str=document.login.Challenge.value+document.login.Username.value+document.login.Password.value+document.login.Challenge.value;
document.secin.Password.value = hex_md5(str);
document.secin.Username.value = document.login.Username.value;
document.secin.submit();
}//-->
</script>
</head>
<body>
<noscript>
<table class="compact form">
<tr><td class="error border">&nbsp;</td></tr>
<tr><td class="error message"><h1>Warning: Insecure Authentication</h1></td></tr>
<tr><td class="error border">&nbsp;</td></tr></table>
</noscript>
<table class="page"><tr><td>
<form name="login" id="login" action="/login.tgi" method="post" accept-charset="UTF-8">
<table class="compact form">
<tr>
<td>User Name</td>
<td><input type="text" name="Username" value="" size="16"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="Password" size="16"></td>
</tr>
<tr class="right">
<td></td>
<td><input onClick="calcResponse(); return false;" type="Submit" value="OK"
1BB
>
<input type="hidden" name="Challenge" value="4IzAfvrNrnpQpoYG">
</td></tr>
</table>
</form>
</td></tr></table>
<script type="text/javascript">
<!--
document.login.Username.focus();
//-->
</script>
<form name="secin" id="secin" action="/login.tgi" method="post" accept-charset="UTF-8">
<div style="display:none">
<input type="hidden" name="Username">
<input type="hidden" name="Password">
<input type="submit">
</div>
</form>
</body>
</html>

0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "77629d523e60c235816d06eddc698cbd",
         "bodymmh3" : -776925052,
         "headermd5" : "9e928ba1df09511f558bc95563d1ec47",
         "headermmh3" : -295431256,
         "title" : "Power Controller"
      },
      "length" : 2660
   },
   "asn" : "AS577",
   "city" : "Killaloe",
   "country" : "CA",
   "data" : "HTTP/1.1 200 OK\r\nTransfer-Encoding: chunked\r\nCache-Control: max-age=0, private, must-revalidate\r\nContent-Type: text/html; charset=\"utf-8\"\r\n\r\n809\r\n\n\n\n\n\n\n<!DOCTYPE html>\n<html>\n<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\n<meta name=\"robots\" content=\"noindex, nofollow\">\n<noscript>\n<meta http-equiv=\"refresh\" content=\"285\">\n</noscript>\n<script type=\"text/javascript\"> setTimeout(function() { window.location = window.location; }, 285000); </script>\n\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/static/css/sanitize.26b8dd15.css\">\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/static/css/select2.d4457111.css\">\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/static/css/style.820a6797.css\">\n\n<title>Power Controller</title>\n<script type=\"text/javascript\" src=\"/static/js/md5.0df4dd77.js\"></script>\n<script type=\"text/javascript\">\n<!--\nwindow.addEventListener && window.addEventListener(\"pageshow\", function(event)\n{\n    if (event.persisted || (window.performance && window.performance.navigation && window.performance.navigation.type === 2))\n    {\n        /* Reload on attempts to go back to this page to obtain a new challenge. */\n        window.location = window.location;\n    }\n});\nfunction calcResponse(){\nvar str;\nstr=document.login.Challenge.value+document.login.Username.value+document.login.Password.value+document.login.Challenge.value;\ndocument.secin.Password.value = hex_md5(str);\ndocument.secin.Username.value = document.login.Username.value;\ndocument.secin.submit();\n}//-->\n</script>\n</head>\n<body>\n<noscript>\n<table class=\"compact form\">\n<tr><td class=\"error border\">&nbsp;</td></tr>\n<tr><td class=\"error message\"><h1>Warning: Insecure Authentication</h1></td></tr>\n<tr><td class=\"error border\">&nbsp;</td></tr></table>\n</noscript>\n<table class=\"page\"><tr><td>\n<form name=\"login\" id=\"login\" action=\"/login.tgi\" method=\"post\" accept-charset=\"UTF-8\">\n<table class=\"compact form\">\n<tr>\n<td>User Name</td>\n<td><input type=\"text\" name=\"Username\" value=\"\" size=\"16\"></td>\n</tr>\n<tr>\n<td>Password</td>\n<td><input type=\"password\" name=\"Password\" size=\"16\"></td>\n</tr>\n<tr class=\"right\">\n<td></td>\n<td><input onClick=\"calcResponse(); return false;\" type=\"Submit\" value=\"OK\"\r\n1BB\r\n>\n<input type=\"hidden\" name=\"Challenge\" value=\"4IzAfvrNrnpQpoYG\">\n</td></tr>\n</table>\n</form>\n</td></tr></table>\n<script type=\"text/javascript\">\n<!--\ndocument.login.Username.focus();\n//-->\n</script>\n<form name=\"secin\" id=\"secin\" action=\"/login.tgi\" method=\"post\" accept-charset=\"UTF-8\">\n<div style=\"display:none\">\n<input type=\"hidden\" name=\"Username\">\n<input type=\"hidden\" name=\"Password\">\n<input type=\"submit\">\n</div>\n</form>\n</body>\n</html>\n\r\n0\r\n\r\n",
   "datamd5" : "b0d0e06756dd407a2956bc6c62924f84",
   "datammh3" : 640694713,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS577",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "bell.ca"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "BELLMOBIL-12-02932-20120809-CA",
      "organization" : "Bell Mobility, Inc.",
      "subnet" : "70.28.192.0/19"
   },
   "ip" : "70.28.204.108",
   "ipv6" : "false",
   "latitude" : "45.5541",
   "location" : "45.5541,-77.4216",
   "longitude" : "-77.4216",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "BACOM",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9999,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "70.28.192.0/19",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
107.154.165.188

Network
107.154.128.0/18

Domain(s)
incapdns.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://107.154.165.188:9999/ 503

Reverse DNS
107.154.165.188.ip.incapdns.net

ASN
AS19551

Organization
INCAPSULA

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a5d89b65b031d81d602cef526a758759

HTTP Header MD5
488e3e2d5c996ad573f9aa1e29083e71

HTTP Body MD5
568f38560ae6170dc930ca2fd9a2158c

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
Content-Length: 692
X-Iinfo: 60-250802042-0 0NNN RT(1730957764898 17) q(0 -1 -1 -1) r(0 -1)

<html style="height:100%"><head><META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"><meta name="format-detection" content="telephone=no"><meta name="viewport" content="initial-scale=1.0"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"></head><body style="margin:0px;height:100%"><iframe id="main-iframe" src="/_Incapsula_Resource?CWUDNSAI=5&xinfo=60-250802042-0%200NNN%20RT%281730957764898%2017%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29&incident_id=0-1222437955619915708&edet=22&cinfo=ffffffff&rpinfo=0&mth=GET" frameborder=0 width="100%" height="100%" marginheight="0px" marginwidth="0px">Request unsuccessful. Incapsula incident ID: 0-1222437955619915708</iframe></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "568f38560ae6170dc930ca2fd9a2158c",
         "bodymmh3" : 493090866,
         "headermd5" : "488e3e2d5c996ad573f9aa1e29083e71",
         "headermmh3" : -1606723648
      },
      "length" : 901
   },
   "asn" : "AS19551",
   "country" : "US",
   "data" : "HTTP/1.1 503 Service Unavailable\r\nContent-Type: text/html\r\nCache-Control: no-cache, no-store\r\nConnection: close\r\nContent-Length: 692\r\nX-Iinfo: 60-250802042-0 0NNN RT(1730957764898 17) q(0 -1 -1 -1) r(0 -1)\r\n\r\n<html style=\"height:100%\"><head><META NAME=\"ROBOTS\" CONTENT=\"NOINDEX, NOFOLLOW\"><meta name=\"format-detection\" content=\"telephone=no\"><meta name=\"viewport\" content=\"initial-scale=1.0\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\"></head><body style=\"margin:0px;height:100%\"><iframe id=\"main-iframe\" src=\"/_Incapsula_Resource?CWUDNSAI=5&xinfo=60-250802042-0%200NNN%20RT%281730957764898%2017%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29&incident_id=0-1222437955619915708&edet=22&cinfo=ffffffff&rpinfo=0&mth=GET\" frameborder=0 width=\"100%\" height=\"100%\" marginheight=\"0px\" marginwidth=\"0px\">Request unsuccessful. Incapsula incident ID: 0-1222437955619915708</iframe></body></html>",
   "datamd5" : "a5d89b65b031d81d602cef526a758759",
   "datammh3" : -281948613,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "incapdns.net"
   ],
   "geolocus" : {
      "asn" : "AS19551",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "imperva.com",
         "incapdns.net",
         "incapsula.com",
         "thalesgroup.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "INCAPSULA-NETWORK",
      "organization" : "Incapsula Inc",
      "subnet" : "107.154.160.0/21"
   },
   "host" : [
      107
   ],
   "hostname" : [
      "107.154.165.188.ip.incapdns.net"
   ],
   "ip" : "107.154.165.188",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "INCAPSULA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9999,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Service Unavailable",
   "reverse" : [
      "107.154.165.188.ip.incapdns.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 503,
   "subdomains" : [
      "154.165.188.ip.incapdns.net",
      "165.188.ip.incapdns.net",
      "188.ip.incapdns.net",
      "ip.incapdns.net"
   ],
   "subnet" : "107.154.128.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
107.154.63.162

Network
107.154.60.0/22

Domain(s)
incapdns.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://107.154.63.162:9999/ 503

Reverse DNS
107.154.63.162.ip.incapdns.net

ASN
AS19551

Organization
INCAPSULA

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
49886655f69c98bcad9ad698614fb732

HTTP Header MD5
cfb7202324dc04e7fe4e418abd59e767

HTTP Body MD5
20b3b09e1e1ab2435e46b38e6ca8a669

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
Content-Length: 692
X-Iinfo: 61-212469742-0 0NNN RT(1730957764271 22) q(0 -1 -1 -1) r(0 -1)

<html style="height:100%"><head><META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"><meta name="format-detection" content="telephone=no"><meta name="viewport" content="initial-scale=1.0"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"></head><body style="margin:0px;height:100%"><iframe id="main-iframe" src="/_Incapsula_Resource?CWUDNSAI=5&xinfo=61-212469742-0%200NNN%20RT%281730957764271%2022%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29&incident_id=0-1243903261532422909&edet=22&cinfo=ffffffff&rpinfo=0&mth=GET" frameborder=0 width="100%" height="100%" marginheight="0px" marginwidth="0px">Request unsuccessful. Incapsula incident ID: 0-1243903261532422909</iframe></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "20b3b09e1e1ab2435e46b38e6ca8a669",
         "bodymmh3" : -8153573,
         "headermd5" : "cfb7202324dc04e7fe4e418abd59e767",
         "headermmh3" : 1977915538
      },
      "length" : 901
   },
   "asn" : "AS19551",
   "country" : "US",
   "data" : "HTTP/1.1 503 Service Unavailable\r\nContent-Type: text/html\r\nCache-Control: no-cache, no-store\r\nConnection: close\r\nContent-Length: 692\r\nX-Iinfo: 61-212469742-0 0NNN RT(1730957764271 22) q(0 -1 -1 -1) r(0 -1)\r\n\r\n<html style=\"height:100%\"><head><META NAME=\"ROBOTS\" CONTENT=\"NOINDEX, NOFOLLOW\"><meta name=\"format-detection\" content=\"telephone=no\"><meta name=\"viewport\" content=\"initial-scale=1.0\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\"></head><body style=\"margin:0px;height:100%\"><iframe id=\"main-iframe\" src=\"/_Incapsula_Resource?CWUDNSAI=5&xinfo=61-212469742-0%200NNN%20RT%281730957764271%2022%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29&incident_id=0-1243903261532422909&edet=22&cinfo=ffffffff&rpinfo=0&mth=GET\" frameborder=0 width=\"100%\" height=\"100%\" marginheight=\"0px\" marginwidth=\"0px\">Request unsuccessful. Incapsula incident ID: 0-1243903261532422909</iframe></body></html>",
   "datamd5" : "49886655f69c98bcad9ad698614fb732",
   "datammh3" : -1602842550,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "incapdns.net"
   ],
   "geolocus" : {
      "asn" : "AS19551",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "imperva.com",
         "incapdns.net",
         "incapsula.com",
         "thalesgroup.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "INCAPSULA-NETWORK",
      "organization" : "Incapsula Inc",
      "subnet" : "107.154.60.0/22"
   },
   "host" : [
      107
   ],
   "hostname" : [
      "107.154.63.162.ip.incapdns.net"
   ],
   "ip" : "107.154.63.162",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "INCAPSULA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9999,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Service Unavailable",
   "reverse" : [
      "107.154.63.162.ip.incapdns.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 503,
   "subdomains" : [
      "154.63.162.ip.incapdns.net",
      "162.ip.incapdns.net",
      "63.162.ip.incapdns.net",
      "ip.incapdns.net"
   ],
   "subnet" : "107.154.60.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
43.175.161.79

Network
43.175.160.0/23

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://43.175.161.79:9999/ 400

ASN
AS139341

Organization
ACE

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
8a5df5b6b18ab77f1c1de5c8eef9f397

HTTP Header MD5
30417aa652668a290deefbe31cf779df

HTTP Body MD5
0a077687c365f2dab7fb2f0aff27ace4

HTTP/1.1 400 Bad Request
Connection: close
Content-Length: 45
Server: Lego Server
Date: Thu, 07 Nov 2024 05:36:01 GMT

The plain http request was sent to https port

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:02.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "0a077687c365f2dab7fb2f0aff27ace4",
         "bodymmh3" : 1839588108,
         "headermd5" : "30417aa652668a290deefbe31cf779df",
         "headermmh3" : 1861595055
      },
      "length" : 170
   },
   "asn" : "AS139341",
   "country" : "SG",
   "data" : "HTTP/1.1 400 Bad Request\r\nConnection: close\r\nContent-Length: 45\r\nServer: Lego Server\r\nDate: Thu, 07 Nov 2024 05:36:01 GMT\r\n\r\nThe plain http request was sent to https port",
   "datamd5" : "8a5df5b6b18ab77f1c1de5c8eef9f397",
   "datammh3" : 237765335,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS139341",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "aceville.net"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "ACE-SG",
      "organization" : "ACE",
      "subnet" : "43.175.160.0/19"
   },
   "ip" : "43.175.161.79",
   "ipv6" : "false",
   "latitude" : "1.3673",
   "location" : "1.3673,103.8014",
   "longitude" : "103.8014",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ACE",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9999,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "43.175.160.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 2,103,029 in 0.130 second(s)

180.105.72.2:9999 (tcp/http) - last seen on 2024-11-07 at 05:36:29 UTC

172.247.9.188:9999 (tcp/http) - last seen on 2024-11-07 at 05:36:21 UTC

211.207.73.179:9999 (tcp/http) - last seen on 2024-11-07 at 05:36:20 UTC

183.230.184.51:9999 (tcp/http) - last seen on 2024-11-07 at 05:36:19 UTC

211.192.46.16:9999 (tcp/http) - last seen on 2024-11-07 at 05:36:19 UTC

87.125.65.59:9999 (tcp/http) - last seen on 2024-11-07 at 05:36:07 UTC

70.28.204.108:9999 (tcp/http) - last seen on 2024-11-07 at 05:36:06 UTC

107.154.165.188:9999 (tcp/http) - last seen on 2024-11-07 at 05:36:06 UTC

107.154.63.162:9999 (tcp/http) - last seen on 2024-11-07 at 05:36:05 UTC

43.175.161.79:9999 (tcp/http) - last seen on 2024-11-07 at 05:36:02 UTC