ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 23,491 in 0.059 second(s)

  • 175.139.205.3:563 (tcp/mysql) - last seen on 2024-11-07 at 05:32:05 UTC

    • IP
      175.139.205.3
      Network
      175.136.0.0/13
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      ASN
      AS4788
      Organization
      TM TECHNOLOGY SERVICES SDN. BHD.
      Protocol
      mysql
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      Oracle MySQL 5.0.19
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      82dcba7be64ff6fd48d0ec61c71ad85e 
    • 7\x00\x00\x00
5.0.19-nt\x00\xd1y\x05\x00nLng8~87\x00,\xa2\x08\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00LWPmS9`Wuh+:\x00\x10\x00\x00\x01\xff\x13\x04Bad handshake
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:32:05.000Z",
   "app" : {
      "length" : 79
   },
   "asn" : "AS4788",
   "city" : "Kuala Lumpur",
   "country" : "MY",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "7\\x00\\x00\\x00\n5.0.19-nt\\x00\\xd1y\\x05\\x00nLng8~87\\x00,\\xa2\\x08\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00LWPmS9`Wuh+:\\x00\\x10\\x00\\x00\\x01\\xff\\x13\\x04Bad handshake",
   "datamd5" : "82dcba7be64ff6fd48d0ec61c71ad85e",
   "datammh3" : 1229278315,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4788",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "MY",
      "countryname" : "Malaysia",
      "domain" : [
         "tm.com.my",
         "tm.net.my"
      ],
      "isineu" : "false",
      "latitude" : "4.210484",
      "location" : "4.210484,101.975766",
      "longitude" : "101.975766",
      "netname" : "ADSL-STREAMYX",
      "organization" : "Telekom Malaysia Berhad",
      "subnet" : "175.139.192.0/18"
   },
   "ip" : "175.139.205.3",
   "ipv6" : "false",
   "latitude" : "3.1412",
   "location" : "3.1412,101.6850",
   "longitude" : "101.6850",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TM TECHNOLOGY SERVICES SDN. BHD.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 563,
   "product" : "MySQL",
   "productvendor" : "Oracle",
   "productversion" : "5.0.19",
   "protocol" : "mysql",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "175.136.0.0/13",
   "tls" : "false",
   "transport" : "tcp"
}

  • 192.9.144.142:563 (tcp/http) - last seen on 2024-11-07 at 05:32:03 UTC

    • IP
      192.9.144.142
      Network
      192.9.128.0/18
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://192.9.144.142:563/ 404

      ASN
      AS31898
      Organization
      ORACLE-BMC-31898
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a3cd00a196cde5ea124d92a8eaef2177
      HTTP Header MD5
      962341e5c600ce0bd0add6892f8f6280
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 404 Not Found
Date: Thu, 07 Nov 2024 05:32:03 GMT
Content-Length: 0
Connection: close


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:32:03.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "962341e5c600ce0bd0add6892f8f6280",
         "headermmh3" : -1605812643
      },
      "length" : 101
   },
   "asn" : "AS31898",
   "city" : "San Jose",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 404 Not Found\r\nDate: Thu, 07 Nov 2024 05:32:03 GMT\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "a3cd00a196cde5ea124d92a8eaef2177",
   "datammh3" : -2033630795,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS31898",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "oracle.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ORACLE-BRM1",
      "organization" : "Oracle Corporation",
      "subnet" : "192.9.0.0/16"
   },
   "ip" : "192.9.144.142",
   "ipv6" : "false",
   "latitude" : "37.2379",
   "location" : "37.2379,-121.7946",
   "longitude" : "-121.7946",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ORACLE-BMC-31898",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "192.9.128.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 222.187.219.238:563 (tcp/http) - last seen on 2024-11-07 at 05:31:41 UTC

    • IP
      222.187.219.238
      Network
      222.186.0.0/15
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://222.187.219.238:563/ 400

      HTTP Title
      Bad Request
      ASN
      AS4134
      Organization
      Chinanet
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      Microsoft HTTPAPI 2.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      1e3da087cece0c04e321b39f7db77842
      HTTP Header MD5
      5f8987fc4ee9770a3292cd04557b2dbf
      HTTP Body MD5
      112a99975e327b76e1a2242ca34a4c3f 
    • HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 05:31:40 GMT
Connection: close
Content-Length: 334

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Hostname</h2>
<hr><p>HTTP Error 400. The request hostname is invalid.</p>
</BODY></HTML>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:31:41.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "112a99975e327b76e1a2242ca34a4c3f",
         "bodymmh3" : 2139917292,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : -72204221,
         "title" : "Bad Request"
      },
      "length" : 513
   },
   "asn" : "AS4134",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 05:31:40 GMT\r\nConnection: close\r\nContent-Length: 334\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Hostname</h2>\r\n<hr><p>HTTP Error 400. The request hostname is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "1e3da087cece0c04e321b39f7db77842",
   "datammh3" : 1555438320,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4134",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "163.com",
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-JS",
      "organization" : "CHINANET jiangsu province network",
      "subnet" : "222.184.0.0/14"
   },
   "ip" : "222.187.219.238",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Chinanet",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 563,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "222.186.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 64.44.61.3:563 (tcp/http) - last seen on 2024-11-07 at 05:31:40 UTC

    • IP
      64.44.61.3
      Network
      64.44.0.0/18
      Domain(s)
      3-61-44-64.reverse-dns
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://64.44.61.3:563/ 401

      Reverse DNS
      3-61-44-64.reverse-dns
      ASN
      AS20278
      Organization
      NEXEON
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      16234ea1da40e03f1317c21396981c69
      HTTP Header MD5
      8f4a29b9be97398ee40f9827947fcbaf
      HTTP Body MD5
      9c13653d29a59fbb245670a68c158d4c 
    • HTTP/1.1 401 Unauthorized
Date: Thu, 07 Nov 2024 05:31:40 UTC
Content-Type: text/plain;charset=UTF-8
Connection: keep-alive
TeamCity-Node-Id: MAIN_SERVER
WWW-Authenticate: Basic realm="TeamCity"
WWW-Authenticate: Bearer realm="TeamCity"
Cache-Control: no-store

Authentication required
To login manually go to "/login.html" page
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:31:40.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "9c13653d29a59fbb245670a68c158d4c",
         "bodymmh3" : 866407170,
         "headermd5" : "8f4a29b9be97398ee40f9827947fcbaf",
         "headermmh3" : -1124114884,
         "realm" : "TeamCity"
      },
      "length" : 337
   },
   "asn" : "AS20278",
   "city" : "Chicago",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nDate: Thu, 07 Nov 2024 05:31:40 UTC\r\nContent-Type: text/plain;charset=UTF-8\r\nConnection: keep-alive\r\nTeamCity-Node-Id: MAIN_SERVER\r\nWWW-Authenticate: Basic realm=\"TeamCity\"\r\nWWW-Authenticate: Bearer realm=\"TeamCity\"\r\nCache-Control: no-store\r\n\r\nAuthentication required\nTo login manually go to \"/login.html\" page",
   "datamd5" : "16234ea1da40e03f1317c21396981c69",
   "datammh3" : 1096304710,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "3-61-44-64.reverse-dns"
   ],
   "geolocus" : {
      "asn" : "AS20278",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "1-0-44-64-.reverse-dns",
         "nexeontech.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NEXEON-IPV4-6",
      "organization" : "Nexeon Technologies, Inc.",
      "subnet" : "64.44.0.0/18"
   },
   "hostname" : [
      "3-61-44-64.reverse-dns"
   ],
   "ip" : "64.44.61.3",
   "ipv6" : "false",
   "latitude" : "41.8879",
   "location" : "41.8879,-88.1995",
   "longitude" : "-88.1995",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "NEXEON",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "3-61-44-64.reverse-dns"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "64.44.0.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "reverse-dns"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 103.56.92.201:563 (tcp/http) - last seen on 2024-11-07 at 05:31:18 UTC

    • IP
      103.56.92.201
      Network
      103.56.92.0/23
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://103.56.92.201:563/ 302

      ASN
      AS58477
      Organization
      Argon Data Communication
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      Apache HTTP Server 2.4.54
      HTTP Component(s)
      OpenSSL OpenSSL 1.1.1p PHP PHP 7.4.30
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      400e9f78d391b66642b3b46892bf34fd
      HTTP Header MD5
      bcf983bb29cf6cbcc8aa580517b37fab
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Date: Thu, 07 Nov 2024 05:31:17 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
X-Powered-By: PHP/7.4.30
Location: http://<ip>:563/simrsrabain/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:31:18.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "product" : "PHP",
               "productvendor" : "PHP",
               "productversion" : "7.4.30"
            },
            {
               "productvendor" : "OpenSSL",
               "productversion" : "1.1.1p",
               "product" : "OpenSSL"
            }
         ],
         "headermd5" : "bcf983bb29cf6cbcc8aa580517b37fab",
         "headermmh3" : 1489821423
      },
      "length" : 260
   },
   "asn" : "AS58477",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 05:31:17 GMT\r\nServer: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30\r\nX-Powered-By: PHP/7.4.30\r\nLocation: http://<ip>:563/simrsrabain/\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n",
   "datamd5" : "400e9f78d391b66642b3b46892bf34fd",
   "datammh3" : -429198336,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS58477",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "maudynetwork.id"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "IDNIC-MNK-ID",
      "organization" : "CV Maudy Network Komunikasi",
      "subnet" : "103.56.92.0/23"
   },
   "ip" : "103.56.92.201",
   "ipv6" : "false",
   "latitude" : "-6.1728",
   "location" : "-6.1728,106.8272",
   "longitude" : "106.8272",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Argon Data Communication",
   "os" : "Windows",
   "osbits" : 64,
   "osvendor" : "Microsoft",
   "port" : 563,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.54",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "103.56.92.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 14.100.37.218:563 (tcp/http) - last seen on 2024-11-07 at 05:31:17 UTC

    • IP
      14.100.37.218
      Network
      14.100.0.0/17
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://14.100.37.218:563/ 401

      HTTP Title
      Unauthorized
      ASN
      AS9506
      Organization
      Singtel Fibre Broadband
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      HTTP Component(s)
      Plex Media Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2de861031040181ee2188040cc83180e
      HTTP Header MD5
      9ca01530123920eac6307b32e7d89d3b
      HTTP Body MD5
      58839c8a9d6616ca62adc7b6e3610676 
    • HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 07 Nov 2024 05:31:17 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:31:17.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "productvendor" : "Plex",
               "product" : "Media Server"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : -53989072,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS9506",
   "city" : "Singapore",
   "country" : "SG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 07 Nov 2024 05:31:17 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9506",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "SG",
      "countryname" : "Singapore",
      "domain" : [
         "singnet.com.sg"
      ],
      "isineu" : "false",
      "latitude" : "1.352083",
      "location" : "1.352083,103.819836",
      "longitude" : "103.819836",
      "netname" : "SINGNET-SG",
      "organization" : "SingNet Pte Ltd",
      "subnet" : "14.100.0.0/17"
   },
   "ip" : "14.100.37.218",
   "ipv6" : "false",
   "latitude" : "1.3236",
   "location" : "1.3236,103.7909",
   "longitude" : "103.7909",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Singtel Fibre Broadband",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "14.100.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • <access denied by policy>:<access denied by policy> (<access denied by policy>/<access denied by policy>) - last seen on 2024-11-07 at 05:30:48 UTC

    • IP

      <access denied by policy>

      Network

      <access denied by policy>

      Operating System

      <access denied by policy> <access denied by policy> <access denied by policy>

      ASN

      <access denied by policy>

      Organization

      <access denied by policy>

      Protocol

      <access denied by policy>

      Source

      <access denied by policy>

    • Operating System

      <access denied by policy> <access denied by policy> <access denied by policy>

      Product

      <access denied by policy> <access denied by policy> <access denied by policy>

      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5

      <access denied by policy>

    • <access denied by policy>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:48.000Z",
   "app" : "<enterprise field>: app",
   "asn" : "<access denied by policy>",
   "country" : "<access denied by policy>",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<access denied by policy>",
   "datamd5" : "<access denied by policy>",
   "datammh3" : "<access denied by policy>",
   "device" : "<enterprise field>: device",
   "geolocus" : "<enterprise field>: geolocus",
   "ip" : "<access denied by policy>",
   "ipv6" : "<access denied by policy>",
   "latitude" : "<access denied by policy>",
   "location" : "<access denied by policy>",
   "longitude" : "<access denied by policy>",
   "node" : "<enterprise field>: node",
   "organization" : "<access denied by policy>",
   "os" : "<access denied by policy>",
   "osdistribution" : "<access denied by policy>",
   "osvendor" : "<access denied by policy>",
   "port" : "<access denied by policy>",
   "product" : "<access denied by policy>",
   "productvendor" : "<access denied by policy>",
   "productversion" : "<access denied by policy>",
   "protocol" : "<access denied by policy>",
   "protocolversion" : "<access denied by policy>",
   "seen_date" : "<access denied by policy>",
   "source" : "<access denied by policy>",
   "subnet" : "<access denied by policy>",
   "tag" : "<enterprise field>: tag",
   "tls" : "<access denied by policy>",
   "transport" : "<access denied by policy>",
   "url" : "<access denied by policy>"
}

  • 96.71.120.42:563 (tcp/http) - last seen on 2024-11-07 at 05:30:38 UTC

    • IP
      96.71.120.42
      Network
      96.64.0.0/11
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://96.71.120.42:563/ 200

      ASN
      AS7922
      Organization
      COMCAST-7922
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      fa5f73369c2cf74b9976133471387628
      HTTP Header MD5
      f133e42ed94a1823eabeff2e3a111dde
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.0 200 OK
Server:IP Camera
Date: Wed Feb  7 02:09:16 2024 GMT
Cache-Control: no-store
Pragma: no-cache
Content-Type: application/x-rtsp-tunnelled


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:38.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "headermd5" : "f133e42ed94a1823eabeff2e3a111dde",
         "headermmh3" : 72683295
      },
      "length" : 160
   },
   "asn" : "AS7922",
   "city" : "Sarasota",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nServer:IP Camera\r\nDate: Wed Feb  7 02:09:16 2024 GMT\r\nCache-Control: no-store\r\nPragma: no-cache\r\nContent-Type: application/x-rtsp-tunnelled\r\n\r\n",
   "datamd5" : "fa5f73369c2cf74b9976133471387628",
   "datammh3" : 702918186,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS7922",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "comcast.com",
         "comcast.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MICHIGAN-CCCS-35",
      "organization" : "Comcast Cable Communications, LLC",
      "subnet" : "96.64.0.0/12"
   },
   "ip" : "96.71.120.42",
   "ipv6" : "false",
   "latitude" : "27.3254",
   "location" : "27.3254,-82.4733",
   "longitude" : "-82.4733",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "COMCAST-7922",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "96.64.0.0/11",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 164.215.124.234:563 (tcp/http) - last seen on 2024-11-07 at 05:30:05 UTC

    • IP
      164.215.124.234
      Network
      164.215.112.0/20
      Domain(s)
      poda.cz
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://164.215.124.234:563/ 302

      Reverse DNS
      static-2765585642.poda.cz
      ASN
      AS30764
      Organization
      PODA a.s.
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d288d9dc31029dbfd0ec2ca9d8a35695
      HTTP Header MD5
      f9434fba64e80d7c044c4cdf72ee9381
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 
Location: https://<ip>:563/
Content-Length: 0
Date: Thu, 07 Nov 2024 05:30:05 GMT
Connection: close


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "f9434fba64e80d7c044c4cdf72ee9381",
         "headermmh3" : 554257337
      },
      "length" : 121
   },
   "asn" : "AS30764",
   "city" : "Ostrava",
   "country" : "CZ",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 \r\nLocation: https://<ip>:563/\r\nContent-Length: 0\r\nDate: Thu, 07 Nov 2024 05:30:05 GMT\r\nConnection: close\r\n\r\n",
   "datamd5" : "d288d9dc31029dbfd0ec2ca9d8a35695",
   "datammh3" : 1561419619,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "poda.cz"
   ],
   "host" : [
      "static-2765585642"
   ],
   "hostname" : [
      "static-2765585642.poda.cz"
   ],
   "ip" : "164.215.124.234",
   "ipv6" : "false",
   "latitude" : "49.7977",
   "location" : "49.7977,18.2311",
   "longitude" : "18.2311",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PODA a.s.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reverse" : [
      "static-2765585642.poda.cz"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "164.215.112.0/20",
   "tld" : [
      "cz"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 154.177.90.38:563 (tcp/http) - last seen on 2024-11-07 at 05:24:30 UTC

    • IP
      154.177.90.38
      Network
      154.176.0.0/12
      Domain(s)
      tedata.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://154.177.90.38:563/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      Reverse DNS
      host-154.177.38.90-static.tedata.net
      ASN
      AS8452
      Organization
      TE Data
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0c1820e0d381850a77897bf32978a1f0
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      ea425366a98dfc499c0cbeedb9a4f02a 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:24:30 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:24:30.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 471134111,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS8452",
   "city" : "Cairo",
   "country" : "EG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:24:30 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "tedata.net"
   ],
   "geolocus" : {
      "asn" : "AS8452",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "EG",
      "countryname" : "Egypt",
      "domain" : [
         "te.eg",
         "tedata.net"
      ],
      "isineu" : "false",
      "latitude" : "26.820553",
      "location" : "26.820553,30.802498",
      "longitude" : "30.802498",
      "netname" : "All-41",
      "organization" : "Telecom-Egypt-Data",
      "subnet" : "154.177.0.0/16"
   },
   "host" : [
      "host-154"
   ],
   "hostname" : [
      "host-154.177.38.90-static.tedata.net"
   ],
   "ip" : "154.177.90.38",
   "ipv6" : "false",
   "latitude" : "30.0588",
   "location" : "30.0588,31.2268",
   "longitude" : "31.2268",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TE Data",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "host-154.177.38.90-static.tedata.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "90-static.tedata.net",
      "177.38.90-static.tedata.net",
      "38.90-static.tedata.net"
   ],
   "subnet" : "154.176.0.0/12",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}