IP

191.165.209.65

Network

191.160.0.0/12

Domain(s)

timbrasil.com.br

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://191.165.209.65:4343/ 400

HTTP Title

400 The plain HTTP request was sent to HTTPS port

Reverse DNS

65.209.165.191.isp.timbrasil.com.br

ASN

AS26615

Organization

TIM SA

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

b1d04896c703757d96de81222b65e24c

HTTP Header MD5

a23d459f6df25deeaf6d1de4dcac2312

HTTP Body MD5

ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:47:06 GMT
Content-Type: text/html
Content-Length: 248
Connection: close
X-Frame-Options: sameorigin
x-xss-protection: 1; mode=block
X-Content-Type-Options: nosniff

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:47:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a23d459f6df25deeaf6d1de4dcac2312",
         "headermmh3" : -1516675288,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 488
   },
   "asn" : "AS26615",
   "city" : "Rio de Janeiro",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:47:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\nX-Frame-Options: sameorigin\r\nx-xss-protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "b1d04896c703757d96de81222b65e24c",
   "datammh3" : 1607515384,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "timbrasil.com.br"
   ],
   "host" : [
      65
   ],
   "hostname" : [
      "65.209.165.191.isp.timbrasil.com.br"
   ],
   "ip" : "191.165.209.65",
   "ipv6" : "false",
   "latitude" : "-22.9201",
   "location" : "-22.9201,-43.0811",
   "longitude" : "-43.0811",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TIM SA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4343,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "65.209.165.191.isp.timbrasil.com.br"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "191.isp.timbrasil.com.br",
      "165.191.isp.timbrasil.com.br",
      "209.165.191.isp.timbrasil.com.br",
      "isp.timbrasil.com.br"
   ],
   "subnet" : "191.160.0.0/12",
   "tld" : [
      "com.br"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

120.240.116.143

Network

120.240.112.0/21

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://120.240.116.143:4343/ 400

HTTP Title

400 Bad Request

ASN

AS56040

Organization

China Mobile communications corporation

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

3967ee6959439e19b78db166ba2e46a3

HTTP Header MD5

b8818c0b51c7d9dc4ebfdc043317ee35

HTTP Body MD5

7ce853053b95265187a4cd238716240a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:47:04 GMT
Content-Type: text/html
Content-Length: 2428
Connection: close
x-ws-request-id: 672c5458_PS-000-01mWl143_32017-14474

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 05:47:04 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-000-01mWl143
				<br>URL: http://<ip>:4343/
				<br>Request-Id: 672c5458_PS-000-01mWl143_32017-14474
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:4343/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:47:04.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "7ce853053b95265187a4cd238716240a",
         "bodymmh3" : 1841380431,
         "headermd5" : "b8818c0b51c7d9dc4ebfdc043317ee35",
         "headermmh3" : -182876267,
         "title" : "400 Bad Request"
      },
      "length" : 2602
   },
   "asn" : "AS56040",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:47:04 GMT\r\nContent-Type: text/html\r\nContent-Length: 2428\r\nConnection: close\r\nx-ws-request-id: 672c5458_PS-000-01mWl143_32017-14474\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 05:47:04 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-000-01mWl143\n\t\t\t\t<br>URL: http://<ip>:4343/\n\t\t\t\t<br>Request-Id: 672c5458_PS-000-01mWl143_32017-14474\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:4343/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "3967ee6959439e19b78db166ba2e46a3",
   "datammh3" : -467122754,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS56040",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "120.240.112.0/21"
   },
   "ip" : "120.240.116.143",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile communications corporation",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4343,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "120.240.112.0/21",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

177.149.94.68

Network

177.148.0.0/14

Domain(s)

timbrasil.com.br

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

Reverse DNS

68.94.149.177.isp.timbrasil.com.br

ASN

AS26615

Organization

TIM SA

Protocol

unknown

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

61ea727ffcd84c3bdfb7ec984712f343

\x15\x00\x00\x00\x02\x02

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:47:03.000Z",
   "app" : {
      "length" : 7
   },
   "asn" : "AS26615",
   "city" : "Bras\u00edlia",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\\x15\\x00\\x00\\x00\\x02\\x02\n",
   "datamd5" : "61ea727ffcd84c3bdfb7ec984712f343",
   "datammh3" : -962737174,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "timbrasil.com.br"
   ],
   "geolocus" : {
      "asn" : "AS26615",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "cert.br",
         "dnlegal.com.br",
         "timbrasil.com.br"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "02.421.421/0117-41",
      "organization" : "TIM S/A",
      "subnet" : "177.148.0.0/14"
   },
   "host" : [
      68
   ],
   "hostname" : [
      "68.94.149.177.isp.timbrasil.com.br"
   ],
   "ip" : "177.149.94.68",
   "ipv6" : "false",
   "latitude" : "-15.7792",
   "location" : "-15.7792,-47.9341",
   "longitude" : "-47.9341",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TIM SA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4343,
   "protocol" : "unknown",
   "reverse" : [
      "68.94.149.177.isp.timbrasil.com.br"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "149.177.isp.timbrasil.com.br",
      "94.149.177.isp.timbrasil.com.br",
      "isp.timbrasil.com.br",
      "177.isp.timbrasil.com.br"
   ],
   "subnet" : "177.148.0.0/14",
   "tld" : [
      "com.br"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

177.30.66.116

Network

177.28.0.0/14

Domain(s)

timbrasil.com.br

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://177.30.66.116:4343/ 400

HTTP Title

400 The plain HTTP request was sent to HTTPS port

Reverse DNS

116.66.30.177.isp.timbrasil.com.br

ASN

AS26615

Organization

TIM SA

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

b1d04896c703757d96de81222b65e24c

HTTP Header MD5

a23d459f6df25deeaf6d1de4dcac2312

HTTP Body MD5

ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:47:00 GMT
Content-Type: text/html
Content-Length: 248
Connection: close
X-Frame-Options: sameorigin
x-xss-protection: 1; mode=block
X-Content-Type-Options: nosniff

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:47:00.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a23d459f6df25deeaf6d1de4dcac2312",
         "headermmh3" : 976119980,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 488
   },
   "asn" : "AS26615",
   "city" : "Goi\u00e2nia",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:47:00 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\nX-Frame-Options: sameorigin\r\nx-xss-protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "b1d04896c703757d96de81222b65e24c",
   "datammh3" : 1607515384,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "timbrasil.com.br"
   ],
   "geolocus" : {
      "asn" : "AS26615",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "cert.br",
         "dnlegal.com.br",
         "timbrasil.com.br"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "02.421.421/0117-41",
      "organization" : "TIM S/A",
      "subnet" : "177.28.0.0/14"
   },
   "host" : [
      116
   ],
   "hostname" : [
      "116.66.30.177.isp.timbrasil.com.br"
   ],
   "ip" : "177.30.66.116",
   "ipv6" : "false",
   "latitude" : "-16.5610",
   "location" : "-16.5610,-49.2063",
   "longitude" : "-49.2063",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TIM SA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4343,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "116.66.30.177.isp.timbrasil.com.br"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "30.177.isp.timbrasil.com.br",
      "66.30.177.isp.timbrasil.com.br",
      "177.isp.timbrasil.com.br",
      "isp.timbrasil.com.br"
   ],
   "subnet" : "177.28.0.0/14",
   "tld" : [
      "com.br"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

179.190.226.229

Network

179.190.128.0/17

Domain(s)

cabotelecom.com.br

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://179.190.226.229:4343/ 400

HTTP Title

400 The plain HTTP request was sent to HTTPS port

Reverse DNS

179-190-226-229.cable.cabotelecom.com.br

ASN

AS28220

Organization

CABO SERVICOS DE TELECOMUNICACOES LTDA

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

b1d04896c703757d96de81222b65e24c

HTTP Header MD5

a23d459f6df25deeaf6d1de4dcac2312

HTTP Body MD5

ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:47:00 GMT
Content-Type: text/html
Content-Length: 248
Connection: close
X-Frame-Options: sameorigin
x-xss-protection: 1; mode=block
X-Content-Type-Options: nosniff

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:47:00.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a23d459f6df25deeaf6d1de4dcac2312",
         "headermmh3" : 976119980,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 488
   },
   "asn" : "AS28220",
   "city" : "Natal",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:47:00 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\nX-Frame-Options: sameorigin\r\nx-xss-protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "b1d04896c703757d96de81222b65e24c",
   "datammh3" : 1607515384,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cabotelecom.com.br"
   ],
   "geolocus" : {
      "asn" : "AS28220",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "alaresinternet.com.br",
         "cabotelecom.com.br",
         "cert.br"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "02.952.192/0001-61",
      "organization" : "CABO SERVICOS DE TELECOMUNICACOES LTDA",
      "subnet" : "179.190.128.0/17"
   },
   "host" : [
      "179-190-226-229"
   ],
   "hostname" : [
      "179-190-226-229.cable.cabotelecom.com.br"
   ],
   "ip" : "179.190.226.229",
   "ipv6" : "false",
   "latitude" : "-5.8111",
   "location" : "-5.8111,-35.2235",
   "longitude" : "-35.2235",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CABO SERVICOS DE TELECOMUNICACOES LTDA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4343,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "179-190-226-229.cable.cabotelecom.com.br"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "cable.cabotelecom.com.br"
   ],
   "subnet" : "179.190.128.0/17",
   "tld" : [
      "com.br"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

186.229.134.163

Network

186.228.0.0/14

Domain(s)

intelignet.com.br

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://186.229.134.163:4343/ 400

HTTP Title

400 The plain HTTP request was sent to HTTPS port

Reverse DNS

186-229-134-163.ded.intelignet.com.br

ASN

AS26615

Organization

TIM SA

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

b1d04896c703757d96de81222b65e24c

HTTP Header MD5

a23d459f6df25deeaf6d1de4dcac2312

HTTP Body MD5

ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:47:00 GMT
Content-Type: text/html
Content-Length: 248
Connection: close
X-Frame-Options: sameorigin
x-xss-protection: 1; mode=block
X-Content-Type-Options: nosniff

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:47:00.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a23d459f6df25deeaf6d1de4dcac2312",
         "headermmh3" : 976119980,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 488
   },
   "asn" : "AS26615",
   "city" : "Rio de Janeiro",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:47:00 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\nX-Frame-Options: sameorigin\r\nx-xss-protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "b1d04896c703757d96de81222b65e24c",
   "datammh3" : 1607515384,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "intelignet.com.br"
   ],
   "geolocus" : {
      "asn" : "AS26615",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "cert.br",
         "dnlegal.com.br",
         "intelignet.com.br",
         "timbrasil.com.br"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "02.421.421/0001-11",
      "organization" : "TIM S.A.",
      "subnet" : "186.228.0.0/15"
   },
   "host" : [
      "186-229-134-163"
   ],
   "hostname" : [
      "186-229-134-163.ded.intelignet.com.br"
   ],
   "ip" : "186.229.134.163",
   "ipv6" : "false",
   "latitude" : "-22.9201",
   "location" : "-22.9201,-43.0811",
   "longitude" : "-43.0811",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TIM SA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4343,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "186-229-134-163.ded.intelignet.com.br"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ded.intelignet.com.br"
   ],
   "subnet" : "186.228.0.0/14",
   "tld" : [
      "com.br"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

200.25.27.4

Network

200.25.16.0/20

Domain(s)

red1.co

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

Reverse DNS

o.red1.co

ASN

AS7195

Organization

EDGEUNO S.A.S

Protocol

unknown

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

68b329da9893e34099c7d8ad5cb9c940

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:46:54.000Z",
   "app" : {
      "length" : 1
   },
   "asn" : "AS7195",
   "country" : "CO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n",
   "datamd5" : "68b329da9893e34099c7d8ad5cb9c940",
   "datammh3" : -1840324437,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "red1.co"
   ],
   "geolocus" : {
      "asn" : "AS7195",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "CO",
      "countryname" : "Colombia",
      "domain" : [
         "as7195.net",
         "edgeuno.com"
      ],
      "isineu" : "false",
      "latitude" : "4.570868",
      "location" : "4.570868,-74.297333",
      "longitude" : "-74.297333",
      "netname" : "CO-EDID67-LACNIC",
      "organization" : "Edgeuno ID0283",
      "subnet" : "200.25.26.0/23"
   },
   "host" : [
      "o"
   ],
   "hostname" : [
      "o.red1.co"
   ],
   "ip" : "200.25.27.4",
   "ipv6" : "false",
   "latitude" : "4.5981",
   "location" : "4.5981,-74.0799",
   "longitude" : "-74.0799",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "EDGEUNO S.A.S",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4343,
   "protocol" : "unknown",
   "reverse" : [
      "o.red1.co"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "200.25.16.0/20",
   "tld" : [
      "co"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

185.41.97.19

Network

185.41.96.0/22

Domain(s)

somvera.cat

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://185.41.97.19:4343/ 200

HTTP Title

WEB SERVICE

Reverse DNS

19.97.41.185-ip.somvera.cat

ASN

AS208909

Organization

Gurbtec Iguana Telecom SL

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

8042c5c257b20f1f665970445aa4d14a

HTTP Header MD5

16aa56a7bf550a630e80c815add27257

HTTP Body MD5

63fed911c7e9eb468e2d4f6a6721d6df

HTTP/1.1 200 OK
CONNECTION: keep-alive
Date: Thu, 07 Nov 2024 07:50:01 GMT
Last-Modified: Wed, 13 Oct 2021 08:56:13 GMT
Etag: "1634115373:c1e"
CONTENT-LENGTH: 3102
P3P: CP=CAO PSA OUR
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options: nosniff
CONTENT-TYPE: text/html

<!DOCTYPE HTML> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta charset="UTF-8"> <title>WEB SERVICE</title> <link href="./baseProj/images/favicon.ico" type="image/x-icon" rel="shortcut icon"> <script src="ext/ext-all.js"></script> <script type="text/javascript" src="./projectPath.js"></script> <script type="text/javascript" src="/app/libs/require.js"></script> <script type="text/javascript" src="/app/jsCore/require-config.js"></script> <script type="text/javascript"> Ext.onReady(function () {
            //启用缓存
            Ext.Loader.setConfig({
                "disableCaching": true,
                "paths":{
                    "basePath": BASEURL, //配置基础项目的文件路径
                    "projectPath": PROJECT_URL //配置定制项目的文件路径
                }
            });

            //定义项目的加载路径
            var basePath = Ext.Loader.getPath('basePath'),
                projectPath = Ext.Loader.getPath('projectPath');

            //设置类的地址路径
            Ext.Loader.setPath({
                "jsCore": "app/jsCore",
                'component': "baseProj/js/component",
                'js': 'baseProj/js',
                'plugin': 'app/plugin',
                'widget': 'baseProj/js/widget',
                'baseCls':'app/baseCls',
				'app': 'baseCls', //各个项目统一一个app
                'customJs': projectPath+'js', // 非基线项目引用的js路径
                'desktop':PROJ_MODULE.indexOf('desktop') != -1? projectPath+'js/desktop':basePath+'/js/desktop', //加载指定项目的Desktop.js
                'data': PROJ_MODULE.indexOf('data') != -1 ? projectPath + 'data': basePath + '/data'  //加载指定项目的数据文件
            });

            require(['pubsub', 'core', 'extend', 'libs/qrcode', 'libs/jsonpath', 'libs/json2',
                'libs/base64',
                'libs/md5', 'libs/aes', 'libs/rsa', 'libs/xss', 'libs/moment',
                'timeaxes/TimeAxes',
                'timeaxes/TimeAxesAdaptor',
                'timeaxes/TimeGridLayer',
                'timeaxes/TimeAxes_old',
                'timeaxes/TimeGridLayer_old',
                'h5Player'
            ], function () {
                //载入必要的模块，字符串文件加载完成后，初始化和加载应用
                Ext.require(['jsCore.Common'], function () {
                    jsCore.Common.getJsonLanguage().done(function () {
                        //自验问题修改：设备初始化界面，密码输入框输入时，报js错误,修改为先设置规则
                        jsCore.Common.setFieldVtype();
                        Ext.require(['baseCls.App']);
                        //***密码输入框输入时，报js错误 END***//
                    });
                });
            });
        }); </script> </head> <body></body> <script type="text/javascript" src="./pluginVersion.js"></script> <script type="text/javascript" src="./webVersion.js"></script> <script type="text/javascript" src="./cap.js"></script> </html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:46:50.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "63fed911c7e9eb468e2d4f6a6721d6df",
         "bodymmh3" : -367237444,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Wed, 13 Oct 2021 08:56:13 GMT"
            },
            {
               "value" : "1634115373:c1e",
               "name" : "Etag"
            }
         ],
         "headermd5" : "16aa56a7bf550a630e80c815add27257",
         "headermmh3" : 724015401,
         "title" : "WEB SERVICE"
      },
      "length" : 3488
   },
   "asn" : "AS208909",
   "city" : "Manlleu",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nCONNECTION: keep-alive\r\nDate: Thu, 07 Nov 2024 07:50:01 GMT\r\nLast-Modified: Wed, 13 Oct 2021 08:56:13 GMT\r\nEtag: \"1634115373:c1e\"\r\nCONTENT-LENGTH: 3102\r\nP3P: CP=CAO PSA OUR\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'\r\nX-Content-Type-Options: nosniff\r\nCONTENT-TYPE: text/html\r\n\r\n<!DOCTYPE HTML> <html> <head> <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"> <meta charset=\"UTF-8\"> <title>WEB SERVICE</title> <link href=\"./baseProj/images/favicon.ico\" type=\"image/x-icon\" rel=\"shortcut icon\"> <script src=\"ext/ext-all.js\"></script> <script type=\"text/javascript\" src=\"./projectPath.js\"></script> <script type=\"text/javascript\" src=\"/app/libs/require.js\"></script> <script type=\"text/javascript\" src=\"/app/jsCore/require-config.js\"></script> <script type=\"text/javascript\"> Ext.onReady(function () {\n            //\u542f\u7528\u7f13\u5b58\n            Ext.Loader.setConfig({\n                \"disableCaching\": true,\n                \"paths\":{\n                    \"basePath\": BASEURL, //\u914d\u7f6e\u57fa\u7840\u9879\u76ee\u7684\u6587\u4ef6\u8def\u5f84\n                    \"projectPath\": PROJECT_URL //\u914d\u7f6e\u5b9a\u5236\u9879\u76ee\u7684\u6587\u4ef6\u8def\u5f84\n                }\n            });\n\n            //\u5b9a\u4e49\u9879\u76ee\u7684\u52a0\u8f7d\u8def\u5f84\n            var basePath = Ext.Loader.getPath('basePath'),\n                projectPath = Ext.Loader.getPath('projectPath');\n\n            //\u8bbe\u7f6e\u7c7b\u7684\u5730\u5740\u8def\u5f84\n            Ext.Loader.setPath({\n                \"jsCore\": \"app/jsCore\",\n                'component': \"baseProj/js/component\",\n                'js': 'baseProj/js',\n                'plugin': 'app/plugin',\n                'widget': 'baseProj/js/widget',\n                'baseCls':'app/baseCls',\n\t\t\t\t'app': 'baseCls', //\u5404\u4e2a\u9879\u76ee\u7edf\u4e00\u4e00\u4e2aapp\n                'customJs': projectPath+'js', // \u975e\u57fa\u7ebf\u9879\u76ee\u5f15\u7528\u7684js\u8def\u5f84\n                'desktop':PROJ_MODULE.indexOf('desktop') != -1? projectPath+'js/desktop':basePath+'/js/desktop', //\u52a0\u8f7d\u6307\u5b9a\u9879\u76ee\u7684Desktop.js\n                'data': PROJ_MODULE.indexOf('data') != -1 ? projectPath + 'data': basePath + '/data'  //\u52a0\u8f7d\u6307\u5b9a\u9879\u76ee\u7684\u6570\u636e\u6587\u4ef6\n            });\n\n            require(['pubsub', 'core', 'extend', 'libs/qrcode', 'libs/jsonpath', 'libs/json2',\n                'libs/base64',\n                'libs/md5', 'libs/aes', 'libs/rsa', 'libs/xss', 'libs/moment',\n                'timeaxes/TimeAxes',\n                'timeaxes/TimeAxesAdaptor',\n                'timeaxes/TimeGridLayer',\n                'timeaxes/TimeAxes_old',\n                'timeaxes/TimeGridLayer_old',\n                'h5Player'\n            ], function () {\n                //\u8f7d\u5165\u5fc5\u8981\u7684\u6a21\u5757\uff0c\u5b57\u7b26\u4e32\u6587\u4ef6\u52a0\u8f7d\u5b8c\u6210\u540e\uff0c\u521d\u59cb\u5316\u548c\u52a0\u8f7d\u5e94\u7528\n                Ext.require(['jsCore.Common'], function () {\n                    jsCore.Common.getJsonLanguage().done(function () {\n                        //\u81ea\u9a8c\u95ee\u9898\u4fee\u6539\uff1a\u8bbe\u5907\u521d\u59cb\u5316\u754c\u9762\uff0c\u5bc6\u7801\u8f93\u5165\u6846\u8f93\u5165\u65f6\uff0c\u62a5js\u9519\u8bef,\u4fee\u6539\u4e3a\u5148\u8bbe\u7f6e\u89c4\u5219\n                        jsCore.Common.setFieldVtype();\n                        Ext.require(['baseCls.App']);\n                        //***\u5bc6\u7801\u8f93\u5165\u6846\u8f93\u5165\u65f6\uff0c\u62a5js\u9519\u8bef END***//\n                    });\n                });\n            });\n        }); </script> </head> <body></body> <script type=\"text/javascript\" src=\"./pluginVersion.js\"></script> <script type=\"text/javascript\" src=\"./webVersion.js\"></script> <script type=\"text/javascript\" src=\"./cap.js\"></script> </html>",
   "datamd5" : "8042c5c257b20f1f665970445aa4d14a",
   "datammh3" : 483869412,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "somvera.cat"
   ],
   "host" : [
      19
   ],
   "hostname" : [
      "19.97.41.185-ip.somvera.cat"
   ],
   "ip" : "185.41.97.19",
   "ipv6" : "false",
   "latitude" : "41.9982",
   "location" : "41.9982,2.2899",
   "longitude" : "2.2899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Gurbtec Iguana Telecom SL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4343,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "19.97.41.185-ip.somvera.cat"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "185-ip.somvera.cat",
      "97.41.185-ip.somvera.cat",
      "41.185-ip.somvera.cat"
   ],
   "subnet" : "185.41.96.0/22",
   "tld" : [
      "cat"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

177.121.219.146

Network

177.120.0.0/14

Domain(s)

timbrasil.com.br

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://177.121.219.146:4343/ 400

HTTP Title

400 The plain HTTP request was sent to HTTPS port

Reverse DNS

146.219.121.177.isp.timbrasil.com.br

ASN

AS26615

Organization

TIM SA

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

b1d04896c703757d96de81222b65e24c

HTTP Header MD5

a23d459f6df25deeaf6d1de4dcac2312

HTTP Body MD5

ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:46:41 GMT
Content-Type: text/html
Content-Length: 248
Connection: close
X-Frame-Options: sameorigin
x-xss-protection: 1; mode=block
X-Content-Type-Options: nosniff

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:46:41.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a23d459f6df25deeaf6d1de4dcac2312",
         "headermmh3" : 436271283,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 488
   },
   "asn" : "AS26615",
   "city" : "S\u00e3o Paulo",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:46:41 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\nX-Frame-Options: sameorigin\r\nx-xss-protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "b1d04896c703757d96de81222b65e24c",
   "datammh3" : 1607515384,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "timbrasil.com.br"
   ],
   "geolocus" : {
      "asn" : "AS25799",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "cert.br",
         "dnlegal.com.br",
         "timbrasil.com.br"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "02.421.421/0117-41",
      "organization" : "TIM S/A",
      "subnet" : "177.120.0.0/15"
   },
   "host" : [
      146
   ],
   "hostname" : [
      "146.219.121.177.isp.timbrasil.com.br"
   ],
   "ip" : "177.121.219.146",
   "ipv6" : "false",
   "latitude" : "-23.6283",
   "location" : "-23.6283,-46.6409",
   "longitude" : "-46.6409",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TIM SA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4343,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "146.219.121.177.isp.timbrasil.com.br"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "121.177.isp.timbrasil.com.br",
      "219.121.177.isp.timbrasil.com.br",
      "177.isp.timbrasil.com.br",
      "isp.timbrasil.com.br"
   ],
   "subnet" : "177.120.0.0/14",
   "tld" : [
      "com.br"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

13.38.51.24

Network

13.36.0.0/14

Domain(s)

amazonaws.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://13.38.51.24:4343/ 200

Reverse DNS

ec2-13-38-51-24.eu-west-3.compute.amazonaws.com

ASN

AS16509

Organization

AMAZON-02

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

f192c778ba9971cccb2fcec90e21e379

HTTP Header MD5

9f060a9cb1b31c417a3a68e629ae97e3

HTTP Body MD5

852141068209c03fdeb5dacc5a9c52e3

HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 05:46:41 GMT
Server: nginx
Content-Length: 69
Content-Type: text/html

<html><body><script>top.location='/p/login/';</script></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:46:41.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "852141068209c03fdeb5dacc5a9c52e3",
         "bodymmh3" : -1124668290,
         "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
         "headermmh3" : -1695882839
      },
      "length" : 204
   },
   "asn" : "AS16509",
   "city" : "Paris",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:46:41 GMT\r\nServer: nginx\r\nContent-Length: 69\r\nContent-Type: text/html\r\n\r\n<html><body><script>top.location='/p/login/';</script></body></html>\n",
   "datamd5" : "f192c778ba9971cccb2fcec90e21e379",
   "datammh3" : -1092385355,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "AMAZON-CDG",
      "organization" : "Amazon Data Services France",
      "subnet" : "13.36.0.0/14"
   },
   "host" : [
      "ec2-13-38-51-24"
   ],
   "hostname" : [
      "ec2-13-38-51-24.eu-west-3.compute.amazonaws.com"
   ],
   "ip" : "13.38.51.24",
   "ipv6" : "false",
   "latitude" : "48.8323",
   "location" : "48.8323,2.4075",
   "longitude" : "2.4075",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4343,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-13-38-51-24.eu-west-3.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-west-3.compute.amazonaws.com"
   ],
   "subnet" : "13.36.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}