ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 14,452 in 0.070 second(s)

  • 187.170.147.114:3269 (tcp/http) - last seen on 2024-11-07 at 05:45:26 UTC

    • IP
      187.170.147.114
      Network
      187.168.0.0/14
      Domain(s)
      prod-infinitum.com.mx
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      Operating System
      Linux Linux Kernel
      URL

      http://187.170.147.114:3269/ 200

      HTTP Title
      index
      Reverse DNS
      dsl-187-170-147-114-dyn.prod-infinitum.com.mx
      ASN
      AS8151
      Organization
      UNINET
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Hikvision DNVRS-Webs
      HTTP Component(s)
      jQuery jQuery 1.7.1
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      b032f1f155926ace15d0b7485ecf0e0d
      HTTP Header MD5
      86854ed3749a913afa00a67025516a4d
      HTTP Body MD5
      1009cfd1687d37ffb65c7b717d382bcc 
    • HTTP/1.1 200 OK
Date: Wed, 06 Nov 2024 23:45:25 GMT
Server: DNVRS-Webs
ETag: "0-3e0-62d"
Content-Length: 1581
Content-Type: text/html
Connection: close
Last-Modified: Mon, 13 Apr 2015 07:03:33 GMT

<!doctype html>
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta http-equiv="pragma" content="no-cache">
	<meta http-equiv="cache-control" content="no-cache, must-revalidate">
	<meta http-equiv="expires" content="0">
	<title>index</title>	
	<script>
		function initIndex() {
			if (navigator.appName == 'Netscape' || navigator.appName == "Opera") {
				var sysLanguage= navigator.language.toLowerCase();
			} else {
				var sysLanguage= navigator.browserLanguage.toLowerCase();
			}
			var szLanguage = sysLanguage.substring(0,2);
			if(szLanguage == "zh") {  //中文需要区分简体和繁体   
				var arSysLan = sysLanguage.split("-");
				if (arSysLan.length === 2) {
					var szLanguage = arSysLan[0].toLowerCase() + "_" + arSysLan[1].toUpperCase();
					if(arSysLan[1].toLowerCase() === "cn") {
						$.cookie('language', 'zh');
					} else {
						$.cookie('language', szLanguage);
					}
				}
			} else {
				$.cookie('language', szLanguage);
			}
			self.moveTo(0,0);   //使其IE窗口最大化
			self.resizeTo(screen.availWidth,screen.availHeight); 
			$.cookie('updateTips', 'true');
			window.location.href = "doc/page/login.asp";
		}
	</script> 
</head>
<body>
	<script type="text/javascript" src="doc/script/LAB.min.js"></script>
	<script>
		$LAB
		.script("doc/script/jquery-1.7.1.min.js").wait()
		.script("doc/script/jquery.cookie.js").wait()
		.script("doc/script/global_config.js?version=" + new Date()).wait(function () {
			initIndex();
		});
	</script>
</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:45:26.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "1009cfd1687d37ffb65c7b717d382bcc",
         "bodymmh3" : 755950927,
         "component" : [
            {
               "product" : "jQuery",
               "productvendor" : "jQuery",
               "productversion" : "1.7.1"
            }
         ],
         "header" : [
            {
               "name" : "ETag",
               "value" : "0-3e0-62d"
            },
            {
               "value" : "Mon, 13 Apr 2015 07:03:33 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "86854ed3749a913afa00a67025516a4d",
         "headermmh3" : -3362375,
         "title" : "index"
      },
      "length" : 1788
   },
   "asn" : "AS8151",
   "city" : "Cuauht\u00e9moc",
   "country" : "MX",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Wed, 06 Nov 2024 23:45:25 GMT\r\nServer: DNVRS-Webs\r\nETag: \"0-3e0-62d\"\r\nContent-Length: 1581\r\nContent-Type: text/html\r\nConnection: close\r\nLast-Modified: Mon, 13 Apr 2015 07:03:33 GMT\r\n\r\n\ufeff<!doctype html>\r\n<head>\r\n\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n\t<meta http-equiv=\"pragma\" content=\"no-cache\">\r\n\t<meta http-equiv=\"cache-control\" content=\"no-cache, must-revalidate\">\r\n\t<meta http-equiv=\"expires\" content=\"0\">\r\n\t<title>index</title>\t\r\n\t<script>\r\n\t\tfunction initIndex() {\r\n\t\t\tif (navigator.appName == 'Netscape' || navigator.appName == \"Opera\") {\r\n\t\t\t\tvar sysLanguage= navigator.language.toLowerCase();\r\n\t\t\t} else {\r\n\t\t\t\tvar sysLanguage= navigator.browserLanguage.toLowerCase();\r\n\t\t\t}\r\n\t\t\tvar szLanguage = sysLanguage.substring(0,2);\r\n\t\t\tif(szLanguage == \"zh\") {  //\u4e2d\u6587\u9700\u8981\u533a\u5206\u7b80\u4f53\u548c\u7e41\u4f53   \r\n\t\t\t\tvar arSysLan = sysLanguage.split(\"-\");\r\n\t\t\t\tif (arSysLan.length === 2) {\r\n\t\t\t\t\tvar szLanguage = arSysLan[0].toLowerCase() + \"_\" + arSysLan[1].toUpperCase();\r\n\t\t\t\t\tif(arSysLan[1].toLowerCase() === \"cn\") {\r\n\t\t\t\t\t\t$.cookie('language', 'zh');\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t$.cookie('language', szLanguage);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t} else {\r\n\t\t\t\t$.cookie('language', szLanguage);\r\n\t\t\t}\r\n\t\t\tself.moveTo(0,0);   //\u4f7f\u5176IE\u7a97\u53e3\u6700\u5927\u5316\r\n\t\t\tself.resizeTo(screen.availWidth,screen.availHeight); \r\n\t\t\t$.cookie('updateTips', 'true');\r\n\t\t\twindow.location.href = \"doc/page/login.asp\";\r\n\t\t}\r\n\t</script> \r\n</head>\r\n<body>\r\n\t<script type=\"text/javascript\" src=\"doc/script/LAB.min.js\"></script>\r\n\t<script>\r\n\t\t$LAB\r\n\t\t.script(\"doc/script/jquery-1.7.1.min.js\").wait()\r\n\t\t.script(\"doc/script/jquery.cookie.js\").wait()\r\n\t\t.script(\"doc/script/global_config.js?version=\" + new Date()).wait(function () {\r\n\t\t\tinitIndex();\r\n\t\t});\r\n\t</script>\r\n</body>\r\n</html>",
   "datamd5" : "b032f1f155926ace15d0b7485ecf0e0d",
   "datammh3" : 1878532770,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "prod-infinitum.com.mx"
   ],
   "geolocus" : {
      "asn" : "AS8151",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "MX",
      "countryname" : "Mexico",
      "domain" : [
         "prod-infinitum.com.mx",
         "reduno.com.mx",
         "uninet.com.mx",
         "uninet.net.mx"
      ],
      "isineu" : "false",
      "latitude" : "23.634501",
      "location" : "23.634501,-102.552784",
      "longitude" : "-102.552784",
      "netname" : "MX-USCV4-LACNIC",
      "organization" : "UNINET",
      "subnet" : "187.170.0.0/15"
   },
   "host" : [
      "dsl-187-170-147-114-dyn"
   ],
   "hostname" : [
      "dsl-187-170-147-114-dyn.prod-infinitum.com.mx"
   ],
   "ip" : "187.170.147.114",
   "ipv6" : "false",
   "latitude" : "19.4491",
   "location" : "19.4491,-99.1574",
   "longitude" : "-99.1574",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UNINET",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "product" : "DNVRS-Webs",
   "productvendor" : "Hikvision",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "dsl-187-170-147-114-dyn.prod-infinitum.com.mx"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "187.168.0.0/14",
   "tld" : [
      "com.mx"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 2.49.27.8:3269 (tcp/http) - last seen on 2024-11-07 at 05:45:24 UTC

    • IP
      2.49.27.8
      Network
      2.48.0.0/14
      Domain(s)
      alshamil.net.ae
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://2.49.27.8:3269/ 404

      Reverse DNS
      bba-2-49-27-8.alshamil.net.ae
      ASN
      AS5384
      Organization
      Emirates Telecommunications Group Company (etisalat Group) Pjsc
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4b5b496ff238cb6bc91391c80dbcb192
      HTTP Header MD5
      4b5b496ff238cb6bc91391c80dbcb192
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 404 Not Found

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:45:24.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "4b5b496ff238cb6bc91391c80dbcb192",
         "headermmh3" : -2050145619
      },
      "length" : 24
   },
   "asn" : "AS5384",
   "city" : "Dubai",
   "country" : "AE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 404 Not Found\r\n",
   "datamd5" : "4b5b496ff238cb6bc91391c80dbcb192",
   "datammh3" : -1733658736,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "alshamil.net.ae"
   ],
   "geolocus" : {
      "asn" : "AS5384",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "AE",
      "countryname" : "United Arab Emirates",
      "domain" : [
         "alshamil.net.ae",
         "emirates.net.ae"
      ],
      "isineu" : "false",
      "latitude" : "23.424076",
      "location" : "23.424076,53.847818",
      "longitude" : "53.847818",
      "netname" : "ETISALATADSL-EMIRNET",
      "organization" : "Emirates Telecommunications Corporation P.O. Box 1150, Dubai, UAE",
      "subnet" : "2.49.0.0/17"
   },
   "host" : [
      "bba-2-49-27-8"
   ],
   "hostname" : [
      "bba-2-49-27-8.alshamil.net.ae"
   ],
   "ip" : "2.49.27.8",
   "ipv6" : "false",
   "latitude" : "25.0731",
   "location" : "25.0731,55.2980",
   "longitude" : "55.2980",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Emirates Telecommunications Group Company (etisalat Group) Pjsc",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "reverse" : [
      "bba-2-49-27-8.alshamil.net.ae"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "2.48.0.0/14",
   "tld" : [
      "net.ae"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 20.210.209.226:3269 (tcp/unknown) - last seen on 2024-11-07 at 05:45:01 UTC

    • IP
      20.210.209.226
      Network
      20.192.0.0/10
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      ASN
      AS8075
      Organization
      MICROSOFT-CORP-MSN-AS-BLOCK
      Protocol
      unknown
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      68b329da9893e34099c7d8ad5cb9c940 
    • 

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:45:01.000Z",
   "app" : {
      "length" : 1
   },
   "asn" : "AS8075",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n",
   "datamd5" : "68b329da9893e34099c7d8ad5cb9c940",
   "datammh3" : -1840324437,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "20.210.0.0/16"
   },
   "ip" : "20.210.209.226",
   "ipv6" : "false",
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "20.192.0.0/10",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 121.127.252.134:3269 (tcp/http) - last seen on 2024-11-07 at 05:44:29 UTC

    • IP
      121.127.252.134
      Network
      121.127.240.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://121.127.252.134:3269/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS152194
      Organization
      CTG Server Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      1550f60aea20c6f28ffe1512d9378c73
      HTTP Header MD5
      87f3e48a3bc7d54241527e87773372b9
      HTTP Body MD5
      b918f8b3770dc1158b467b0dd192e59e 
    • HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:44:29 GMT
Content-Type: text/html
Content-Length: 252
Connection: close
Server: cdn-ddos-cc

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>openresty</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:44:29.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b918f8b3770dc1158b467b0dd192e59e",
         "bodymmh3" : 1280153115,
         "headermd5" : "87f3e48a3bc7d54241527e87773372b9",
         "headermmh3" : -571973426,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 403
   },
   "asn" : "AS152194",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:44:29 GMT\r\nContent-Type: text/html\r\nContent-Length: 252\r\nConnection: close\r\nServer: cdn-ddos-cc\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "1550f60aea20c6f28ffe1512d9378c73",
   "datammh3" : 1309920415,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS64050",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "worldmailhk.com"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "MEGA-II",
      "organization" : "MEGA-II IDC",
      "subnet" : "121.127.224.0/19"
   },
   "ip" : "121.127.252.134",
   "ipv6" : "false",
   "latitude" : "22.2578",
   "location" : "22.2578,114.1657",
   "longitude" : "114.1657",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "121.127.240.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 194.41.59.23:3269 (tcp/http) - last seen on 2024-11-07 at 05:36:20 UTC

    • IP
      194.41.59.23
      Network
      194.41.58.0/23
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://194.41.59.23:3269/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS133199
      Organization
      SonderCloud Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx 1.20.1
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      3d43c6b14bab5120a590f1db25c65845
      HTTP Header MD5
      b188a274e4dd16917329dd5641e9140e
      HTTP Body MD5
      b848e7fd55b1559997bfa21dd0df6f3b 
    • HTTP/1.1 400 Bad Request
Server: nginx/1.20.1
Date: Thu, 07 Nov 2024 05:36:20 GMT
Content-Type: text/html
Content-Length: 255
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.20.1</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:20.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b848e7fd55b1559997bfa21dd0df6f3b",
         "bodymmh3" : -956574224,
         "headermd5" : "b188a274e4dd16917329dd5641e9140e",
         "headermmh3" : 1153563904,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 407
   },
   "asn" : "AS133199",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.20.1\r\nDate: Thu, 07 Nov 2024 05:36:20 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.20.1</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "3d43c6b14bab5120a590f1db25c65845",
   "datammh3" : 1319440318,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "194.41.59.23",
   "ipv6" : "false",
   "latitude" : "22.2578",
   "location" : "22.2578,114.1657",
   "longitude" : "114.1657",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SonderCloud Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.20.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "194.41.58.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 125.253.15.233:3269 (tcp/http) - last seen on 2024-11-07 at 05:28:22 UTC

    • IP
      125.253.15.233
      Network
      125.253.0.0/19
      Domain(s)
      superloop.au
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://125.253.15.233:3269/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      Reverse DNS
      125-253-15-233.ip4.superloop.au
      ASN
      AS38195
      Organization
      Superloop
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      f09b84fda2db97207d616c18ff1c2a8f
      HTTP Header MD5
      fbfc9d8079d4b06aefb13e1f3508f91b
      HTTP Body MD5
      ea425366a98dfc499c0cbeedb9a4f02a 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:05:31 GMT
Content-Type: text/html
Content-Length: 248
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:28:22.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "fbfc9d8079d4b06aefb13e1f3508f91b",
         "headermmh3" : 242314674,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 466
   },
   "asn" : "AS38195",
   "city" : "Melbourne",
   "country" : "AU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:05:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "f09b84fda2db97207d616c18ff1c2a8f",
   "datammh3" : 1462904323,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "superloop.au"
   ],
   "geolocus" : {
      "asn" : "AS38195",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "superloop.au",
         "superloop.com"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "SUPERLOOP-AU",
      "organization" : "SUPERLOOP (AUSTRALIA) PTY LTD",
      "subnet" : "125.253.12.0/22"
   },
   "host" : [
      "125-253-15-233"
   ],
   "hostname" : [
      "125-253-15-233.ip4.superloop.au"
   ],
   "ip" : "125.253.15.233",
   "ipv6" : "false",
   "latitude" : "-37.8159",
   "location" : "-37.8159,144.9669",
   "longitude" : "144.9669",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Superloop",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "125-253-15-233.ip4.superloop.au"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ip4.superloop.au"
   ],
   "subnet" : "125.253.0.0/19",
   "tld" : [
      "au"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 128.199.44.200:3269 (tcp/unknown) - last seen on 2024-11-07 at 05:18:45 UTC

    • IP
      128.199.44.200
      Network
      128.199.0.0/16
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      ASN
      AS14061
      Organization
      DIGITALOCEAN-ASN
      Protocol
      unknown
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      68b329da9893e34099c7d8ad5cb9c940 
    • 

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:18:45.000Z",
   "app" : {
      "length" : 1
   },
   "asn" : "AS14061",
   "city" : "Amsterdam",
   "country" : "NL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n",
   "datamd5" : "68b329da9893e34099c7d8ad5cb9c940",
   "datammh3" : -1840324437,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS14061",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "digitalocean.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "DigitalOcean",
      "organization" : "DigitalOcean, LLC",
      "subnet" : "128.199.32.0/19"
   },
   "ip" : "128.199.44.200",
   "ipv6" : "false",
   "latitude" : "52.3520",
   "location" : "52.3520,4.9392",
   "longitude" : "4.9392",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "DIGITALOCEAN-ASN",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "128.199.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 31.31.168.14:3269 (tcp/http) - last seen on 2024-11-07 at 05:17:53 UTC

    • IP
      31.31.168.14
      Alternative IP(s)
      195.210.8.252
      Network
      31.31.168.0/21
      Domain(s)
      dwl.by
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://31.31.168.14:3269/ 400

      HTTP Title
      ERROR: The requested URL could not be retrieved
      Reverse DNS
      mail.dwl.by
      ASN
      AS20853
      Organization
      eTOP sp. z o.o.
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      squid-cache Squid 4.10
      HTTP Component(s)
      squid-cache Squid
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e7bad991599f0330b86760f6e51645cb
      HTTP Header MD5
      44e8bc7e5264812d1852cfa3e031fb06
      HTTP Body MD5
      94cc86d94e563843d96c43292c39ec4e 
    • HTTP/1.1 400 Bad Request
Server: squid/4.10
Mime-Version: 1.0
Date: Thu, 07 Nov 2024 05:17:53 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3497
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from artem
X-Cache-Lookup: NONE from artem:3980
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta type="copyright" content="Copyright (C) 1996-2019 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!-- 
 /*
 * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/*
 Stylesheet for Squid Error pages
 Adapted from design by Free CSS Templates
 http://www.freecsstemplates.org
 Released for free under a Creative Commons Attribution 2.5 License
*/

/* Page basics */
* {
	font-family: verdana, sans-serif;
}

html body {
	margin: 0;
	padding: 0;
	background: #efefef;
	font-size: 12px;
	color: #1e1e1e;
}

/* Page displayed title area */
#titles {
	margin-left: 15px;
	padding: 10px;
	padding-left: 100px;
	background: url('/squid-internal-static/icons/SN.png') no-repeat left;
}

/* initial title */
#titles h1 {
	color: #000000;
}
#titles h2 {
	color: #000000;
}

/* special event: FTP success page titles */
#titles ftpsuccess {
	background-color:#00ff00;
	width:100%;
}

/* Page displayed body content area */
#content {
	padding: 10px;
	background: #ffffff;
}

/* General text */
p {
}

/* error brief description */
#error p {
}

/* some data which may have caused the problem */
#data {
}

/* the error message received from the system or other software */
#sysmsg {
}

pre {
}

/* special event: FTP / Gopher directory listing */
#dirmsg {
    font-family: courier, monospace;
    color: black;
    font-size: 10pt;
}
#dirlisting {
    margin-left: 2%;
    margin-right: 2%;
}
#dirlisting tr.entry td.icon,td.filename,td.size,td.date {
    border-bottom: groove;
}
#dirlisting td.size {
    width: 50px;
    text-align: right;
    padding-right: 5px;
}

/* horizontal lines */
hr {
	margin: 0;
}

/* page displayed footer area */
#footer {
	font-size: 9px;
	padding-left: 10px;
}


body
:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }
:lang(he) { direction: rtl; }
 --></style>
</head><body id=ERR_INVALID_URL>
<div id="titles">
<h1>ERROR</h1>
<h2>The requested URL could not be retrieved</h2>
</div>
<hr>

<div id="content">
<p>The following error was encountered while trying to retrieve the URL: <a href="/">/</a></p>

<blockquote id="error">
<p><b>Invalid URL</b></p>
</blockquote>

<p>Some aspect of the requested URL is incorrect.</p>

<p>Some possible problems are:</p>
<ul>
<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>
<li><p>Missing hostname</p></li>
<li><p>Illegal double-escape in the URL-Path</p></li>
<li><p>Illegal character in hostname; underscores are not allowed.</p></li>
</ul>

<p>Your cache administrator is <a href="mailto:webmaster?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20artem%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Thu,%2007%20Nov%202024%2005%3A17%3A53%20GMT%0D%0A%0D%0AClientIP%3A%20<srcip>%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A">webmaster</a>.</p>
<br>
</div>

<hr>
<div id="footer">
<p>Generated Thu, 07 Nov 2024 05:17:53 GMT by artem (squid/4.10)</p>
<!-- ERR_INVALID_URL -->
</div>
</body></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:17:53.000Z",
   "alternativeip" : [
      "195.210.8.252"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "freecsstemplates.org",
            "w3.org"
         ],
         "hostname" : [
            "www.freecsstemplates.org",
            "www.w3.org"
         ],
         "url" : [
            "http://www.freecsstemplates.org",
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "94cc86d94e563843d96c43292c39ec4e",
         "bodymmh3" : 1360632225,
         "component" : [
            {
               "productvendor" : "squid-cache",
               "product" : "Squid"
            }
         ],
         "headermd5" : "44e8bc7e5264812d1852cfa3e031fb06",
         "headermmh3" : 1482806330,
         "title" : "ERROR: The requested URL could not be retrieved"
      },
      "length" : 3819
   },
   "asn" : "AS20853",
   "city" : "Warsaw",
   "country" : "PL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: squid/4.10\r\nMime-Version: 1.0\r\nDate: Thu, 07 Nov 2024 05:17:53 GMT\r\nContent-Type: text/html;charset=utf-8\r\nContent-Length: 3497\r\nX-Squid-Error: ERR_INVALID_URL 0\r\nVary: Accept-Language\r\nContent-Language: en\r\nX-Cache: MISS from artem\r\nX-Cache-Lookup: NONE from artem:3980\r\nConnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html><head>\n<meta type=\"copyright\" content=\"Copyright (C) 1996-2019 The Squid Software Foundation and contributors\">\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>ERROR: The requested URL could not be retrieved</title>\n<style type=\"text/css\"><!-- \n /*\n * Copyright (C) 1996-2020 The Squid Software Foundation and contributors\n *\n * Squid software is distributed under GPLv2+ license and includes\n * contributions from numerous individuals and organizations.\n * Please see the COPYING and CONTRIBUTORS files for details.\n */\n\n/*\n Stylesheet for Squid Error pages\n Adapted from design by Free CSS Templates\n http://www.freecsstemplates.org\n Released for free under a Creative Commons Attribution 2.5 License\n*/\n\n/* Page basics */\n* {\n\tfont-family: verdana, sans-serif;\n}\n\nhtml body {\n\tmargin: 0;\n\tpadding: 0;\n\tbackground: #efefef;\n\tfont-size: 12px;\n\tcolor: #1e1e1e;\n}\n\n/* Page displayed title area */\n#titles {\n\tmargin-left: 15px;\n\tpadding: 10px;\n\tpadding-left: 100px;\n\tbackground: url('/squid-internal-static/icons/SN.png') no-repeat left;\n}\n\n/* initial title */\n#titles h1 {\n\tcolor: #000000;\n}\n#titles h2 {\n\tcolor: #000000;\n}\n\n/* special event: FTP success page titles */\n#titles ftpsuccess {\n\tbackground-color:#00ff00;\n\twidth:100%;\n}\n\n/* Page displayed body content area */\n#content {\n\tpadding: 10px;\n\tbackground: #ffffff;\n}\n\n/* General text */\np {\n}\n\n/* error brief description */\n#error p {\n}\n\n/* some data which may have caused the problem */\n#data {\n}\n\n/* the error message received from the system or other software */\n#sysmsg {\n}\n\npre {\n}\n\n/* special event: FTP / Gopher directory listing */\n#dirmsg {\n    font-family: courier, monospace;\n    color: black;\n    font-size: 10pt;\n}\n#dirlisting {\n    margin-left: 2%;\n    margin-right: 2%;\n}\n#dirlisting tr.entry td.icon,td.filename,td.size,td.date {\n    border-bottom: groove;\n}\n#dirlisting td.size {\n    width: 50px;\n    text-align: right;\n    padding-right: 5px;\n}\n\n/* horizontal lines */\nhr {\n\tmargin: 0;\n}\n\n/* page displayed footer area */\n#footer {\n\tfont-size: 9px;\n\tpadding-left: 10px;\n}\n\n\nbody\n:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }\n:lang(he) { direction: rtl; }\n --></style>\n</head><body id=ERR_INVALID_URL>\n<div id=\"titles\">\n<h1>ERROR</h1>\n<h2>The requested URL could not be retrieved</h2>\n</div>\n<hr>\n\n<div id=\"content\">\n<p>The following error was encountered while trying to retrieve the URL: <a href=\"/\">/</a></p>\n\n<blockquote id=\"error\">\n<p><b>Invalid URL</b></p>\n</blockquote>\n\n<p>Some aspect of the requested URL is incorrect.</p>\n\n<p>Some possible problems are:</p>\n<ul>\n<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>\n<li><p>Missing hostname</p></li>\n<li><p>Illegal double-escape in the URL-Path</p></li>\n<li><p>Illegal character in hostname; underscores are not allowed.</p></li>\n</ul>\n\n<p>Your cache administrator is <a href=\"mailto:webmaster?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20artem%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Thu,%2007%20Nov%202024%2005%3A17%3A53%20GMT%0D%0A%0D%0AClientIP%3A%20<srcip>%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A\">webmaster</a>.</p>\n<br>\n</div>\n\n<hr>\n<div id=\"footer\">\n<p>Generated Thu, 07 Nov 2024 05:17:53 GMT by artem (squid/4.10)</p>\n<!-- ERR_INVALID_URL -->\n</div>\n</body></html>\n",
   "datamd5" : "e7bad991599f0330b86760f6e51645cb",
   "datammh3" : -818859845,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "dwl.by"
   ],
   "host" : [
      "mail"
   ],
   "hostname" : [
      "mail.dwl.by"
   ],
   "ip" : "31.31.168.14",
   "ipv6" : "false",
   "latitude" : "52.2296",
   "location" : "52.2296,21.0067",
   "longitude" : "21.0067",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "eTOP sp. z o.o.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "product" : "Squid",
   "productvendor" : "squid-cache",
   "productversion" : "4.10",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "mail.dwl.by"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "31.31.168.0/21",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "by"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 65.128.192.126:3269 (tcp/http) - last seen on 2024-11-07 at 05:10:50 UTC

    • IP
      65.128.192.126
      Network
      65.128.192.0/18
      Domain(s)
      qwest.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://65.128.192.126:3269/ 401

      HTTP Title
      Unauthorized
      Reverse DNS
      65-128-192-126.mpls.qwest.net
      ASN
      AS209
      Organization
      CENTURYLINK-US-LEGACY-QWEST
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      HTTP Component(s)
      Plex Media Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2de861031040181ee2188040cc83180e
      HTTP Header MD5
      9ca01530123920eac6307b32e7d89d3b
      HTTP Body MD5
      58839c8a9d6616ca62adc7b6e3610676 
    • HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 07 Nov 2024 05:10:50 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:10:50.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "productvendor" : "Plex",
               "product" : "Media Server"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : -1958086647,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS209",
   "city" : "Minneapolis",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 07 Nov 2024 05:10:50 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "qwest.net"
   ],
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "lumen.com",
         "qwest.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-18",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "65.128.0.0/15"
   },
   "host" : [
      "65-128-192-126"
   ],
   "hostname" : [
      "65-128-192-126.mpls.qwest.net"
   ],
   "ip" : "65.128.192.126",
   "ipv6" : "false",
   "latitude" : "45.0196",
   "location" : "45.0196,-93.2402",
   "longitude" : "-93.2402",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "65-128-192-126.mpls.qwest.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "mpls.qwest.net"
   ],
   "subnet" : "65.128.192.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 115.146.165.83:3269 (tcp/http) - last seen on 2024-11-07 at 05:10:18 UTC

    • IP
      115.146.165.83
      Network
      115.146.160.0/19
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://115.146.165.83:3269/ 302

      ASN
      AS9299
      Organization
      Philippine Long Distance Telephone Company
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      10ed135338070645b45177d84b4a3f6d
      HTTP Header MD5
      bcacfbeb580e94985325dd953c02befb
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Location: WebMC
Content-type: text/html
Content-Length: 0
Connection: close
Date: Thu, 07 Nov 2024 04:54:54 GMT
Server: kx-ns1000


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:10:18.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "bcacfbeb580e94985325dd953c02befb",
         "headermmh3" : 1841282452
      },
      "length" : 158
   },
   "asn" : "AS9299",
   "city" : "Pasay",
   "country" : "PH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nLocation: WebMC\r\nContent-type: text/html\r\nContent-Length: 0\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 04:54:54 GMT\r\nServer: kx-ns1000\r\n\r\n",
   "datamd5" : "10ed135338070645b45177d84b4a3f6d",
   "datammh3" : 991452098,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9299",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "PH",
      "countryname" : "Philippines",
      "domain" : [
         "pldt.com.ph",
         "pldt.net"
      ],
      "isineu" : "false",
      "latitude" : "12.879721",
      "location" : "12.879721,121.774017",
      "longitude" : "121.774017",
      "netname" : "PLDT-PH",
      "organization" : "Philippine Long Distance Telephone Co.",
      "subnet" : "115.146.160.0/19"
   },
   "ip" : "115.146.165.83",
   "ipv6" : "false",
   "latitude" : "14.5448",
   "location" : "14.5448,120.9900",
   "longitude" : "120.9900",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Philippine Long Distance Telephone Company",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "115.146.160.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}