Cyber Defense Search Engine

IP
65.128.192.126

Network
65.128.192.0/18

Domain(s)
qwest.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://65.128.192.126:3269/ 401

HTTP Title
Unauthorized

Reverse DNS
65-128-192-126.mpls.qwest.net

ASN
AS209

Organization
CENTURYLINK-US-LEGACY-QWEST

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

HTTP Component(s)
Plex Media Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2de861031040181ee2188040cc83180e

HTTP Header MD5
9ca01530123920eac6307b32e7d89d3b

HTTP Body MD5
58839c8a9d6616ca62adc7b6e3610676

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 07 Nov 2024 05:10:50 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:10:50.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "productvendor" : "Plex",
               "product" : "Media Server"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : -1958086647,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS209",
   "city" : "Minneapolis",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 07 Nov 2024 05:10:50 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "qwest.net"
   ],
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "lumen.com",
         "qwest.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-18",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "65.128.0.0/15"
   },
   "host" : [
      "65-128-192-126"
   ],
   "hostname" : [
      "65-128-192-126.mpls.qwest.net"
   ],
   "ip" : "65.128.192.126",
   "ipv6" : "false",
   "latitude" : "45.0196",
   "location" : "45.0196,-93.2402",
   "longitude" : "-93.2402",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "65-128-192-126.mpls.qwest.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "mpls.qwest.net"
   ],
   "subnet" : "65.128.192.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
97.118.51.194

Network
97.118.48.0/21

Domain(s)
qwest.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://97.118.51.194:3269/ 403

HTTP Title
403 Forbidden

Reverse DNS
97-118-51-194.hlrn.qwest.net

ASN
AS209

Organization
CENTURYLINK-US-LEGACY-QWEST

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
564bafed928cb234c1cb71dc0f252f76

HTTP Header MD5
875409e280ff8e9f4d5c07afd8b7fd8b

HTTP Body MD5
8bee748834def5e83f789ae0e5cf0a10

HTTP/1.1 403 Forbidden
Server: nginx
Date: Thu, 07 Nov 2024 03:25:21 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:25:21.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "8bee748834def5e83f789ae0e5cf0a10",
         "bodymmh3" : 917197141,
         "headermd5" : "875409e280ff8e9f4d5c07afd8b7fd8b",
         "headermmh3" : 1536700765,
         "title" : "403 Forbidden"
      },
      "length" : 305
   },
   "asn" : "AS209",
   "city" : "Littleton",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:25:21 GMT\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: close\r\n\r\n<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "564bafed928cb234c1cb71dc0f252f76",
   "datammh3" : 1313779290,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "qwest.net"
   ],
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "centurylink.net",
         "lumen.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-125",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "97.112.0.0/12"
   },
   "host" : [
      "97-118-51-194"
   ],
   "hostname" : [
      "97-118-51-194.hlrn.qwest.net"
   ],
   "ip" : "97.118.51.194",
   "ipv6" : "false",
   "latitude" : "39.6140",
   "location" : "39.6140,-104.9602",
   "longitude" : "-104.9602",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "reverse" : [
      "97-118-51-194.hlrn.qwest.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 403,
   "subdomains" : [
      "hlrn.qwest.net"
   ],
   "subnet" : "97.118.48.0/21",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
204.131.209.45

Network
204.131.208.0/20

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS209

Organization
CENTURYLINK-US-LEGACY-QWEST

Protocol
unknown

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7e400114f6196d2a2d9f6b2f23f36f41

8\x00\x00\x00\x07\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x056\xd8\x18\x00\x00\x00\x00W\x85s*\x00\x00\x00\x00W\xc9?\x06\x00\x00\x00\x00

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-02T21:44:40.000Z",
   "app" : {
      "length" : 56
   },
   "asn" : "AS209",
   "city" : "Boise",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "8\\x00\\x00\\x00\\x07\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x056\\xd8\\x18\\x00\\x00\\x00\\x00W\\x85s*\\x00\\x00\\x00\\x00W\\xc9?\\x06\\x00\\x00\\x00\\x00",
   "datamd5" : "7e400114f6196d2a2d9f6b2f23f36f41",
   "datammh3" : 1753578583,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "lumen.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-34",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "204.131.208.0/21"
   },
   "ip" : "204.131.209.45",
   "ipv6" : "false",
   "latitude" : "43.6349",
   "location" : "43.6349,-116.2023",
   "longitude" : "-116.2023",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3269,
   "protocol" : "unknown",
   "seen_date" : "2024-11-02",
   "source" : "datascan",
   "subnet" : "204.131.208.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
174.29.214.195

Network
174.28.0.0/15

Domain(s)
qwest.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://174.29.214.195:3269/ 401

HTTP Title
Unauthorized

Reverse DNS
174-29-214-195.hlrn.qwest.net

ASN
AS209

Organization
CENTURYLINK-US-LEGACY-QWEST

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

HTTP Component(s)
Plex Media Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2de861031040181ee2188040cc83180e

HTTP Header MD5
9ca01530123920eac6307b32e7d89d3b

HTTP Body MD5
58839c8a9d6616ca62adc7b6e3610676

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Fri, 01 Nov 2024 23:29:32 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T23:29:32.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "product" : "Media Server",
               "productvendor" : "Plex"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : 1666831577,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS209",
   "city" : "Denver",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Fri, 01 Nov 2024 23:29:32 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "qwest.net"
   ],
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "lumen.com",
         "qwest.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-127",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "174.24.0.0/13"
   },
   "host" : [
      "174-29-214-195"
   ],
   "hostname" : [
      "174-29-214-195.hlrn.qwest.net"
   ],
   "ip" : "174.29.214.195",
   "ipv6" : "false",
   "latitude" : "39.8401",
   "location" : "39.8401,-105.0027",
   "longitude" : "-105.0027",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "174-29-214-195.hlrn.qwest.net"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "hlrn.qwest.net"
   ],
   "subnet" : "174.28.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
174.29.214.195

Network
174.28.0.0/15

Domain(s)
qwest.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://174.29.214.195:3269/ 401

HTTP Title
Unauthorized

Reverse DNS
174-29-214-195.hlrn.qwest.net

ASN
AS209

Organization
CENTURYLINK-US-LEGACY-QWEST

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

HTTP Component(s)
Plex Media Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2de861031040181ee2188040cc83180e

HTTP Header MD5
9ca01530123920eac6307b32e7d89d3b

HTTP Body MD5
58839c8a9d6616ca62adc7b6e3610676

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 24 Oct 2024 22:12:30 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-24T22:12:30.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "productvendor" : "Plex",
               "product" : "Media Server"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : 40480092,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS209",
   "city" : "Castle Rock",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 24 Oct 2024 22:12:30 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "qwest.net"
   ],
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "lumen.com",
         "qwest.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-127",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "174.24.0.0/13"
   },
   "host" : [
      "174-29-214-195"
   ],
   "hostname" : [
      "174-29-214-195.hlrn.qwest.net"
   ],
   "ip" : "174.29.214.195",
   "ipv6" : "false",
   "latitude" : "39.3634",
   "location" : "39.3634,-104.8881",
   "longitude" : "-104.8881",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "174-29-214-195.hlrn.qwest.net"
   ],
   "seen_date" : "2024-10-24",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "hlrn.qwest.net"
   ],
   "subnet" : "174.28.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
174.20.4.119

Network
174.20.0.0/14

Domain(s)
qwest.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://174.20.4.119:3269/ 401

HTTP Title
Unauthorized

Reverse DNS
174-20-4-119.mpls.qwest.net

ASN
AS209

Organization
CENTURYLINK-US-LEGACY-QWEST

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

HTTP Component(s)
Plex Media Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2de861031040181ee2188040cc83180e

HTTP Header MD5
9ca01530123920eac6307b32e7d89d3b

HTTP Body MD5
58839c8a9d6616ca62adc7b6e3610676

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 24 Oct 2024 04:08:27 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-24T04:08:27.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "productvendor" : "Plex",
               "product" : "Media Server"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : 2038552645,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS209",
   "city" : "Minneapolis",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 24 Oct 2024 04:08:27 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "qwest.net"
   ],
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "lumen.com",
         "qwest.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-127",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "174.20.0.0/14"
   },
   "host" : [
      "174-20-4-119"
   ],
   "hostname" : [
      "174-20-4-119.mpls.qwest.net"
   ],
   "ip" : "174.20.4.119",
   "ipv6" : "false",
   "latitude" : "45.0520",
   "location" : "45.0520,-93.3360",
   "longitude" : "-93.3360",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "174-20-4-119.mpls.qwest.net"
   ],
   "seen_date" : "2024-10-24",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "mpls.qwest.net"
   ],
   "subnet" : "174.20.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
71.34.15.207

Network
71.34.0.0/17

Domain(s)
qwest.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://71.34.15.207:3269/ 400

HTTP Title
400 Bad Request

Reverse DNS
71-34-15-207.mpls.qwest.net

ASN
AS209

Organization
CENTURYLINK-US-LEGACY-QWEST

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
Apache HTTP Server 2.4.33

HTTP Component(s)
Apache mod_perl 2.0.10 Perl Perl 5.26.1 OpenSSL OpenSSL 1.1.1

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e40104a9b28c588815f67c0637c0b120

HTTP Header MD5
5a9a085b4b08c430d2e1397e7c0d22e8

HTTP Body MD5
42f8e429451576d1cc5e4d5fca41f27d

HTTP/1.1 400 Bad Request
Date: Wed, 23 Oct 2024 11:50:03 GMT
Server: Apache/2.4.33 (Unix) OpenSSL/1.1.1 mod_perl/2.0.10 Perl/v5.26.1
Last-Modified: Mon, 13 Jul 2020 08:07:38 GMT
ETag: "165-5aa4e2f1aa680"
Accept-Ranges: bytes
Content-Length: 357
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1> Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
Instead use the HTTPS scheme to access this URL, please.<br />
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-23T11:50:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "42f8e429451576d1cc5e4d5fca41f27d",
         "bodymmh3" : -7888710,
         "component" : [
            {
               "productversion" : "2.0.10",
               "productvendor" : "Apache",
               "product" : "mod_perl"
            },
            {
               "product" : "OpenSSL",
               "productvendor" : "OpenSSL",
               "productversion" : "1.1.1"
            },
            {
               "product" : "Perl",
               "productvendor" : "Perl",
               "productversion" : "5.26.1"
            }
         ],
         "header" : [
            {
               "value" : "Mon, 13 Jul 2020 08:07:38 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "165-5aa4e2f1aa680"
            }
         ],
         "headermd5" : "5a9a085b4b08c430d2e1397e7c0d22e8",
         "headermmh3" : 70267633,
         "title" : "400 Bad Request"
      },
      "length" : 630
   },
   "asn" : "AS209",
   "city" : "Saint Paul",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Wed, 23 Oct 2024 11:50:03 GMT\r\nServer: Apache/2.4.33 (Unix) OpenSSL/1.1.1 mod_perl/2.0.10 Perl/v5.26.1\r\nLast-Modified: Mon, 13 Jul 2020 08:07:38 GMT\r\nETag: \"165-5aa4e2f1aa680\"\r\nAccept-Ranges: bytes\r\nContent-Length: 357\r\nConnection: close\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1> Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\nReason: You're speaking plain HTTP to an SSL-enabled server port.<br />\nInstead use the HTTPS scheme to access this URL, please.<br />\n</body></html>\n",
   "datamd5" : "e40104a9b28c588815f67c0637c0b120",
   "datammh3" : 1437583235,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "qwest.net"
   ],
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "lumen.com",
         "qwest.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-119",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "71.34.0.0/17"
   },
   "host" : [
      "71-34-15-207"
   ],
   "hostname" : [
      "71-34-15-207.mpls.qwest.net"
   ],
   "ip" : "71.34.15.207",
   "ipv6" : "false",
   "latitude" : "44.9548",
   "location" : "44.9548,-93.1551",
   "longitude" : "-93.1551",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.33",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "71-34-15-207.mpls.qwest.net"
   ],
   "seen_date" : "2024-10-23",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "mpls.qwest.net"
   ],
   "subnet" : "71.34.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
204.131.209.45

Network
204.131.208.0/20

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS209

Organization
CENTURYLINK-US-LEGACY-QWEST

Protocol
unknown

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2f6263057770364ed6cfef868fc3330b

8\x00\x00\x00\x07\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00\x89<\x00\x00\x00\x00\xebGPW\x00\x00\x00\x00\xa9\x9c\x061\x00\x00\x00\x00

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-21T04:44:58.000Z",
   "app" : {
      "length" : 56
   },
   "asn" : "AS209",
   "city" : "Boise",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "8\\x00\\x00\\x00\\x07\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x05\\x00\\x89<\\x00\\x00\\x00\\x00\\xebGPW\\x00\\x00\\x00\\x00\\xa9\\x9c\\x061\\x00\\x00\\x00\\x00",
   "datamd5" : "2f6263057770364ed6cfef868fc3330b",
   "datammh3" : 1814452611,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "lumen.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-34",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "204.131.208.0/21"
   },
   "ip" : "204.131.209.45",
   "ipv6" : "false",
   "latitude" : "43.6349",
   "location" : "43.6349,-116.2023",
   "longitude" : "-116.2023",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3269,
   "protocol" : "unknown",
   "seen_date" : "2024-10-21",
   "source" : "datascan",
   "subnet" : "204.131.208.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
65.141.207.36

Network
65.141.192.0/20

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://65.141.207.36:3269/ 503

HTTP Title
Application Blocked

ASN
AS209

Organization
CENTURYLINK-US-LEGACY-QWEST

Protocol
http

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
8a724d261eb8b573540ea06facd44959

HTTP Header MD5
6c98a752cc974ac90ebcb5306ea69198

HTTP Body MD5
9df79408b27b873661eb242299a14c12

HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=UTF-8
Content-Length: 6836
Connection: close
P3P: CP="CAO PSA OUR"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html>

<html lang="en">
<head>
    <base href="/login/">
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=.85">
    <meta http-equiv="pragma" content="no-cache">
    <title>Application Blocked</title>
    <link rel="stylesheet" href="css/latofonts.css">
    <style>
        body {
            background-color: #e8ebeb;
            font-family: Lato, 'Helvetica Neue', Helvetica, Arial, sans-serif;
            font-size: 16px;
            margin: 0;
            color: #070808;
        }

        a:link {
            color: #0993d1;
        }

        b,
        strong {
            font-weight: 500;
        }

        p {
            line-height: 1.2em;
        }

        button {
            overflow: visible;
        }

        button, input, optgroup, select, textarea {
            color: inherit;
            font: inherit;
            margin: 0;
        }

        .center {
            text-align: center;
            margin-left: auto;
            margin-right: auto;
        }

        #dError,
        .msg {
            color: #d94949;
            margin: 20px 0;
        }

        fieldset .msg {
            margin: 0;
        }

        #content {
            padding-top: 100px;
        }

        #content img {
            display: block;
            margin: auto;
        }

        #content h1 {
            font-style: normal;
            font-weight: normal;
            font-size: 36px;
            line-height: 43px;
            text-align: center;
            letter-spacing: 0.1px;
            color: #070808;
            margin: 10px auto 8px;
        }

        #content > p {
            text-align: center;
            margin-left: auto;
            margin-right: auto;
            width: 640px;
            font-size: 14px;
            line-height: 20px;
        }

        .response {
            background-color: #fff;
            color: #5a636b;
            margin: 24px auto 0;
            padding: 20px;
            font-size: 16px;
            width: 800px;
            border: 1px solid #c8cbce;
            box-sizing: border-box;
            border-radius: 8px;
        }

        .response p {
            margin: 0 0 1em;
        }

        .response p:last-child {
            margin: 0;
        }

        .response b {
            color: #070808;
        }

        .response .msg b {
            color: #d94949;
        }

        .response form td,
        .response form input {
            font-size: 1.1em;
            font-weight: bold;
        }

        .loading {
            margin: 2em auto 1em;
        }
    </style>
</head>

<body>
<div id="content" class="container">
    <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFQAAABgCAYAAACDgFV6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAntSURBVHgB7Z1tTFvXGcef6xewAYMxmIQkgIFAAozEQBfRNpucKpMCW7d0UvahUzT2pV8TVLXZtGlxtlb7soikH/ohnZRMUaVuWbR2qkq0dcN0aUOrZWFElBcDpqOBYAI2YLDB4LvzXGrKi1/OheO3a/8kx9fnHGPfv895nuc8594TDgJgNpu1vnTNOY6HFgDeAAkCz3HmX//85UsQQxSBCvm0rL/U1VabTMefAW1ONsQ7nf/6BKwjNnAtuM2/+u1liKWo8q0Fv/zN707rcnN+1vLjH4FKlQ6JwBf/G4MZhxOqD1dCackBU0llDXT+42+dEANk2wpkYGr8Zh0kKjiqThxvxJ56EWLANkGB47WqdBUkMrEUdZOgNpvNkJGekQMSwC/qxdcvX4coIjilQZvtHOfjzd5VXltYWBC08aPxCbDbp6D2G9XC8aT9yab6emMtKBRrfg7t2tb6Y099bUoiUb8VFJXQAq9fhku/ePmnEAU467DtIs/zZn/Bvc/uw5GaKjAeqdnUcGVlBUbJSRiKi9ZFixf8Xv5gWSmYvvXMtnrL3U/A8lHXjWiIKuOBb6FpOEl6ZjyKSQP2VNO3G1uiMfxlwIOBpiGGJV7vCiQq0RJVJqaxUhmfvdPt8VC1i4ao1ArVErsqBTY6Ks4razWbW53AEFE9VCr4eyqvXO0wm9u0wJCkFBRZE/VpI2tRqQXFuA9DJykRCVGpBZ2bd8W1l1fI5eCcnQOxsBaVmduen58HVmg0GlHtFST6yM/Pg+6eXmg8Vg97CwpEvf8rR2W0fHQPRT2xG0fFRNBP//2APP4DrPjeqZNQZiihbm8oKoIhMlOqPlQB12/+EUoNxURUPYhFq80xOp2zuxKVWlClQh40Ds3P14Ge9JClpWVggT4vT1R7Q0kRPJqYEI5R1DmXSxBYLFmZanC5XEaOX8UEUWQFPXyoMmhdOelN5SJ6FGtwOnysoV4QccbhgPT0tO1tSGdQysOf7tT0DPi8q7BTEm9iHgS1WsVk8vHgYS8suHc+0pI2DsX0Iz5YQ91D+wcGoaS4WOgJgXgyPS3KhmYTT67RZIHUoBbUuxLcruzEy6MXR28uNZjY0LLSYtHD58C+vSBFmAiKYc4Pv98MiQROHiIxlaYWVJerjdt86E7IjpD9plZo/75CSBGepA2bIgW1oFJL3dmnpmIbh/YNWIVl2mBx6Dym9+JQdPy+atX27xypVCQTL4O9t48E/vEITiAOk4RJtGAiqJCceKoeUkgoOSKWVBzKmFQcmiCk4lDGUAtKe7lLohDzOHRo2BYyDr3z939CPLJHr4c6Y23AukjEosy8zKnvPAeJhEKhJF7eBaxJ2VDGJK2gaLoisQRDHzYVFga1n4kIzu8DzfF3C3UP1emYXvUnWVI2lDHUQx7j0FBD5GFvH8QjOGUONMvDewZmZhxwsLwUWMIsDt1ToCdxnRfijWjftcLs0wr0+ZAiZUOZk4pDGUM95EPZz0Qk5nGolMSMJMycUiRSYSxQq9VC6BQtqAXF/KEuNzdgGIJrM/G6jKwh3ymQoDGPQ/HedE2WJqCgWBbNpdp4JhU2MSYlKGOSdl0el5EjMVWmFrSK2MhE3M0hGHgue3Zwc1g4qIe8lMSMJCkbyhhqQTFwl9I1om63JyI5XGpBE30Tl2iRGvKMSQnKGFGuO9TljLiFRjRNwv79hbtKv+G54Bzf/fAhuO7dA3dPDyxPTkLzwgJWj55pasLnbjz28fx75NlSdefOaLi/y2SbIXRWUbevPOyKRYsFlt5+G+yZmZBeVgaakydBuW8fyDb8SN7xcaN3YsLoGRk5vXj/Pgw2N99Y9fkuhRKWGxwa2fTVgu19JxW8pBeOv/Ya+UF4yCYiopg0rDocsEBEnfvwQ6eM465UfPBBwF10k8qGEjFg7JVXQF1VBfqXXqIWE5GT1CX+AIUXLmhlWq15sKmpLVC7pNlmCMV8cv065L34ImQdPw47BYXde+ECZDQ0nCeidmytp7ahuM1QAbGTwaagLDL2Ol1uRNZ5cJjb33wT9pw7JwgSCp/Hg7YzbO/NPXMGn0yDAG2V7e2t/nJm9ymxyNgLNxIwFnTObgf7q6+C9vnnw4qJQk6+8YZwnNnQ4BctKDnkby6NjJwfaGrqPNTe/i6WMbtPKR4z9gsLi/D4T7cgo7gYh2jY9u7PP990nBumPUYEKPrUtWttD0wmS53F4hS16plIt9XgaHncPwDQ1QU5J8XvHOFzu6naoWkgD4NKpTqPr6kFxXX5RErhoU1fHeiHjFJD2KG+W9D7k1DqB3gsybBpfZ++T7sgo7oaIg32UjL8jSPNzSWSFBQ3wxKwWiGtvByigaqmBpZ5/gVqQTF3iDnEeAe/o9A7v/wS0goLN00lIwl+FsEguR7qWktuoLLAqdUQLWTksziez5GcoEvLbDY0FAs6Po7j6Hsoprri9fqljbDaIVIsGGaRNN+sqLuRcUaE1ziNfjEmlNUbj6yHUhvL/dTWVK9ftReoHpem/Zuv4hLL0PBI0Pp5lwv6+gfD1uf6Q6Q8nZAhEsNGe6sQGWoJn8Vxo6ICSxSvQK8XHlsJVk5bjyMg1K4Qmqwsqnrr8Ff7huryYIXMy3FuTuuY1MRTY4oOxcl69lkQg8dmIxlBvltyi+0ymQx8Pt/aiwMHYHl4WAhpaEA7iAmUnbBC8gAEyzYbqkxTgmcpcW/l3jQ9rj0K8x9/DGLAHk0SHqLeg+1XHI5uzORvE7SI2Mr+wWFIVDam/7jGRliamMCTpXovZpvGzWZMdoDj1i2gBX804pCu4vE2QfF6Hxw279x+Dx6T1FeikUXWiNbBONT0HLU4W7NNVO/p7QVPb+8o6Z038HVAG/r0sQboITOjd27/FZzOWUg0Tn/3FGRmZgjH3IkTsPRZF7ju3g2bqVeTeT+2w2GfSZHuw54/+/77eLieYOaswyMOsl4l7TtjZ6aBu9IG+rNnhZXNUKCYqzMzYdshdpKM9jx6hKugZn+ZjOe5bpA6JITiz/4Ept56S7CTocAQi0Z0tLNEzD9sFBPh+qxWk5yTd0AyQBIm/O+vQXZdnZDD3An4g0zfvAleh+Pq4fb281vrOfxnwDpsJvPQmPw/mFGHDH/+9p9BMTYmiEqzNIKgvXQRb05srJN49Fa/E9oK5z/o67MZZHLezMnhqNRsKjlJw7ZCknzmLR2gINmpNJIgziDBv1yrBblOJwx7FBBnTNgj0eOTWBOFvOrxeK7g2lGIz5I+QmdR8h0BhSVmAIaswPf8V0j5AXFIsLhIcgF5a2HXwQrgKiu7V0dtL1S1to6G+6ykENRP3+BQC4mxLwYUNgA8XiiG1zJVHrwBlCSVoH7QEXOc7LQMZEeJbEZS5DdxTqIIXm3XyfO+d6sqKiwgkv8DR1QQUUMZmhsAAAAASUVORK5CYII=" alt="Error">
    <h1>Application Blocked</h1>
    <div class="response">
        <p>The application you are trying to use has been blocked in accordance with company policy. Please contact your system administrator if you believe this is an error.</p>
        <p><b>User:</b> <srcip></p>
        <p><b>Application:</b> web-browsing</p>
    </div>
</div>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-19T16:35:50.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "9df79408b27b873661eb242299a14c12",
         "bodymmh3" : -1866019094,
         "headermd5" : "6c98a752cc974ac90ebcb5306ea69198",
         "headermmh3" : 1819765086,
         "title" : "Application Blocked"
      },
      "length" : 7108
   },
   "asn" : "AS209",
   "city" : "Aurora",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 503 Service Unavailable\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 6836\r\nConnection: close\r\nP3P: CP=\"CAO PSA OUR\"\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\n\r\n<!DOCTYPE html>\r\n\r\n<html lang=\"en\">\r\n<head>\r\n    <base href=\"/login/\">\r\n    <meta charset=\"utf-8\">\r\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\r\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=.85\">\r\n    <meta http-equiv=\"pragma\" content=\"no-cache\">\r\n    <title>Application Blocked</title>\r\n    <link rel=\"stylesheet\" href=\"css/latofonts.css\">\r\n    <style>\r\n        body {\r\n            background-color: #e8ebeb;\r\n            font-family: Lato, 'Helvetica Neue', Helvetica, Arial, sans-serif;\r\n            font-size: 16px;\r\n            margin: 0;\r\n            color: #070808;\r\n        }\r\n\r\n        a:link {\r\n            color: #0993d1;\r\n        }\r\n\r\n        b,\r\n        strong {\r\n            font-weight: 500;\r\n        }\r\n\r\n        p {\r\n            line-height: 1.2em;\r\n        }\r\n\r\n        button {\r\n            overflow: visible;\r\n        }\r\n\r\n        button, input, optgroup, select, textarea {\r\n            color: inherit;\r\n            font: inherit;\r\n            margin: 0;\r\n        }\r\n\r\n        .center {\r\n            text-align: center;\r\n            margin-left: auto;\r\n            margin-right: auto;\r\n        }\r\n\r\n        #dError,\r\n        .msg {\r\n            color: #d94949;\r\n            margin: 20px 0;\r\n        }\r\n\r\n        fieldset .msg {\r\n            margin: 0;\r\n        }\r\n\r\n        #content {\r\n            padding-top: 100px;\r\n        }\r\n\r\n        #content img {\r\n            display: block;\r\n            margin: auto;\r\n        }\r\n\r\n        #content h1 {\r\n            font-style: normal;\r\n            font-weight: normal;\r\n            font-size: 36px;\r\n            line-height: 43px;\r\n            text-align: center;\r\n            letter-spacing: 0.1px;\r\n            color: #070808;\r\n            margin: 10px auto 8px;\r\n        }\r\n\r\n        #content > p {\r\n            text-align: center;\r\n            margin-left: auto;\r\n            margin-right: auto;\r\n            width: 640px;\r\n            font-size: 14px;\r\n            line-height: 20px;\r\n        }\r\n\r\n        .response {\r\n            background-color: #fff;\r\n            color: #5a636b;\r\n            margin: 24px auto 0;\r\n            padding: 20px;\r\n            font-size: 16px;\r\n            width: 800px;\r\n            border: 1px solid #c8cbce;\r\n            box-sizing: border-box;\r\n            border-radius: 8px;\r\n        }\r\n\r\n        .response p {\r\n            margin: 0 0 1em;\r\n        }\r\n\r\n        .response p:last-child {\r\n            margin: 0;\r\n        }\r\n\r\n        .response b {\r\n            color: #070808;\r\n        }\r\n\r\n        .response .msg b {\r\n            color: #d94949;\r\n        }\r\n\r\n        .response form td,\r\n        .response form input {\r\n            font-size: 1.1em;\r\n            font-weight: bold;\r\n        }\r\n\r\n        .loading {\r\n            margin: 2em auto 1em;\r\n        }\r\n    </style>\r\n</head>\r\n\r\n<body>\r\n<div id=\"content\" class=\"container\">\r\n    <img src=\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFQAAABgCAYAAACDgFV6AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAntSURBVHgB7Z1tTFvXGcef6xewAYMxmIQkgIFAAozEQBfRNpucKpMCW7d0UvahUzT2pV8TVLXZtGlxtlb7soikH/ohnZRMUaVuWbR2qkq0dcN0aUOrZWFElBcDpqOBYAI2YLDB4LvzXGrKi1/OheO3a/8kx9fnHGPfv895nuc8594TDgJgNpu1vnTNOY6HFgDeAAkCz3HmX//85UsQQxSBCvm0rL/U1VabTMefAW1ONsQ7nf/6BKwjNnAtuM2/+u1liKWo8q0Fv/zN707rcnN+1vLjH4FKlQ6JwBf/G4MZhxOqD1dCackBU0llDXT+42+dEANk2wpkYGr8Zh0kKjiqThxvxJ56EWLANkGB47WqdBUkMrEUdZOgNpvNkJGekQMSwC/qxdcvX4coIjilQZvtHOfjzd5VXltYWBC08aPxCbDbp6D2G9XC8aT9yab6emMtKBRrfg7t2tb6Y099bUoiUb8VFJXQAq9fhku/ePmnEAU467DtIs/zZn/Bvc/uw5GaKjAeqdnUcGVlBUbJSRiKi9ZFixf8Xv5gWSmYvvXMtnrL3U/A8lHXjWiIKuOBb6FpOEl6ZjyKSQP2VNO3G1uiMfxlwIOBpiGGJV7vCiQq0RJVJqaxUhmfvdPt8VC1i4ao1ArVErsqBTY6Ks4razWbW53AEFE9VCr4eyqvXO0wm9u0wJCkFBRZE/VpI2tRqQXFuA9DJykRCVGpBZ2bd8W1l1fI5eCcnQOxsBaVmduen58HVmg0GlHtFST6yM/Pg+6eXmg8Vg97CwpEvf8rR2W0fHQPRT2xG0fFRNBP//2APP4DrPjeqZNQZiihbm8oKoIhMlOqPlQB12/+EUoNxURUPYhFq80xOp2zuxKVWlClQh40Ds3P14Ge9JClpWVggT4vT1R7Q0kRPJqYEI5R1DmXSxBYLFmZanC5XEaOX8UEUWQFPXyoMmhdOelN5SJ6FGtwOnysoV4QccbhgPT0tO1tSGdQysOf7tT0DPi8q7BTEm9iHgS1WsVk8vHgYS8suHc+0pI2DsX0Iz5YQ91D+wcGoaS4WOgJgXgyPS3KhmYTT67RZIHUoBbUuxLcruzEy6MXR28uNZjY0LLSYtHD58C+vSBFmAiKYc4Pv98MiQROHiIxlaYWVJerjdt86E7IjpD9plZo/75CSBGepA2bIgW1oFJL3dmnpmIbh/YNWIVl2mBx6Dym9+JQdPy+atX27xypVCQTL4O9t48E/vEITiAOk4RJtGAiqJCceKoeUkgoOSKWVBzKmFQcmiCk4lDGUAtKe7lLohDzOHRo2BYyDr3z939CPLJHr4c6Y23AukjEosy8zKnvPAeJhEKhJF7eBaxJ2VDGJK2gaLoisQRDHzYVFga1n4kIzu8DzfF3C3UP1emYXvUnWVI2lDHUQx7j0FBD5GFvH8QjOGUONMvDewZmZhxwsLwUWMIsDt1ToCdxnRfijWjftcLs0wr0+ZAiZUOZk4pDGUM95EPZz0Qk5nGolMSMJMycUiRSYSxQq9VC6BQtqAXF/KEuNzdgGIJrM/G6jKwh3ymQoDGPQ/HedE2WJqCgWBbNpdp4JhU2MSYlKGOSdl0el5EjMVWmFrSK2MhE3M0hGHgue3Zwc1g4qIe8lMSMJCkbyhhqQTFwl9I1om63JyI5XGpBE30Tl2iRGvKMSQnKGFGuO9TljLiFRjRNwv79hbtKv+G54Bzf/fAhuO7dA3dPDyxPTkLzwgJWj55pasLnbjz28fx75NlSdefOaLi/y2SbIXRWUbevPOyKRYsFlt5+G+yZmZBeVgaakydBuW8fyDb8SN7xcaN3YsLoGRk5vXj/Pgw2N99Y9fkuhRKWGxwa2fTVgu19JxW8pBeOv/Ya+UF4yCYiopg0rDocsEBEnfvwQ6eM465UfPBBwF10k8qGEjFg7JVXQF1VBfqXXqIWE5GT1CX+AIUXLmhlWq15sKmpLVC7pNlmCMV8cv065L34ImQdPw47BYXde+ECZDQ0nCeidmytp7ahuM1QAbGTwaagLDL2Ol1uRNZ5cJjb33wT9pw7JwgSCp/Hg7YzbO/NPXMGn0yDAG2V7e2t/nJm9ymxyNgLNxIwFnTObgf7q6+C9vnnw4qJQk6+8YZwnNnQ4BctKDnkby6NjJwfaGrqPNTe/i6WMbtPKR4z9gsLi/D4T7cgo7gYh2jY9u7PP990nBumPUYEKPrUtWttD0wmS53F4hS16plIt9XgaHncPwDQ1QU5J8XvHOFzu6naoWkgD4NKpTqPr6kFxXX5RErhoU1fHeiHjFJD2KG+W9D7k1DqB3gsybBpfZ++T7sgo7oaIg32UjL8jSPNzSWSFBQ3wxKwWiGtvByigaqmBpZ5/gVqQTF3iDnEeAe/o9A7v/wS0goLN00lIwl+FsEguR7qWktuoLLAqdUQLWTksziez5GcoEvLbDY0FAs6Po7j6Hsoprri9fqljbDaIVIsGGaRNN+sqLuRcUaE1ziNfjEmlNUbj6yHUhvL/dTWVK9ftReoHpem/Zuv4hLL0PBI0Pp5lwv6+gfD1uf6Q6Q8nZAhEsNGe6sQGWoJn8Vxo6ICSxSvQK8XHlsJVk5bjyMg1K4Qmqwsqnrr8Ff7huryYIXMy3FuTuuY1MRTY4oOxcl69lkQg8dmIxlBvltyi+0ymQx8Pt/aiwMHYHl4WAhpaEA7iAmUnbBC8gAEyzYbqkxTgmcpcW/l3jQ9rj0K8x9/DGLAHk0SHqLeg+1XHI5uzORvE7SI2Mr+wWFIVDam/7jGRliamMCTpXovZpvGzWZMdoDj1i2gBX804pCu4vE2QfF6Hxw279x+Dx6T1FeikUXWiNbBONT0HLU4W7NNVO/p7QVPb+8o6Z038HVAG/r0sQboITOjd27/FZzOWUg0Tn/3FGRmZgjH3IkTsPRZF7ju3g2bqVeTeT+2w2GfSZHuw54/+/77eLieYOaswyMOsl4l7TtjZ6aBu9IG+rNnhZXNUKCYqzMzYdshdpKM9jx6hKugZn+ZjOe5bpA6JITiz/4Ept56S7CTocAQi0Z0tLNEzD9sFBPh+qxWk5yTd0AyQBIm/O+vQXZdnZDD3An4g0zfvAleh+Pq4fb281vrOfxnwDpsJvPQmPw/mFGHDH/+9p9BMTYmiEqzNIKgvXQRb05srJN49Fa/E9oK5z/o67MZZHLezMnhqNRsKjlJw7ZCknzmLR2gINmpNJIgziDBv1yrBblOJwx7FBBnTNgj0eOTWBOFvOrxeK7g2lGIz5I+QmdR8h0BhSVmAIaswPf8V0j5AXFIsLhIcgF5a2HXwQrgKiu7V0dtL1S1to6G+6ykENRP3+BQC4mxLwYUNgA8XiiG1zJVHrwBlCSVoH7QEXOc7LQMZEeJbEZS5DdxTqIIXm3XyfO+d6sqKiwgkv8DR1QQUUMZmhsAAAAASUVORK5CYII=\" alt=\"Error\">\r\n    <h1>Application Blocked</h1>\r\n    <div class=\"response\">\r\n        <p>The application you are trying to use has been blocked in accordance with company policy. Please contact your system administrator if you believe this is an error.</p>\r\n        <p><b>User:</b> <srcip></p>\r\n        <p><b>Application:</b> web-browsing</p>\r\n    </div>\r\n</div>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "8a724d261eb8b573540ea06facd44959",
   "datammh3" : -427137891,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "lumen.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-18",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "65.141.192.0/20"
   },
   "ip" : "65.141.207.36",
   "ipv6" : "false",
   "latitude" : "39.5987",
   "location" : "39.5987,-104.7515",
   "longitude" : "-104.7515",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3269,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Service Unavailable",
   "seen_date" : "2024-10-19",
   "source" : "datascan",
   "status" : 503,
   "subnet" : "65.141.192.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
75.162.14.66

Network
75.162.0.0/16

Domain(s)
qwest.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://75.162.14.66:3269/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
75-162-14-66.desm.qwest.net

ASN
AS209

Organization
CENTURYLINK-US-LEGACY-QWEST

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Sat, 19 Oct 2024 09:28:18 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-19T09:28:18.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 1228442490,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS209",
   "city" : "West Des Moines",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Sat, 19 Oct 2024 09:28:18 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "qwest.net"
   ],
   "geolocus" : {
      "asn" : "AS209",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "centurylink.com",
         "lumen.com",
         "qwest.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CENTURYLINK-LEGACY-QWEST-INET-124",
      "organization" : "CenturyLink Communications, LLC",
      "subnet" : "75.162.0.0/16"
   },
   "host" : [
      "75-162-14-66"
   ],
   "hostname" : [
      "75-162-14-66.desm.qwest.net"
   ],
   "ip" : "75.162.14.66",
   "ipv6" : "false",
   "latitude" : "41.5769",
   "location" : "41.5769,-93.8021",
   "longitude" : "-93.8021",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CENTURYLINK-US-LEGACY-QWEST",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3269,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "75-162-14-66.desm.qwest.net"
   ],
   "seen_date" : "2024-10-19",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "desm.qwest.net"
   ],
   "subnet" : "75.162.0.0/16",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 13 in 0.034 second(s)

65.128.192.126:3269 (tcp/http) - last seen on 2024-11-07 at 05:10:50 UTC

97.118.51.194:3269 (tcp/http) - last seen on 2024-11-07 at 03:25:21 UTC

204.131.209.45:3269 (tcp/unknown) - last seen on 2024-11-02 at 21:44:40 UTC

174.29.214.195:3269 (tcp/http) - last seen on 2024-11-01 at 23:29:32 UTC

174.29.214.195:3269 (tcp/http) - last seen on 2024-10-24 at 22:12:30 UTC

174.20.4.119:3269 (tcp/http) - last seen on 2024-10-24 at 04:08:27 UTC

71.34.15.207:3269 (tcp/http) - last seen on 2024-10-23 at 11:50:05 UTC

204.131.209.45:3269 (tcp/unknown) - last seen on 2024-10-21 at 04:44:58 UTC

65.141.207.36:3269 (tcp/http) - last seen on 2024-10-19 at 16:35:50 UTC

75.162.14.66:3269 (tcp/http) - last seen on 2024-10-19 at 09:28:18 UTC