Cyber Defense Search Engine

IP
152.70.69.232

Network
152.70.0.0/16

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://152.70.69.232:1799/ 302

HTTP Title
302 Found

ASN
AS31898

Organization
ORACLE-BMC-31898

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ac215ff4194420586f09cfbce30e565b

HTTP Header MD5
bad4d2256edd9355ba1ff344e3090ae0

HTTP Body MD5
72a114f2d4915d58ddf7f5349eb52944

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 07 Nov 2024 03:31:59 GMT
Content-Type: text/html
Content-Length: 154
Connection: close
Location: https://cdn.maxgoodell.com/rickroll.webm

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:31:59.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "maxgoodell.com"
         ],
         "hostname" : [
            "cdn.maxgoodell.com"
         ],
         "url" : [
            "https://cdn.maxgoodell.com/rickroll.webm"
         ]
      },
      "http" : {
         "bodymd5" : "72a114f2d4915d58ddf7f5349eb52944",
         "bodymmh3" : -2120412095,
         "headermd5" : "bad4d2256edd9355ba1ff344e3090ae0",
         "headermmh3" : -1240266362,
         "title" : "302 Found"
      },
      "length" : 373
   },
   "asn" : "AS31898",
   "city" : "Hyderabad",
   "country" : "IN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Thu, 07 Nov 2024 03:31:59 GMT\r\nContent-Type: text/html\r\nContent-Length: 154\r\nConnection: close\r\nLocation: https://cdn.maxgoodell.com/rickroll.webm\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx/1.18.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "ac215ff4194420586f09cfbce30e565b",
   "datammh3" : -1378808008,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS31898",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "oracle.com",
         "oracleemaildelivery.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ORACLE-SCA-CORP-SPACE",
      "organization" : "Oracle Corporation",
      "subnet" : "152.70.64.0/20"
   },
   "ip" : "152.70.69.232",
   "ipv6" : "false",
   "latitude" : "17.3724",
   "location" : "17.3724,78.4378",
   "longitude" : "78.4378",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ORACLE-BMC-31898",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 1799,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "152.70.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
152.67.232.7

Network
152.67.0.0/16

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://152.67.232.7:1799/ 301

HTTP Title
301 Moved Permanently

ASN
AS31898

Organization
ORACLE-BMC-31898

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
24c5d1b9e5ad2eb2f45980647e86b94f

HTTP Header MD5
e32f5df70669a4d57e30b49411cd6ee7

HTTP Body MD5
b4d53c96890ca204f96f30212a8146fd

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 07 Nov 2024 00:26:15 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: https://maxgoodell.com

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T00:26:16.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "maxgoodell.com"
         ],
         "hostname" : [
            "maxgoodell.com"
         ],
         "url" : [
            "https://maxgoodell.com"
         ]
      },
      "http" : {
         "bodymd5" : "b4d53c96890ca204f96f30212a8146fd",
         "bodymmh3" : 589765266,
         "headermd5" : "e32f5df70669a4d57e30b49411cd6ee7",
         "headermmh3" : 421893545,
         "title" : "301 Moved Permanently"
      },
      "length" : 379
   },
   "asn" : "AS31898",
   "city" : "San Jose",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Thu, 07 Nov 2024 00:26:15 GMT\r\nContent-Type: text/html\r\nContent-Length: 178\r\nConnection: close\r\nLocation: https://maxgoodell.com\r\n\r\n<html>\r\n<head><title>301 Moved Permanently</title></head>\r\n<body>\r\n<center><h1>301 Moved Permanently</h1></center>\r\n<hr><center>nginx/1.18.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "24c5d1b9e5ad2eb2f45980647e86b94f",
   "datammh3" : 913003649,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS31898",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "oracle.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "OC-195",
      "organization" : "Oracle Public Cloud",
      "subnet" : "152.67.224.0/19"
   },
   "ip" : "152.67.232.7",
   "ipv6" : "false",
   "latitude" : "37.2379",
   "location" : "37.2379,-121.7946",
   "longitude" : "-121.7946",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ORACLE-BMC-31898",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 1799,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 301,
   "subnet" : "152.67.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
95.164.5.131

Alternative IP(s)
95.164.4.142

Network
95.164.0.0/21

Domain(s)
smoketunnel.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://95.164.5.131:1799/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
br.sa.smoketunnel.com

ASN
AS44477

Organization
Stark Industries Solutions Ltd

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0f607a794922d0e529ea46b57721417d

HTTP Header MD5
73b5b39070f21c93f1b94a75281c1ce0

HTTP Body MD5
e2c7b0e1a897b6683f3a2814cb2f67cd

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 06 Nov 2024 12:29:29 GMT
Content-Type: text/html
Content-Length: 264
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T12:29:29.000Z",
   "alternativeip" : [
      "95.164.4.142"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "e2c7b0e1a897b6683f3a2814cb2f67cd",
         "bodymmh3" : -1741231556,
         "headermd5" : "73b5b39070f21c93f1b94a75281c1ce0",
         "headermmh3" : 1462663466,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 425
   },
   "asn" : "AS44477",
   "country" : "PL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Wed, 06 Nov 2024 12:29:29 GMT\r\nContent-Type: text/html\r\nContent-Length: 264\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.18.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0f607a794922d0e529ea46b57721417d",
   "datammh3" : 907783723,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "smoketunnel.com"
   ],
   "host" : [
      "br"
   ],
   "hostname" : [
      "br.sa.smoketunnel.com"
   ],
   "ip" : "95.164.5.131",
   "ipv6" : "false",
   "latitude" : "52.2394",
   "location" : "52.2394,21.0362",
   "longitude" : "21.0362",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Stark Industries Solutions Ltd",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 1799,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "br.sa.smoketunnel.com"
   ],
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "sa.smoketunnel.com"
   ],
   "subnet" : "95.164.0.0/21",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
103.165.42.251

Network
103.165.40.0/22

Domain(s)
iforte.net.id

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://103.165.42.251:1799/ 403

HTTP Title
403 Forbidden

Reverse DNS
251.42.165.103.net.iforte.net.id

ASN
AS17995

Organization
PT iForte Global Internet

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
c39946343d18d866cce7ab43abef95c2

HTTP Header MD5
ae422ebc29565c62fda591b915019813

HTTP Body MD5
d3365aec364c74390c2c2b3644182e7b

Favicon MD5
d41d8cd98f00b204e9800998ecf8427e

Favicon MMH3
-1636538602

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Nov 2024 20:52:31 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T22:19:12.000Z",
   "app" : {
      "favicon" : {
         "image" : "<encodebase64failed>",
         "imagemd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "imagemmh3" : -1636538602,
         "length" : 0,
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "d3365aec364c74390c2c2b3644182e7b",
         "bodymmh3" : 51746558,
         "headermd5" : "ae422ebc29565c62fda591b915019813",
         "headermmh3" : 492127294,
         "title" : "403 Forbidden"
      },
      "length" : 321
   },
   "asn" : "AS17995",
   "city" : "Surabaya",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 05 Nov 2024 20:52:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: close\r\n\r\n<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>nginx/1.18.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "c39946343d18d866cce7ab43abef95c2",
   "datammh3" : 81639455,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "iforte.net.id"
   ],
   "geolocus" : {
      "asn" : "AS17995",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "iforte.co.id",
         "iforte.net.id",
         "solusi.net.id"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "SOLUSINET-ID",
      "organization" : "PT iForte Global Internet",
      "subnet" : "103.165.42.0/24"
   },
   "host" : [
      251
   ],
   "hostname" : [
      "251.42.165.103.net.iforte.net.id"
   ],
   "ip" : "103.165.42.251",
   "ipv6" : "false",
   "latitude" : "-7.2484",
   "location" : "-7.2484,112.7419",
   "longitude" : "112.7419",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PT iForte Global Internet",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 1799,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "reverse" : [
      "251.42.165.103.net.iforte.net.id"
   ],
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 403,
   "subdomains" : [
      "103.net.iforte.net.id",
      "165.103.net.iforte.net.id",
      "42.165.103.net.iforte.net.id",
      "net.iforte.net.id"
   ],
   "subnet" : "103.165.40.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net.id"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
103.165.42.251

Network
103.165.40.0/22

Domain(s)
iforte.net.id

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://103.165.42.251:1799/ 403

HTTP Title
403 Forbidden

Reverse DNS
251.42.165.103.net.iforte.net.id

ASN
AS17995

Organization
PT iForte Global Internet

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
c39946343d18d866cce7ab43abef95c2

HTTP Header MD5
ae422ebc29565c62fda591b915019813

HTTP Body MD5
d3365aec364c74390c2c2b3644182e7b

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Nov 2024 20:52:31 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T20:52:31.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d3365aec364c74390c2c2b3644182e7b",
         "bodymmh3" : 51746558,
         "headermd5" : "ae422ebc29565c62fda591b915019813",
         "headermmh3" : 492127294,
         "title" : "403 Forbidden"
      },
      "length" : 321
   },
   "asn" : "AS17995",
   "city" : "Surabaya",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 05 Nov 2024 20:52:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: close\r\n\r\n<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>nginx/1.18.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "c39946343d18d866cce7ab43abef95c2",
   "datammh3" : 81639455,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "iforte.net.id"
   ],
   "geolocus" : {
      "asn" : "AS17995",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "iforte.co.id",
         "iforte.net.id",
         "solusi.net.id"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "SOLUSINET-ID",
      "organization" : "PT iForte Global Internet",
      "subnet" : "103.165.42.0/24"
   },
   "host" : [
      251
   ],
   "hostname" : [
      "251.42.165.103.net.iforte.net.id"
   ],
   "ip" : "103.165.42.251",
   "ipv6" : "false",
   "latitude" : "-7.2484",
   "location" : "-7.2484,112.7419",
   "longitude" : "112.7419",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PT iForte Global Internet",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 1799,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "reverse" : [
      "251.42.165.103.net.iforte.net.id"
   ],
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 403,
   "subdomains" : [
      "165.103.net.iforte.net.id",
      "42.165.103.net.iforte.net.id",
      "net.iforte.net.id",
      "103.net.iforte.net.id"
   ],
   "subnet" : "103.165.40.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net.id"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
51.255.117.91

Network
51.254.0.0/15

Domain(s)
ip-51-255-117.eu

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://51.255.117.91:1799/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
ip91.ip-51-255-117.eu

ASN
AS16276

Organization
OVH SAS

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0f607a794922d0e529ea46b57721417d

HTTP Header MD5
73b5b39070f21c93f1b94a75281c1ce0

HTTP Body MD5
e2c7b0e1a897b6683f3a2814cb2f67cd

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Nov 2024 19:35:40 GMT
Content-Type: text/html
Content-Length: 264
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T19:35:40.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "e2c7b0e1a897b6683f3a2814cb2f67cd",
         "bodymmh3" : -1741231556,
         "headermd5" : "73b5b39070f21c93f1b94a75281c1ce0",
         "headermmh3" : 630799532,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 425
   },
   "asn" : "AS16276",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 05 Nov 2024 19:35:40 GMT\r\nContent-Type: text/html\r\nContent-Length: 264\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.18.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0f607a794922d0e529ea46b57721417d",
   "datammh3" : 907783723,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ip-51-255-117.eu"
   ],
   "geolocus" : {
      "asn" : "AS16276",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "ovh.net"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "FR-OVH-20150522",
      "organization" : "OVH SAS",
      "subnet" : "51.254.0.0/15"
   },
   "host" : [
      "ip91"
   ],
   "hostname" : [
      "ip91.ip-51-255-117.eu"
   ],
   "ip" : "51.255.117.91",
   "ipv6" : "false",
   "latitude" : "48.8582",
   "location" : "48.8582,2.3387",
   "longitude" : "2.3387",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "OVH SAS",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 1799,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "ip91.ip-51-255-117.eu"
   ],
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "51.254.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "eu"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
46.254.131.43

Alternative IP(s)
164.138.218.107

Network
46.254.128.0/22

Domain(s)
lanultra.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://46.254.131.43:1799/ 200

HTTP Title
Welcome to nginx!

Reverse DNS
46.254.131.43.lanultra.net

ASN
AS47374

Organization
Ultra-Todor Slavov Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
645ebbbbe54f896777b6a9f0d74814de

HTTP Header MD5
3c180bdb7fe64e8da1449b8de1406061

HTTP Body MD5
e3eb0a1df437f3f97a64aca5952c8ea0

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 05 Nov 2024 11:42:54 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 01 Aug 2023 10:52:45 GMT
Connection: close
ETag: "64c8e3fd-264"
Accept-Ranges: bytes

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T11:42:55.000Z",
   "alternativeip" : [
      "164.138.218.107"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "nginx.org",
            "nginx.com"
         ],
         "hostname" : [
            "nginx.com",
            "nginx.org"
         ],
         "url" : [
            "http://nginx.com/",
            "http://nginx.org/"
         ]
      },
      "http" : {
         "bodymd5" : "e3eb0a1df437f3f97a64aca5952c8ea0",
         "bodymmh3" : 1651973090,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 01 Aug 2023 10:52:45 GMT"
            },
            {
               "name" : "ETag",
               "value" : "64c8e3fd-264"
            }
         ],
         "headermd5" : "3c180bdb7fe64e8da1449b8de1406061",
         "headermmh3" : 1272185494,
         "title" : "Welcome to nginx!"
      },
      "length" : 845
   },
   "asn" : "AS47374",
   "city" : "Varna",
   "country" : "BG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.18.0\r\nDate: Tue, 05 Nov 2024 11:42:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 612\r\nLast-Modified: Tue, 01 Aug 2023 10:52:45 GMT\r\nConnection: close\r\nETag: \"64c8e3fd-264\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<title>Welcome to nginx!</title>\n<style>\n    body {\n        width: 35em;\n        margin: 0 auto;\n        font-family: Tahoma, Verdana, Arial, sans-serif;\n    }\n</style>\n</head>\n<body>\n<h1>Welcome to nginx!</h1>\n<p>If you see this page, the nginx web server is successfully installed and\nworking. Further configuration is required.</p>\n\n<p>For online documentation and support please refer to\n<a href=\"http://nginx.org/\">nginx.org</a>.<br/>\nCommercial support is available at\n<a href=\"http://nginx.com/\">nginx.com</a>.</p>\n\n<p><em>Thank you for using nginx.</em></p>\n</body>\n</html>\n",
   "datamd5" : "645ebbbbe54f896777b6a9f0d74814de",
   "datammh3" : 2035111554,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "lanultra.net"
   ],
   "geolocus" : {
      "asn" : "AS47374",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "BG",
      "countryname" : "Bulgaria",
      "domain" : [
         "ipacct.com",
         "lanultra.net"
      ],
      "isineu" : "true",
      "latitude" : "42.733883",
      "location" : "42.733883,25.48583",
      "longitude" : "25.48583",
      "netname" : "BG-LANULTRA",
      "organization" : "LANULTRA Ltd.",
      "subnet" : "46.254.128.0/22"
   },
   "host" : [
      46
   ],
   "hostname" : [
      "46.254.131.43.lanultra.net"
   ],
   "ip" : "46.254.131.43",
   "ipv6" : "false",
   "latitude" : "43.2002",
   "location" : "43.2002,27.9425",
   "longitude" : "27.9425",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Ultra-Todor Slavov Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1799,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "46.254.131.43.lanultra.net"
   ],
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "131.43.lanultra.net",
      "254.131.43.lanultra.net",
      "43.lanultra.net"
   ],
   "subnet" : "46.254.128.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
41.33.2.165

Network
41.33.0.0/20

Domain(s)
tedata.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://41.33.2.165:1799/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
host-41.33.2.165.tedata.net

ASN
AS8452

Organization
TE Data

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0f607a794922d0e529ea46b57721417d

HTTP Header MD5
73b5b39070f21c93f1b94a75281c1ce0

HTTP Body MD5
e2c7b0e1a897b6683f3a2814cb2f67cd

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Nov 2024 11:00:20 GMT
Content-Type: text/html
Content-Length: 264
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T11:00:20.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "e2c7b0e1a897b6683f3a2814cb2f67cd",
         "bodymmh3" : -1741231556,
         "headermd5" : "73b5b39070f21c93f1b94a75281c1ce0",
         "headermmh3" : -1991255536,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 425
   },
   "asn" : "AS8452",
   "city" : "Giza",
   "country" : "EG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 05 Nov 2024 11:00:20 GMT\r\nContent-Type: text/html\r\nContent-Length: 264\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.18.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0f607a794922d0e529ea46b57721417d",
   "datammh3" : 907783723,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "tedata.net"
   ],
   "geolocus" : {
      "asn" : "AS8452",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "EG",
      "countryname" : "Egypt",
      "domain" : [
         "te.eg",
         "tedata.net"
      ],
      "isineu" : "false",
      "latitude" : "26.820553",
      "location" : "26.820553,30.802498",
      "longitude" : "30.802498",
      "netname" : "TED-00",
      "organization" : "Telecom-Egypt-Data",
      "subnet" : "41.33.0.0/16"
   },
   "host" : [
      "host-41"
   ],
   "hostname" : [
      "host-41.33.2.165.tedata.net"
   ],
   "ip" : "41.33.2.165",
   "ipv6" : "false",
   "latitude" : "30.0080",
   "location" : "30.0080,31.2194",
   "longitude" : "31.2194",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TE Data",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 1799,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "host-41.33.2.165.tedata.net"
   ],
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "165.tedata.net",
      "2.165.tedata.net",
      "33.2.165.tedata.net"
   ],
   "subnet" : "41.33.0.0/20",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
176.109.75.251

Network
176.109.72.0/21

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://176.109.75.251:1799/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS60490

Organization
MTS PJSC

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1a534cf98628c83d237d23ef4a2aabdd

HTTP Header MD5
0f39dc4f140a76145099bbf0048ae6f4

HTTP Body MD5
8e688195eec136e2ab8be1bc1a0a1afa

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0
Date: Tue, 05 Nov 2024 01:20:28 GMT
Content-Type: text/html
Content-Length: 255
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.18.0</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T01:20:28.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "8e688195eec136e2ab8be1bc1a0a1afa",
         "bodymmh3" : -1468404449,
         "headermd5" : "0f39dc4f140a76145099bbf0048ae6f4",
         "headermmh3" : 875012363,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 407
   },
   "asn" : "AS60490",
   "city" : "Moscow",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.18.0\r\nDate: Tue, 05 Nov 2024 01:20:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.18.0</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "1a534cf98628c83d237d23ef4a2aabdd",
   "datammh3" : -682723585,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "176.109.75.251",
   "ipv6" : "false",
   "latitude" : "55.7483",
   "location" : "55.7483,37.6171",
   "longitude" : "37.6171",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MTS PJSC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1799,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "176.109.72.0/21",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
146.103.58.203

Network
146.103.58.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://146.103.58.203:1799/ 302

ASN
AS401103

Organization
SG-NET-01

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1e16bf81c10c6bef7eba579c31225ea4

HTTP Header MD5
6971f62eab7ecbcc0f6befd7b5431a83

HTTP Body MD5
465981b2c7142b9fb660b39e2de874c1

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 04 Nov 2024 17:26:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Location: http://6666cd76f96956469e7be39d750cc7d9.<ip>:1799/

0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-04T17:30:27.000Z",
   "app" : {
      "extract" : {
         "hostname" : [
            "6666cd76f96956469e7be39d750cc7d9."
         ],
         "url" : [
            "http://6666cd76f96956469e7be39d750cc7d9."
         ]
      },
      "http" : {
         "bodymd5" : "465981b2c7142b9fb660b39e2de874c1",
         "bodymmh3" : 721386996,
         "headermd5" : "6971f62eab7ecbcc0f6befd7b5431a83",
         "headermmh3" : -740220393
      },
      "length" : 244
   },
   "asn" : "AS401103",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 04 Nov 2024 17:26:40 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nLocation: http://6666cd76f96956469e7be39d750cc7d9.<ip>:1799/\r\n\r\n0\r\n\r\n",
   "datamd5" : "1e16bf81c10c6bef7eba579c31225ea4",
   "datammh3" : 102485243,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "146.103.58.203",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SG-NET-01",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 1799,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-04",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "146.103.58.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 125 in 0.057 second(s)

152.70.69.232:1799 (tcp/http) - last seen on 2024-11-07 at 03:31:59 UTC

152.67.232.7:1799 (tcp/http) - last seen on 2024-11-07 at 00:26:16 UTC

95.164.5.131:1799 (tcp/http) - last seen on 2024-11-06 at 12:29:29 UTC

103.165.42.251:1799 (tcp/http) - last seen on 2024-11-05 at 22:19:12 UTC

103.165.42.251:1799 (tcp/http) - last seen on 2024-11-05 at 20:52:31 UTC

51.255.117.91:1799 (tcp/http) - last seen on 2024-11-05 at 19:35:40 UTC

46.254.131.43:1799 (tcp/http) - last seen on 2024-11-05 at 11:42:55 UTC

41.33.2.165:1799 (tcp/http) - last seen on 2024-11-05 at 11:00:20 UTC

176.109.75.251:1799 (tcp/http) - last seen on 2024-11-05 at 01:20:28 UTC

146.103.58.203:1799 (tcp/http) - last seen on 2024-11-04 at 17:30:27 UTC