Cyber Defense Search Engine

IP
213.176.57.180

Network
213.176.32.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://213.176.57.180:25565/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS142578

Organization
E-Large HongKong

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3b40fcd13ec4c48698cf15e0d2ba5977

HTTP Header MD5
7de09592d0cc3062011d73fa292680b0

HTTP Body MD5
77bd43987adf27926b335fbe22b67813

HTTP/1.1 400 Bad Request
Server: WAF
Date: Thu, 07 Nov 2024 03:34:31 GMT
Content-Type: text/html
Content-Length: 262
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>WAF</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:34:31.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "77bd43987adf27926b335fbe22b67813",
         "bodymmh3" : -2135056736,
         "headermd5" : "7de09592d0cc3062011d73fa292680b0",
         "headermmh3" : 1831112137,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 405
   },
   "asn" : "AS142578",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: WAF\r\nDate: Thu, 07 Nov 2024 03:34:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 262\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>WAF</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "3b40fcd13ec4c48698cf15e0d2ba5977",
   "datammh3" : 401141661,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS142578",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IR",
      "countryname" : "Iran",
      "domain" : [
         "gmail.com"
      ],
      "isineu" : "false",
      "latitude" : "32.427908",
      "location" : "32.427908,53.688046",
      "longitude" : "53.688046",
      "netname" : "hk-ipv4superhub-1",
      "organization" : "hk-ipv4superhub-1",
      "subnet" : "213.176.56.0/22"
   },
   "ip" : "213.176.57.180",
   "ipv6" : "false",
   "latitude" : "34.0544",
   "location" : "34.0544,-118.2440",
   "longitude" : "-118.2440",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "E-Large HongKong",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25565,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "213.176.32.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
149.88.99.60

Network
149.88.96.0/20

Domain(s)
datapacket.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://149.88.99.60:25565/ 407

Reverse DNS
unn-149-88-99-60.datapacket.com

ASN
AS212238

Organization
Datacamp Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
34ac778165280c772bffd89cc8b22bb6

HTTP Header MD5
f501fcedac626cd57e0d3622cd3e7764

HTTP Body MD5
b5fde2b2faacb5c52578eee7365efc14

HTTP/1.1 407 Proxy Authentication Required
content-type: text/plain; charset=utf-8
proxy-authenticate: Basic
x-content-type-options: nosniff
date: Thu, 07 Nov 2024 03:34:31 GMT
content-length: 30
connection: close

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:34:31.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b5fde2b2faacb5c52578eee7365efc14",
         "bodymmh3" : -529400048,
         "headermd5" : "f501fcedac626cd57e0d3622cd3e7764",
         "headermmh3" : 401331856
      },
      "length" : 253
   },
   "asn" : "AS212238",
   "city" : "Singapore",
   "country" : "SG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\ncontent-type: text/plain; charset=utf-8\r\nproxy-authenticate: Basic\r\nx-content-type-options: nosniff\r\ndate: Thu, 07 Nov 2024 03:34:31 GMT\r\ncontent-length: 30\r\nconnection: close\r\n\r\nProxy Authentication Required\n",
   "datamd5" : "34ac778165280c772bffd89cc8b22bb6",
   "datammh3" : 1147519539,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "datapacket.com"
   ],
   "geolocus" : {
      "asn" : "AS212238",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "GB",
      "countryname" : "United Kingdom",
      "domain" : [
         "cdn77.com",
         "cogentco.com"
      ],
      "isineu" : "false",
      "latitude" : "55.378051",
      "location" : "55.378051,-3.435973",
      "longitude" : "-3.435973",
      "netname" : "CDNEXT-SGP-CG",
      "organization" : "CDN77",
      "subnet" : "149.88.99.0/24"
   },
   "host" : [
      "unn-149-88-99-60"
   ],
   "hostname" : [
      "unn-149-88-99-60.datapacket.com"
   ],
   "ip" : "149.88.99.60",
   "ipv6" : "false",
   "latitude" : "1.2868",
   "location" : "1.2868,103.8503",
   "longitude" : "103.8503",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Datacamp Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25565,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "reverse" : [
      "unn-149-88-99-60.datapacket.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "149.88.96.0/20",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
38.47.145.35

Network
38.47.128.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://38.47.145.35:25565/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS147019

Organization
jiii

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3b40fcd13ec4c48698cf15e0d2ba5977

HTTP Header MD5
7de09592d0cc3062011d73fa292680b0

HTTP Body MD5
77bd43987adf27926b335fbe22b67813

HTTP/1.1 400 Bad Request
Server: WAF
Date: Thu, 07 Nov 2024 03:34:28 GMT
Content-Type: text/html
Content-Length: 262
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>WAF</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:34:28.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "77bd43987adf27926b335fbe22b67813",
         "bodymmh3" : -2135056736,
         "headermd5" : "7de09592d0cc3062011d73fa292680b0",
         "headermmh3" : 19490506,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 405
   },
   "asn" : "AS147019",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: WAF\r\nDate: Thu, 07 Nov 2024 03:34:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 262\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>WAF</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "3b40fcd13ec4c48698cf15e0d2ba5977",
   "datammh3" : 401141661,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS147019",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cogentco.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "COGENT-A",
      "organization" : "PSINet, Inc.",
      "subnet" : "38.47.128.0/19"
   },
   "ip" : "38.47.145.35",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "jiii",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25565,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "38.47.128.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
130.61.229.201

Network
130.61.0.0/16

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS31898

Organization
ORACLE-BMC-31898

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ca0b4f3bac29fd553ba21f376c47eaa5

\xbc\x01\x1a\xb9\x01{"translate":"disconnect.genericReason","with":["Internal Exception: io.netty.handler.codec.DecoderException: java.lang.IndexOutOfBoundsException: Index 69 out of bounds for length 1"]}

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:34:08.000Z",
   "app" : {
      "length" : 190
   },
   "asn" : "AS31898",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\\xbc\\x01\\x1a\\xb9\\x01{\"translate\":\"disconnect.genericReason\",\"with\":[\"Internal Exception: io.netty.handler.codec.DecoderException: java.lang.IndexOutOfBoundsException: Index 69 out of bounds for length 1\"]}",
   "datamd5" : "ca0b4f3bac29fd553ba21f376c47eaa5",
   "datammh3" : -180250828,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS31898",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "oracle.com",
         "oracleemaildelivery.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "OOC-195",
      "organization" : "Oracle Public Cloud",
      "subnet" : "130.61.0.0/16"
   },
   "ip" : "130.61.229.201",
   "ipv6" : "false",
   "latitude" : "50.1049",
   "location" : "50.1049,8.6295",
   "longitude" : "8.6295",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ORACLE-BMC-31898",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25565,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "130.61.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
152.67.130.146

Network
152.67.0.0/16

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS31898

Organization
ORACLE-BMC-31898

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
117a1ff655ef825d8b79838df6030d66

\x99\x01\x1a\x96\x01{"translate":"disconnect.genericReason","with":["Internal Exception: io.netty.handler.codec.DecoderException: java.io.IOException: Bad packet id 69"]}

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:34:06.000Z",
   "app" : {
      "length" : 155
   },
   "asn" : "AS31898",
   "city" : "Slough",
   "country" : "GB",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\\x99\\x01\\x1a\\x96\\x01{\"translate\":\"disconnect.genericReason\",\"with\":[\"Internal Exception: io.netty.handler.codec.DecoderException: java.io.IOException: Bad packet id 69\"]}",
   "datamd5" : "117a1ff655ef825d8b79838df6030d66",
   "datammh3" : 1155652507,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS31898",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "oracle.com",
         "oracleemaildelivery.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "OC-195",
      "organization" : "Oracle Public Cloud",
      "subnet" : "152.67.128.0/19"
   },
   "ip" : "152.67.130.146",
   "ipv6" : "false",
   "latitude" : "51.5368",
   "location" : "51.5368,-0.6718",
   "longitude" : "-0.6718",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ORACLE-BMC-31898",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25565,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "152.67.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
46.38.231.78

Network
46.38.224.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS197540

Organization
netcup GmbH

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
68b329da9893e34099c7d8ad5cb9c940

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:33:44.000Z",
   "app" : {
      "length" : 1
   },
   "asn" : "AS197540",
   "city" : "Nuremberg",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n",
   "datamd5" : "68b329da9893e34099c7d8ad5cb9c940",
   "datammh3" : -1840324437,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "46.38.231.78",
   "ipv6" : "false",
   "latitude" : "49.4423",
   "location" : "49.4423,11.0191",
   "longitude" : "11.0191",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "netcup GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25565,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "46.38.224.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
178.63.174.154

Network
178.63.0.0/16

Domain(s)
your-server.de

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
static.154.174.63.178.clients.your-server.de

ASN
AS24940

Organization
Hetzner Online GmbH

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
94504260402165f0d43befff3e1614ec

\xbc\x01\x19\xb9\x01{"translate":"disconnect.genericReason","with":["Internal Exception: io.netty.handler.codec.DecoderException: java.lang.IndexOutOfBoundsException: Index 69 out of bounds for length 1"]}

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:33:43.000Z",
   "app" : {
      "length" : 190
   },
   "asn" : "AS24940",
   "city" : "Falkenstein",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\\xbc\\x01\\x19\\xb9\\x01{\"translate\":\"disconnect.genericReason\",\"with\":[\"Internal Exception: io.netty.handler.codec.DecoderException: java.lang.IndexOutOfBoundsException: Index 69 out of bounds for length 1\"]}",
   "datamd5" : "94504260402165f0d43befff3e1614ec",
   "datammh3" : -1760679020,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "your-server.de"
   ],
   "host" : [
      "static"
   ],
   "hostname" : [
      "static.154.174.63.178.clients.your-server.de"
   ],
   "ip" : "178.63.174.154",
   "ipv6" : "false",
   "latitude" : "50.4777",
   "location" : "50.4777,12.3649",
   "longitude" : "12.3649",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hetzner Online GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25565,
   "protocol" : "unknown",
   "reverse" : [
      "static.154.174.63.178.clients.your-server.de"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "154.174.63.178.clients.your-server.de",
      "174.63.178.clients.your-server.de",
      "178.clients.your-server.de",
      "63.178.clients.your-server.de",
      "clients.your-server.de"
   ],
   "subnet" : "178.63.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "de"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
80.246.229.212

Network
80.246.229.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://80.246.229.212:25565/ 200

ASN
AS398465

Organization
RACKDOG-LLC

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3eff9b4b58bd71bcd594db51f66155c4

HTTP Header MD5
2bf1d8b0fd7d11faba7fafe36e61ee86

HTTP Body MD5
104785ef9418b2e955218ce5577aa56c

HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 03:33:43 GMT
Connection: close
Content-Type: text/plain
Content-Length: 10

Hello null

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:33:43.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "104785ef9418b2e955218ce5577aa56c",
         "bodymmh3" : 1543591032,
         "headermd5" : "2bf1d8b0fd7d11faba7fafe36e61ee86",
         "headermmh3" : -1880367398
      },
      "length" : 131
   },
   "asn" : "AS398465",
   "country" : "SI",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 03:33:43 GMT\r\nConnection: close\r\nContent-Type: text/plain\r\nContent-Length: 10\r\n\r\nHello null",
   "datamd5" : "3eff9b4b58bd71bcd594db51f66155c4",
   "datammh3" : 179807851,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS198510",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FI",
      "countryname" : "Finland",
      "domain" : [
         "ipxo.com"
      ],
      "isineu" : "true",
      "latitude" : "61.92411",
      "location" : "61.92411,25.748151",
      "longitude" : "25.748151",
      "netname" : "IPXO",
      "organization" : "XTDEF-Limited",
      "subnet" : "80.246.229.0/24"
   },
   "ip" : "80.246.229.212",
   "ipv6" : "false",
   "latitude" : "46.0833",
   "location" : "46.0833,15.0000",
   "longitude" : "15.0000",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "RACKDOG-LLC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25565,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "80.246.229.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
65.181.140.96

Network
65.181.128.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://65.181.140.96:25565/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS134729

Organization
JOINT POWER TECHNOLOGY LIMITED

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3b40fcd13ec4c48698cf15e0d2ba5977

HTTP Header MD5
7de09592d0cc3062011d73fa292680b0

HTTP Body MD5
77bd43987adf27926b335fbe22b67813

HTTP/1.1 400 Bad Request
Server: WAF
Date: Thu, 07 Nov 2024 03:33:43 GMT
Content-Type: text/html
Content-Length: 262
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>WAF</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:33:43.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "77bd43987adf27926b335fbe22b67813",
         "bodymmh3" : -2135056736,
         "headermd5" : "7de09592d0cc3062011d73fa292680b0",
         "headermmh3" : -1460377810,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 405
   },
   "asn" : "AS134729",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: WAF\r\nDate: Thu, 07 Nov 2024 03:33:43 GMT\r\nContent-Type: text/html\r\nContent-Length: 262\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>WAF</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "3b40fcd13ec4c48698cf15e0d2ba5977",
   "datammh3" : 401141661,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS134729",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "ipxo.com",
         "pair.com",
         "pair.net",
         "pairnetworks.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "IXPO-65-181-128-0-19-REALLOCATION",
      "organization" : "IPXO LLC",
      "subnet" : "65.181.128.0/20"
   },
   "ip" : "65.181.140.96",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "JOINT POWER TECHNOLOGY LIMITED",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25565,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "65.181.128.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
116.63.206.189

Network
116.63.192.0/18

Domain(s)
hwclouds-dns.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://116.63.206.189:25565/ 200

Reverse DNS
ecs-116-63-206-189.compute.hwclouds-dns.com

ASN
AS4811

Organization
China Telecom Group

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a98ceb6d88a829dfa9da59b2d5f54858

HTTP Header MD5
9954dcbb1515fe4aef0af8f102848b86

HTTP Body MD5
8ddd8be4b179a529afa5f2ffae4b9858

HTTP/1.1 200 OK
Connection: close
Content-Length: 13
Content-Type: text/plain

Hello World!

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:33:16.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "8ddd8be4b179a529afa5f2ffae4b9858",
         "bodymmh3" : 1767073135,
         "headermd5" : "9954dcbb1515fe4aef0af8f102848b86",
         "headermmh3" : 1111848277
      },
      "length" : 97
   },
   "asn" : "AS4811",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Length: 13\r\nContent-Type: text/plain\r\n\r\nHello World!\n",
   "datamd5" : "a98ceb6d88a829dfa9da59b2d5f54858",
   "datammh3" : 676962748,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "hwclouds-dns.com"
   ],
   "geolocus" : {
      "asn" : "AS4811",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnnic.cn",
         "huawei.com",
         "hwclouds-dns.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "HWCSNET",
      "organization" : "Huawei Public Cloud Service (Huawei Software Technologies Ltd.Co)",
      "subnet" : "116.63.192.0/18"
   },
   "host" : [
      "ecs-116-63-206-189"
   ],
   "hostname" : [
      "ecs-116-63-206-189.compute.hwclouds-dns.com"
   ],
   "ip" : "116.63.206.189",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25565,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ecs-116-63-206-189.compute.hwclouds-dns.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.hwclouds-dns.com"
   ],
   "subnet" : "116.63.192.0/18",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 141,880 in 0.074 second(s)

213.176.57.180:25565 (tcp/http) - last seen on 2024-11-07 at 03:34:31 UTC

149.88.99.60:25565 (tcp/http) - last seen on 2024-11-07 at 03:34:31 UTC

38.47.145.35:25565 (tcp/http) - last seen on 2024-11-07 at 03:34:28 UTC

130.61.229.201:25565 (tcp/unknown) - last seen on 2024-11-07 at 03:34:08 UTC

152.67.130.146:25565 (tcp/unknown) - last seen on 2024-11-07 at 03:34:06 UTC

46.38.231.78:25565 (tcp/unknown) - last seen on 2024-11-07 at 03:33:44 UTC

178.63.174.154:25565 (tcp/unknown) - last seen on 2024-11-07 at 03:33:43 UTC

80.246.229.212:25565 (tcp/http) - last seen on 2024-11-07 at 03:33:43 UTC

65.181.140.96:25565 (tcp/http) - last seen on 2024-11-07 at 03:33:43 UTC

116.63.206.189:25565 (tcp/http) - last seen on 2024-11-07 at 03:33:16 UTC