IP

123.56.156.103

Network

123.56.0.0/15

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://123.56.156.103:9527/ 503

HTTP Title

Service Unavailable

ASN

AS37963

Organization

Hangzhou Alibaba Advertising Co.,Ltd.

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Product

Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe

Data MD5

954e2cd91c0434606720b75d4e3e080c

HTTP Header MD5

2892dc5a8f374cc8f43e94055eb294ed

HTTP Body MD5

1c50bd33733a305677a4fa83b38ca91b

HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 08:48:07 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Service Unavailable</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Service Unavailable</h2>
<hr><p>HTTP Error 503. The service is unavailable.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:48:08.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "1c50bd33733a305677a4fa83b38ca91b",
         "bodymmh3" : -268152617,
         "headermd5" : "2892dc5a8f374cc8f43e94055eb294ed",
         "headermmh3" : -276294449,
         "title" : "Service Unavailable"
      },
      "length" : 513
   },
   "asn" : "AS37963",
   "city" : "Beijing",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 503 Service Unavailable\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 08:48:07 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Service Unavailable</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Service Unavailable</h2>\r\n<hr><p>HTTP Error 503. The service is unavailable.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "954e2cd91c0434606720b75d4e3e080c",
   "datammh3" : 1416975206,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS37963",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "alibaba-inc.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "ALISOFT",
      "organization" : "Alibaba (US) Technology Co., Ltd.",
      "subnet" : "123.56.0.0/15"
   },
   "ip" : "123.56.156.103",
   "ipv6" : "false",
   "latitude" : "39.9110",
   "location" : "39.9110,116.3950",
   "longitude" : "116.3950",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9527,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Service Unavailable",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 503,
   "subnet" : "123.56.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

220.249.135.46

Network

220.249.128.0/18

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://220.249.135.46:9527/ 503

ASN

AS4837

Organization

CHINA UNICOM China169 Backbone

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

c77c9c80a293fa43dda66b638c8ecfff

HTTP Header MD5

3a09ae44333a60bc06f3c70e36de201c

HTTP Body MD5

d263da32d0750940bac2046aa8d26771

HTTP/1.1 503 Service Unavailable
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 33

bad 'pcdn-task-id' request header

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:48:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d263da32d0750940bac2046aa8d26771",
         "bodymmh3" : -858402218,
         "headermd5" : "3a09ae44333a60bc06f3c70e36de201c",
         "headermmh3" : 1884633660
      },
      "length" : 130
   },
   "asn" : "AS4837",
   "city" : "Fuzhou",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 503 Service Unavailable\nContent-Type: text/html;charset=ISO-8859-1\nContent-Length: 33\n\r\nbad 'pcdn-task-id' request header",
   "datamd5" : "c77c9c80a293fa43dda66b638c8ecfff",
   "datammh3" : -1846260050,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4837",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinaunicom.cn",
         "fj133165.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CNC-FJ-NINGDE-MAN",
      "organization" : "CNCGroup CHINA169 FuJian province network",
      "subnet" : "220.249.128.0/18"
   },
   "ip" : "220.249.135.46",
   "ipv6" : "false",
   "latitude" : "26.0492",
   "location" : "26.0492,119.2906",
   "longitude" : "119.2906",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CHINA UNICOM China169 Backbone",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9527,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Service Unavailable",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 503,
   "subnet" : "220.249.128.0/18",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

46.244.107.92

Network

46.244.104.0/22

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://46.244.107.92:9527/ 200

ASN

AS51088

Organization

A2b Ip B.v.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

Mortbay Jetty 9.2.22

HTTP Component(s)

jQuery jQuery 3.5.1 Bootstrap Bootstrap

CPE(s)

<enterprise field>: cpe

Data MD5

1d9d87a09af89035317253c84b08cdee

HTTP Header MD5

df6a61f27b950d88a3191956286c3397

HTTP Body MD5

5989889a0400b769c2335547af162638

HTTP/1.1 200 OK
Date: Thu, 21 Nov 2024 08:48:06 GMT
Server: Jetty(9.2.22.v20170606)
Connection: close
Content-Length: 7887
Content-Type: text/html;charset=UTF-8

<!DOCTYPE html>

<html>
<head>
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
    <title></title>
    
<link href="/lib/bootstrap-4.3.1-dist/css/bootstrap.css" rel="stylesheet"/>

<link href="/css/bootlogin2.css" rel="stylesheet"/>


    <link rel="stylesheet" type="text/css" href="/LoginStylesGenerator/GenerateCssFromSetting" />

    
    <!--[if lt IE 9]>
        <link rel="stylesheet" type="text/css" href="/css/login2ie8override.css" />
    <![endif]-->


    <script src="/lib/RespondJs/respond.min.js" type="text/javascript"></script>
</head>
<body class="login-layout LoginLayoutTmpLegacy">
    

<div class="heat-bar heat-bar-top"></div>

<div class="heat-table">
    <div class="heat-col-left">
        <div class="logo"></div>
        <div class="title"><h1>Ivanti Service Manager</h1></div>
        <div class="content-body">
            


<div class="content-inner row-fluid">
<form action="/" class="form-horizontal" method="post" role="form"><input name="__RequestVerificationToken" type="hidden" value="n2HnJ4h83KydYro93syjeNcpg9ym3XNrmPKEBCG7CUKBhgau4bjSMcZFv8PuKRzCGaP9DDvbeaSd683-fq5da4WJiJs1" />        <div class="form-group">
            <label class="hidden-xs col-sm-3 col-md-3 control-label" for="UserName">User name</label>
            <div class="col-xs-12 col-sm-8">
                <input autocomplete="off" class="form-control has-success has-feedback" id="UserName" name="UserName" placeholder="User Name" type="text" value="" />
            </div>
        </div>
        <div class="form-group">
            <label class="hidden-xs col-sm-3 col-md-3 control-label" for="Password">Password</label>
            <div class="col-xs-12 col-sm-8">
                <input autocomplete="off" class="form-control" id="Password" name="Password" placeholder="Password" type="password" />
            </div>
        </div>
            <div class="form-group">
                <label class="hidden-xs col-sm-3 col-md-3 control-label" for="Tenant">Application</label>
                <div class="col-xs-12 col-sm-8">
                    <select class="form-control" id="Tenant" name="Tenant"><option selected="selected" value="cfg-ixm.ivanticlouddev.com">cfg-ixm.ivanticlouddev.com</option>
<option value="ixm-tenant1.ivanticlouddev.com">ixm-tenant1.ivanticlouddev.com</option>
<option value="ixm-tenant2.ivanticlouddev.com">ixm-tenant2.ivanticlouddev.com</option>
<option value="ixm-tenant3.ivanticlouddev.com">ixm-tenant3.ivanticlouddev.com</option>
<option value="ixm-tenant4.ivanticlouddev.com">ixm-tenant4.ivanticlouddev.com</option>
</select>
                </div>
            </div>
        <div class="form-group" id="enableBioMetrics" style="display:none">
            <div class="col-xs-2 col-sm-3 col-md-3" style="padding-left: 0; padding-right:0;">
                <input class="control-label pull-right" id="EnableBiometric" name="EnableBiometric" type="checkbox" value="true" /><input name="EnableBiometric" type="hidden" value="false" />
                <span id="fancymove" style="display:none"></span>
            </div>
            <div id="fancyscreen" class="col-xs-10 col-sm-8 col-md-8">
                <label for="EnableBiometric" style="padding-top: 1px;">Enable Biometric Authentication</label>
            </div>
        </div>
<input id="Tenant" name="Tenant" type="hidden" value="cfg-ixm.ivanticlouddev.com" /><input id="IsUrlSharedByTenants" name="IsUrlSharedByTenants" type="hidden" value="True" /><input id="ClientTimeOffset" name="ClientTimeOffset" type="hidden" value="0" /><input id="ClientTimezoneName" name="ClientTimezoneName" type="hidden" value="" /><input id="ReturnUrl" name="ReturnUrl" type="hidden" value="" /><input id="PrefferedRole" name="PrefferedRole" type="hidden" value="" /><input id="IsForgotPasswordAllowed" name="IsForgotPasswordAllowed" type="hidden" value="True" /><input id="IsFrame" name="IsFrame" type="hidden" value="False" /><input id="OpenIDSignIn" name="OpenIDSignIn" type="hidden" value="" /><input id="SsoReturnUrl" name="SsoReturnUrl" type="hidden" value="" />        <div class="form-actions">
            <button type="submit" class="btn btn-primary">Login</button>
                            <a href="/Account/ForgotPassword">Forgot Password?</a>
        </div>
</form>    <div class="form-group" id="bioMetricsButton" style="display:none">
        <label style="text-align:center">OR</label>
        <div class="col-xs-12 col-sm-8" style="padding-left: 0; padding-right:0;">
            <button class="form-control has-success has-feedback" style="text-align:left">Login using Biometric Authentication</button>
        </div>
    </div>
</div>


        </div>
        <div class="content-footer">
            <div class="additional-text"></div>
            <p>To&nbsp;learn more about our innovative IT&nbsp;Service Management solutions, visit our website at&nbsp;<a href="https://www.ivanti.com/" target="_blank">Ivanti</a></p>
            <p>Copyright &copy;&nbsp;2005-2023 Ivanti. All&nbsp;rights reserved.</p>
            <p> 
                <a href="https://www.ivanti.com/company/legal" target="_blank">Privacy Policy</a> - 
                <a href="https://www.ivanti.com/company/legal" target="_blank">Legal Terms and Notices</a> - 
                <a href="https://www.ivanti.com/company/legal/ivanti-patents" target="_blank">Protected by Patents</a> 
                
            </p>
        </div>
    </div>
    <div class="heat-col-right">
        <div class="logo"></div>
            <div class="title"><h1>Ivanti Service Manager</h1></div>
        <div class="content-footer">
            <div class="additional-text"></div>
            <p>To&nbsp;learn more about our innovative IT&nbsp;Service Management solutions, visit our website at&nbsp;<a href="https://www.ivanti.com/" target="_blank">Ivanti</a></p>
            <p>Copyright &copy;&nbsp;2005-2023 Ivanti. All&nbsp;rights reserved.</p>
            <p>
                <a href="https://www.ivanti.com/company/legal" target="_blank">Privacy Policy</a> -
                <a href="https://www.ivanti.com/company/legal" target="_blank">Legal Terms and Notices</a> -
                <a href="https://www.ivanti.com/company/legal/ivanti-patents" target="_blank">Protected by Patents</a>
            </p>
        </div>
    </div>
</div>

<div class="heat-bar heat-bar-bottom"></div> 

<script src="/lib/jQuery-3.5.1/jquery-3.5.1.js"></script>
<script src="/lib/jquery-validation-1.13.0/jquery.validate.js"></script>

<script src="/lib/bootstrap-4.3.1-dist/js/bootstrap.js"></script>

<script type="text/javascript" src="/IdentityServer/Content/Script/adjustheight.js"></script>

    <script type="text/javascript" src="/lib/jstz.min.js"></script>

    <input id="SelectRoleUrl" name="SelectRoleUrl" type="hidden" value="/Account/SelectRole?returnUrl=ReplaceReturnUrl" />
    <input id="LoginUrl" name="LoginUrl" type="hidden" value="/?returnUrl=ReplaceReturnUrl" />
    <input id="ResetPasswordUrl" name="ResetPasswordUrl" type="hidden" value="/Account/ResetPassword?returnUrl=ReplaceReturnUrl" />
    <input id="authenticateBioMetricUrl" name="authenticateBioMetricUrl" type="hidden" value="/Account/AuthenticateBioMetric" />
    <input id="TenantUrl" name="TenantUrl" type="hidden" value="cfg-ixm.ivanticlouddev.com" />
    <input id="ModelReturnUrl" name="ModelReturnUrl" type="hidden" value="" />

    <script type="text/javascript" src="/scripts/account/Login.js"></script>


    
    <input id="LoginStylesGeneratorUrl" name="LoginStylesGeneratorUrl" type="hidden" value="/LoginStylesGenerator/GenerateCssFromDefinition" />
    <script type="text/javascript" src="/scripts/account/_loginLayout.js"></script>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:48:07.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "ivanti.com"
         ],
         "hostname" : [
            "www.ivanti.com"
         ],
         "url" : [
            "https://www.ivanti.com/",
            "https://www.ivanti.com/company/legal",
            "https://www.ivanti.com/company/legal/ivanti-patents"
         ]
      },
      "http" : {
         "bodymd5" : "5989889a0400b769c2335547af162638",
         "bodymmh3" : -1964873372,
         "component" : [
            {
               "product" : "Bootstrap",
               "productvendor" : "Bootstrap"
            },
            {
               "productvendor" : "jQuery",
               "product" : "jQuery",
               "productversion" : "3.5.1"
            }
         ],
         "headermd5" : "df6a61f27b950d88a3191956286c3397",
         "headermmh3" : -1818955219
      },
      "length" : 8056
   },
   "asn" : "AS51088",
   "city" : "Eindhoven",
   "country" : "NL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 21 Nov 2024 08:48:06 GMT\r\nServer: Jetty(9.2.22.v20170606)\r\nConnection: close\r\nContent-Length: 7887\r\nContent-Type: text/html;charset=UTF-8\r\n\r\n<!DOCTYPE html>\r\n\r\n<html>\r\n<head>\r\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no\">\r\n    <title></title>\r\n    \r\n<link href=\"/lib/bootstrap-4.3.1-dist/css/bootstrap.css\" rel=\"stylesheet\"/>\r\n\r\n<link href=\"/css/bootlogin2.css\" rel=\"stylesheet\"/>\r\n\r\n\r\n    <link rel=\"stylesheet\" type=\"text/css\" href=\"/LoginStylesGenerator/GenerateCssFromSetting\" />\r\n\r\n    \r\n    <!--[if lt IE 9]>\r\n        <link rel=\"stylesheet\" type=\"text/css\" href=\"/css/login2ie8override.css\" />\r\n    <![endif]-->\r\n\r\n\r\n    <script src=\"/lib/RespondJs/respond.min.js\" type=\"text/javascript\"></script>\r\n</head>\r\n<body class=\"login-layout LoginLayoutTmpLegacy\">\r\n    \r\n\r\n<div class=\"heat-bar heat-bar-top\"></div>\r\n\r\n<div class=\"heat-table\">\r\n    <div class=\"heat-col-left\">\r\n        <div class=\"logo\"></div>\r\n        <div class=\"title\"><h1>Ivanti Service Manager</h1></div>\r\n        <div class=\"content-body\">\r\n            \r\n\r\n\r\n<div class=\"content-inner row-fluid\">\r\n<form action=\"/\" class=\"form-horizontal\" method=\"post\" role=\"form\"><input name=\"__RequestVerificationToken\" type=\"hidden\" value=\"n2HnJ4h83KydYro93syjeNcpg9ym3XNrmPKEBCG7CUKBhgau4bjSMcZFv8PuKRzCGaP9DDvbeaSd683-fq5da4WJiJs1\" />        <div class=\"form-group\">\r\n            <label class=\"hidden-xs col-sm-3 col-md-3 control-label\" for=\"UserName\">User name</label>\r\n            <div class=\"col-xs-12 col-sm-8\">\r\n                <input autocomplete=\"off\" class=\"form-control has-success has-feedback\" id=\"UserName\" name=\"UserName\" placeholder=\"User Name\" type=\"text\" value=\"\" />\r\n            </div>\r\n        </div>\r\n        <div class=\"form-group\">\r\n            <label class=\"hidden-xs col-sm-3 col-md-3 control-label\" for=\"Password\">Password</label>\r\n            <div class=\"col-xs-12 col-sm-8\">\r\n                <input autocomplete=\"off\" class=\"form-control\" id=\"Password\" name=\"Password\" placeholder=\"Password\" type=\"password\" />\r\n            </div>\r\n        </div>\r\n            <div class=\"form-group\">\r\n                <label class=\"hidden-xs col-sm-3 col-md-3 control-label\" for=\"Tenant\">Application</label>\r\n                <div class=\"col-xs-12 col-sm-8\">\r\n                    <select class=\"form-control\" id=\"Tenant\" name=\"Tenant\"><option selected=\"selected\" value=\"cfg-ixm.ivanticlouddev.com\">cfg-ixm.ivanticlouddev.com</option>\r\n<option value=\"ixm-tenant1.ivanticlouddev.com\">ixm-tenant1.ivanticlouddev.com</option>\r\n<option value=\"ixm-tenant2.ivanticlouddev.com\">ixm-tenant2.ivanticlouddev.com</option>\r\n<option value=\"ixm-tenant3.ivanticlouddev.com\">ixm-tenant3.ivanticlouddev.com</option>\r\n<option value=\"ixm-tenant4.ivanticlouddev.com\">ixm-tenant4.ivanticlouddev.com</option>\r\n</select>\r\n                </div>\r\n            </div>\r\n        <div class=\"form-group\" id=\"enableBioMetrics\" style=\"display:none\">\r\n            <div class=\"col-xs-2 col-sm-3 col-md-3\" style=\"padding-left: 0; padding-right:0;\">\r\n                <input class=\"control-label pull-right\" id=\"EnableBiometric\" name=\"EnableBiometric\" type=\"checkbox\" value=\"true\" /><input name=\"EnableBiometric\" type=\"hidden\" value=\"false\" />\r\n                <span id=\"fancymove\" style=\"display:none\"></span>\r\n            </div>\r\n            <div id=\"fancyscreen\" class=\"col-xs-10 col-sm-8 col-md-8\">\r\n                <label for=\"EnableBiometric\" style=\"padding-top: 1px;\">Enable Biometric Authentication</label>\r\n            </div>\r\n        </div>\r\n<input id=\"Tenant\" name=\"Tenant\" type=\"hidden\" value=\"cfg-ixm.ivanticlouddev.com\" /><input id=\"IsUrlSharedByTenants\" name=\"IsUrlSharedByTenants\" type=\"hidden\" value=\"True\" /><input id=\"ClientTimeOffset\" name=\"ClientTimeOffset\" type=\"hidden\" value=\"0\" /><input id=\"ClientTimezoneName\" name=\"ClientTimezoneName\" type=\"hidden\" value=\"\" /><input id=\"ReturnUrl\" name=\"ReturnUrl\" type=\"hidden\" value=\"\" /><input id=\"PrefferedRole\" name=\"PrefferedRole\" type=\"hidden\" value=\"\" /><input id=\"IsForgotPasswordAllowed\" name=\"IsForgotPasswordAllowed\" type=\"hidden\" value=\"True\" /><input id=\"IsFrame\" name=\"IsFrame\" type=\"hidden\" value=\"False\" /><input id=\"OpenIDSignIn\" name=\"OpenIDSignIn\" type=\"hidden\" value=\"\" /><input id=\"SsoReturnUrl\" name=\"SsoReturnUrl\" type=\"hidden\" value=\"\" />        <div class=\"form-actions\">\r\n            <button type=\"submit\" class=\"btn btn-primary\">Login</button>\r\n                            <a href=\"/Account/ForgotPassword\">Forgot Password?</a>\r\n        </div>\r\n</form>    <div class=\"form-group\" id=\"bioMetricsButton\" style=\"display:none\">\r\n        <label style=\"text-align:center\">OR</label>\r\n        <div class=\"col-xs-12 col-sm-8\" style=\"padding-left: 0; padding-right:0;\">\r\n            <button class=\"form-control has-success has-feedback\" style=\"text-align:left\">Login using Biometric Authentication</button>\r\n        </div>\r\n    </div>\r\n</div>\r\n\r\n\r\n        </div>\r\n        <div class=\"content-footer\">\r\n            <div class=\"additional-text\"></div>\r\n            <p>To&nbsp;learn more about our innovative IT&nbsp;Service Management solutions, visit our website at&nbsp;<a href=\"https://www.ivanti.com/\" target=\"_blank\">Ivanti</a></p>\r\n            <p>Copyright &copy;&nbsp;2005-2023 Ivanti. All&nbsp;rights reserved.</p>\r\n            <p> \r\n                <a href=\"https://www.ivanti.com/company/legal\" target=\"_blank\">Privacy Policy</a> - \r\n                <a href=\"https://www.ivanti.com/company/legal\" target=\"_blank\">Legal Terms and Notices</a> - \r\n                <a href=\"https://www.ivanti.com/company/legal/ivanti-patents\" target=\"_blank\">Protected by Patents</a> \r\n                \r\n            </p>\r\n        </div>\r\n    </div>\r\n    <div class=\"heat-col-right\">\r\n        <div class=\"logo\"></div>\r\n            <div class=\"title\"><h1>Ivanti Service Manager</h1></div>\r\n        <div class=\"content-footer\">\r\n            <div class=\"additional-text\"></div>\r\n            <p>To&nbsp;learn more about our innovative IT&nbsp;Service Management solutions, visit our website at&nbsp;<a href=\"https://www.ivanti.com/\" target=\"_blank\">Ivanti</a></p>\r\n            <p>Copyright &copy;&nbsp;2005-2023 Ivanti. All&nbsp;rights reserved.</p>\r\n            <p>\r\n                <a href=\"https://www.ivanti.com/company/legal\" target=\"_blank\">Privacy Policy</a> -\r\n                <a href=\"https://www.ivanti.com/company/legal\" target=\"_blank\">Legal Terms and Notices</a> -\r\n                <a href=\"https://www.ivanti.com/company/legal/ivanti-patents\" target=\"_blank\">Protected by Patents</a>\r\n            </p>\r\n        </div>\r\n    </div>\r\n</div>\r\n\r\n<div class=\"heat-bar heat-bar-bottom\"></div> \r\n\r\n<script src=\"/lib/jQuery-3.5.1/jquery-3.5.1.js\"></script>\r\n<script src=\"/lib/jquery-validation-1.13.0/jquery.validate.js\"></script>\r\n\r\n<script src=\"/lib/bootstrap-4.3.1-dist/js/bootstrap.js\"></script>\r\n\r\n<script type=\"text/javascript\" src=\"/IdentityServer/Content/Script/adjustheight.js\"></script>\r\n\r\n    <script type=\"text/javascript\" src=\"/lib/jstz.min.js\"></script>\r\n\r\n    <input id=\"SelectRoleUrl\" name=\"SelectRoleUrl\" type=\"hidden\" value=\"/Account/SelectRole?returnUrl=ReplaceReturnUrl\" />\r\n    <input id=\"LoginUrl\" name=\"LoginUrl\" type=\"hidden\" value=\"/?returnUrl=ReplaceReturnUrl\" />\r\n    <input id=\"ResetPasswordUrl\" name=\"ResetPasswordUrl\" type=\"hidden\" value=\"/Account/ResetPassword?returnUrl=ReplaceReturnUrl\" />\r\n    <input id=\"authenticateBioMetricUrl\" name=\"authenticateBioMetricUrl\" type=\"hidden\" value=\"/Account/AuthenticateBioMetric\" />\r\n    <input id=\"TenantUrl\" name=\"TenantUrl\" type=\"hidden\" value=\"cfg-ixm.ivanticlouddev.com\" />\r\n    <input id=\"ModelReturnUrl\" name=\"ModelReturnUrl\" type=\"hidden\" value=\"\" />\r\n\r\n    <script type=\"text/javascript\" src=\"/scripts/account/Login.js\"></script>\r\n\r\n\r\n    \r\n    <input id=\"LoginStylesGeneratorUrl\" name=\"LoginStylesGeneratorUrl\" type=\"hidden\" value=\"/LoginStylesGenerator/GenerateCssFromDefinition\" />\r\n    <script type=\"text/javascript\" src=\"/scripts/account/_loginLayout.js\"></script>\r\n</body>\r\n</html>",
   "datamd5" : "1d9d87a09af89035317253c84b08cdee",
   "datammh3" : -804581682,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "46.244.107.92",
   "ipv6" : "false",
   "latitude" : "51.4357",
   "location" : "51.4357,5.4842",
   "longitude" : "5.4842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "A2b Ip B.v.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9527,
   "product" : "Jetty",
   "productvendor" : "Mortbay",
   "productversion" : "9.2.22",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "46.244.104.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

175.137.173.35

Network

175.136.0.0/13

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://175.137.173.35:9527/ 401

HTTP Title

401 Unauthorized

ASN

AS4788

Organization

TM TECHNOLOGY SERVICES SDN. BHD.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

6209aeb2604837bce8926082b61ff571

HTTP Header MD5

af120c051a19c94cfd157e22c04d930f

HTTP Body MD5

c9ede7ee17407c10f3ae750e435eeb88

HTTP/1.1 401 Unauthorized
Server: b77cbd5a-d30f-f425-7cd3-ea9ecc425854
Date: Thu, 21 Nov 2024 08:48:05 GMT
Cache-Control: no-cache,no-store
WWW-Authenticate: Basic realm=""
Content-Type: text/html; charset=%s
Connection: close

<HTML>
<HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc">
<H4>401 Unauthorized</H4>
Authorization required.
<HR>
<ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">b77cbd5a-d30f-f425-7cd3-ea9ecc425854</A></ADDRESS>
</BODY>
</HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:48:07.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "acme.com"
         ],
         "hostname" : [
            "www.acme.com"
         ],
         "url" : [
            "http://www.acme.com/software/mini_httpd/"
         ]
      },
      "http" : {
         "bodymd5" : "c9ede7ee17407c10f3ae750e435eeb88",
         "bodymmh3" : 217834909,
         "headermd5" : "af120c051a19c94cfd157e22c04d930f",
         "headermmh3" : -1256973785,
         "title" : "401 Unauthorized"
      },
      "length" : 541
   },
   "asn" : "AS4788",
   "city" : "Kuala Lumpur",
   "country" : "MY",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nServer: b77cbd5a-d30f-f425-7cd3-ea9ecc425854\r\nDate: Thu, 21 Nov 2024 08:48:05 GMT\r\nCache-Control: no-cache,no-store\r\nWWW-Authenticate: Basic realm=\"\"\r\nContent-Type: text/html; charset=%s\r\nConnection: close\r\n\r\n<HTML>\n<HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR=\"#cc9999\" TEXT=\"#000000\" LINK=\"#2020ff\" VLINK=\"#4040cc\">\n<H4>401 Unauthorized</H4>\nAuthorization required.\n<HR>\n<ADDRESS><A HREF=\"http://www.acme.com/software/mini_httpd/\">b77cbd5a-d30f-f425-7cd3-ea9ecc425854</A></ADDRESS>\n</BODY>\n</HTML>\n",
   "datamd5" : "6209aeb2604837bce8926082b61ff571",
   "datammh3" : 491009646,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4788",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "MY",
      "countryname" : "Malaysia",
      "domain" : [
         "tm.com.my",
         "tm.net.my"
      ],
      "isineu" : "false",
      "latitude" : "4.210484",
      "location" : "4.210484,101.975766",
      "longitude" : "101.975766",
      "netname" : "ADSL-STREAMYX",
      "organization" : "Telekom Malaysia Berhad",
      "subnet" : "175.137.0.0/16"
   },
   "ip" : "175.137.173.35",
   "ipv6" : "false",
   "latitude" : "3.1408",
   "location" : "3.1408,101.6852",
   "longitude" : "101.6852",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TM TECHNOLOGY SERVICES SDN. BHD.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9527,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "175.136.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

154.6.148.207

Network

154.6.148.0/23

Device

<enterprise field>: device.class

URL

http://154.6.148.207:9527/ 407

ASN

AS55720

Organization

Gigabit Hosting Sdn Bhd

Protocol

http

Source

datascan

Data MD5

beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5

4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5

917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:48:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS55720",
   "city" : "Kuala Lumpur",
   "country" : "MY",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS55720",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cogentco.com",
         "logicweb.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LOGICWEB",
      "organization" : "LogicWeb Inc.",
      "subnet" : "154.6.148.0/23"
   },
   "ip" : "154.6.148.207",
   "ipv6" : "false",
   "latitude" : "3.1256",
   "location" : "3.1256,101.6965",
   "longitude" : "101.6965",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Gigabit Hosting Sdn Bhd",
   "port" : 9527,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "154.6.148.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

45.128.25.214

Network

45.128.25.0/24

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://45.128.25.214:9527/ 407

ASN

AS58955

Organization

Bangmod Enterprise Co., Ltd.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5

4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5

917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:48:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS58955",
   "country" : "SC",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS55933",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "apnic.net"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "IANA-NETBLOCK-45",
      "organization" : "This network range is not fully allocated to APNIC.",
      "subnet" : "45.0.0.0/8"
   },
   "ip" : "45.128.25.214",
   "ipv6" : "false",
   "latitude" : "-4.5833",
   "location" : "-4.5833,55.6667",
   "longitude" : "55.6667",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Bangmod Enterprise Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9527,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "45.128.25.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

149.51.210.10

Network

149.51.210.0/24

Domain(s)

hostname.localhost

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://149.51.210.10:9527/ 407

Reverse DNS

undefined.hostname.localhost

ASN

AS7018

Organization

ATT-INTERNET4

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5

4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5

917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:48:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS7018",
   "city" : "Ashburn",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "hostname.localhost"
   ],
   "geolocus" : {
      "asn" : "AS7018",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cogentco.com",
         "hostname.localhost",
         "northerncablefiber.com",
         "rackdog.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NORTHERN-CABLE",
      "organization" : "NORTHERN CABLE AND FIBER, LLC",
      "subnet" : "149.51.210.0/24"
   },
   "host" : [
      "undefined"
   ],
   "hostname" : [
      "undefined.hostname.localhost"
   ],
   "ip" : "149.51.210.10",
   "ipv6" : "false",
   "latitude" : "39.0469",
   "location" : "39.0469,-77.4903",
   "longitude" : "-77.4903",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ATT-INTERNET4",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9527,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "reverse" : [
      "undefined.hostname.localhost"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "149.51.210.0/24",
   "tld" : [
      "localhost"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

37.34.85.161

Network

37.34.80.0/21

Device

<enterprise field>: device.class

URL

http://37.34.85.161:9527/ 407

ASN

AS996

Organization

JY-MOBILE-COMMUNICATIONS

Protocol

http

Source

datascan

Data MD5

beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5

4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5

917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:47:59.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS996",
   "city" : "Dallas",
   "country" : "US",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "37.34.85.161",
   "ipv6" : "false",
   "latitude" : "32.7889",
   "location" : "32.7889,-96.8021",
   "longitude" : "-96.8021",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "JY-MOBILE-COMMUNICATIONS",
   "port" : 9527,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "37.34.80.0/21",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

38.207.117.21

Network

38.207.112.0/21

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://38.207.117.21:9527/ 200

HTTP Title

欢迎光临

ASN

AS133180

Organization

Starbow Ltd.

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

dbfa40fb61d473222aa988ff49727ebe

HTTP Header MD5

db929ee95f62f99728d840d6c0c11e00

HTTP Body MD5

a686bcaeb1cd4cd845fd166e6c53ae5a

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 21 Nov 2024 08:47:57 GMT
Content-Type: text/html
Content-Length: 3422
Last-Modified: Tue, 22 Oct 2024 03:41:20 GMT
Connection: close
Vary: Accept-Encoding
ETag: "67171ee0-d5e"
Accept-Ranges: bytes

<!DOCTYPE html>
<html lang="en">
<head>
<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3G4N9Q4duBIy4IdT",ck:"3G4N9Q4duBIy4IdT"})</script>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>欢迎光临</title>
</head>
<body style="background: #e6eaeb;">
<div style="position: relative;margin: 200px auto 0;padding: 0 0 22px;border-radius: 15px 15px 5px 5px;background: #fff;box-shadow: 10px 20px 20px rgba(101, 102, 103, .75);width:95%;max-width: 400px;color: #fff;text-align: center;">
<canvas id="canvas" width="200" height="200" style="display:block;position:absolute;top:-100px;left:0;right:0;margin:0 auto;background:#fff;border-radius:50%;"></canvas>
<div style="color: #242424;font-size: 28px;padding:111px  0 20px">通过安全加密检测</div>
<a id="btn" href="javascript:void(0);" style="display: block;border-radius: 500px;background-color: #ff5656;height: 65px;line-height: 65px;width: 250px;color: #fff;font-size: 22px;text-decoration: none;letter-spacing: 2px;margin:20px auto;cursor:pointer;">链接检测中……</a>
</div>
<script>
            window.onload = function() {
                var canvas = document.getElementById('canvas')
                  , ctx = canvas.getContext('2d')
                  , ras = canvas.width / 2
                  , index = 0;
                drawFrame();
                function drawFrame() {
                    ctx.clearRect(0, 0, canvas.width, canvas.height);
                    ctx.save();
                    ctx.translate(ras, ras);
                    ctx.beginPath();
                    ctx.lineWidth = ras * 0.08;
                    ctx.strokeStyle = "#d1d2d4";
                    ctx.arc(0, 0, ras * 0.8, 0, Math.PI * 2, false);
                    ctx.stroke();
                    ctx.strokeStyle = "#00a2ff ";
                    ctx.lineWidth = ras * 0.12;
                    ctx.beginPath();
                    ctx.arc(0, 0, ras * 0.8, -Math.PI / 2, -Math.PI / 2 + index * Math.PI * 2 / 100, false);
                    ctx.stroke();
                    ctx.textAlign = 'center';
                    ctx.textBaseline = 'middle';
                    ctx.font = ras / 2.2 + 'px Arial';
                    ctx.fillText(index.toFixed(0) + '%', 0, 0);
                    ctx.restore();
                    document.title = '加载中 ' + index.toFixed(1) + '%';
                    if (index < 99.2) {
                        if (index > 90) {
                            index += 1;
                            btn.innerHTML = '请点击进入';
                            btn.onclick = function() {
                                 location.href = 'http://38.207.112.9:22388/ad.html';
                            }
                            ;
                            btn.style.background = '#36A11E'
                        } else if (index > 60) {
                            index += 1
                        } else {
                            index += 3
                        }
                        setTimeout(drawFrame, 20)
                    } else if (index != 100) {
                        index = 100;
                        drawFrame()
                    } else {
                        document.title = '请点击进入'
                    }
                }
            }
        </script>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:47:57.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "38.207.112.9"
         ],
         "url" : [
            "http://38.207.112.9:22388/ad.html"
         ]
      },
      "http" : {
         "bodymd5" : "a686bcaeb1cd4cd845fd166e6c53ae5a",
         "bodymmh3" : -413845936,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 22 Oct 2024 03:41:20 GMT"
            },
            {
               "name" : "ETag",
               "value" : "67171ee0-d5e"
            }
         ],
         "headermd5" : "db929ee95f62f99728d840d6c0c11e00",
         "headermmh3" : 1969801278,
         "title" : "\u6b22\u8fce\u5149\u4e34"
      },
      "length" : 3672
   },
   "asn" : "AS133180",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:47:57 GMT\r\nContent-Type: text/html\r\nContent-Length: 3422\r\nLast-Modified: Tue, 22 Oct 2024 03:41:20 GMT\r\nConnection: close\r\nVary: Accept-Encoding\r\nETag: \"67171ee0-d5e\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3G4N9Q4duBIy4IdT\",ck:\"3G4N9Q4duBIy4IdT\"})</script>\n<meta charset=\"UTF-8\">\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0\">\n<title>\u6b22\u8fce\u5149\u4e34</title>\n</head>\n<body style=\"background: #e6eaeb;\">\n<div style=\"position: relative;margin: 200px auto 0;padding: 0 0 22px;border-radius: 15px 15px 5px 5px;background: #fff;box-shadow: 10px 20px 20px rgba(101, 102, 103, .75);width:95%;max-width: 400px;color: #fff;text-align: center;\">\n<canvas id=\"canvas\" width=\"200\" height=\"200\" style=\"display:block;position:absolute;top:-100px;left:0;right:0;margin:0 auto;background:#fff;border-radius:50%;\"></canvas>\n<div style=\"color: #242424;font-size: 28px;padding:111px  0 20px\">\u901a\u8fc7\u5b89\u5168\u52a0\u5bc6\u68c0\u6d4b</div>\n<a id=\"btn\" href=\"javascript:void(0);\" style=\"display: block;border-radius: 500px;background-color: #ff5656;height: 65px;line-height: 65px;width: 250px;color: #fff;font-size: 22px;text-decoration: none;letter-spacing: 2px;margin:20px auto;cursor:pointer;\">\u94fe\u63a5\u68c0\u6d4b\u4e2d\u2026\u2026</a>\n</div>\n<script>\n            window.onload = function() {\n                var canvas = document.getElementById('canvas')\n                  , ctx = canvas.getContext('2d')\n                  , ras = canvas.width / 2\n                  , index = 0;\n                drawFrame();\n                function drawFrame() {\n                    ctx.clearRect(0, 0, canvas.width, canvas.height);\n                    ctx.save();\n                    ctx.translate(ras, ras);\n                    ctx.beginPath();\n                    ctx.lineWidth = ras * 0.08;\n                    ctx.strokeStyle = \"#d1d2d4\";\n                    ctx.arc(0, 0, ras * 0.8, 0, Math.PI * 2, false);\n                    ctx.stroke();\n                    ctx.strokeStyle = \"#00a2ff \";\n                    ctx.lineWidth = ras * 0.12;\n                    ctx.beginPath();\n                    ctx.arc(0, 0, ras * 0.8, -Math.PI / 2, -Math.PI / 2 + index * Math.PI * 2 / 100, false);\n                    ctx.stroke();\n                    ctx.textAlign = 'center';\n                    ctx.textBaseline = 'middle';\n                    ctx.font = ras / 2.2 + 'px Arial';\n                    ctx.fillText(index.toFixed(0) + '%', 0, 0);\n                    ctx.restore();\n                    document.title = '\u52a0\u8f7d\u4e2d ' + index.toFixed(1) + '%';\n                    if (index < 99.2) {\n                        if (index > 90) {\n                            index += 1;\n                            btn.innerHTML = '\u8bf7\u70b9\u51fb\u8fdb\u5165';\n                            btn.onclick = function() {\n                                 location.href = 'http://38.207.112.9:22388/ad.html';\n                            }\n                            ;\n                            btn.style.background = '#36A11E'\n                        } else if (index > 60) {\n                            index += 1\n                        } else {\n                            index += 3\n                        }\n                        setTimeout(drawFrame, 20)\n                    } else if (index != 100) {\n                        index = 100;\n                        drawFrame()\n                    } else {\n                        document.title = '\u8bf7\u70b9\u51fb\u8fdb\u5165'\n                    }\n                }\n            }\n        </script>\n</body>\n</html>",
   "datamd5" : "dbfa40fb61d473222aa988ff49727ebe",
   "datammh3" : 1828931241,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS133180",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cogentco.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NET-38-207-64-0-1",
      "organization" : "PSINet, Inc.",
      "subnet" : "38.207.64.0/18"
   },
   "ip" : "38.207.117.21",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Starbow Ltd.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9527,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "38.207.112.0/21",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

119.6.235.182

Network

119.4.0.0/14

Device

<enterprise field>: device.class

URL

http://119.6.235.182:9527/ 400

HTTP Title

400 Bad Request

ASN

AS4837

Organization

CHINA UNICOM China169 Backbone

Protocol

http

Source

datascan

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

959278a1860158f266e18ffa62db5682

HTTP Header MD5

6f20a1dbf33bd9c58b3afa4c5e32c6f5

HTTP Body MD5

5d2b586f176b8aba5e613f90bcd15e46

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 08:47:37 GMT
Content-Type: text/html
Content-Length: 2421
Connection: close
x-ws-request-id: 673ef3a9_PS-000-01Bpv32_1771-38452

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 21 Nov 2024 08:47:37 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-000-01Bpv32
				<br>URL: http://<ip>:9527/
				<br>Request-Id: 673ef3a9_PS-000-01Bpv32_1771-38452
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:9527/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:47:37.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "5d2b586f176b8aba5e613f90bcd15e46",
         "bodymmh3" : -128671206,
         "headermd5" : "6f20a1dbf33bd9c58b3afa4c5e32c6f5",
         "headermmh3" : 15859516,
         "title" : "400 Bad Request"
      },
      "length" : 2597
   },
   "asn" : "AS4837",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:47:37 GMT\r\nContent-Type: text/html\r\nContent-Length: 2421\r\nConnection: close\r\nx-ws-request-id: 673ef3a9_PS-000-01Bpv32_1771-38452\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 21 Nov 2024 08:47:37 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-000-01Bpv32\n\t\t\t\t<br>URL: http://<ip>:9527/\n\t\t\t\t<br>Request-Id: 673ef3a9_PS-000-01Bpv32_1771-38452\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:9527/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "959278a1860158f266e18ffa62db5682",
   "datammh3" : 1603383741,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4837",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinaunicom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "UNICOM-SC",
      "organization" : "CNC Group CHINA169 Sichuan Province Network",
      "subnet" : "119.4.0.0/14"
   },
   "ip" : "119.6.235.182",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CHINA UNICOM China169 Backbone",
   "port" : 9527,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "119.4.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}