Returning 10 result(s) out of 24,285 in 0.192 second(s)

  • <access denied by policy>:<access denied by policy> (<access denied by policy>/<access denied by policy>) - last seen on 2024-11-07 at 03:19:25 UTC

    • IP

      <access denied by policy>

      Network

      <access denied by policy>

      Operating System

      <access denied by policy> <access denied by policy>

      ASN

      <access denied by policy>

      Organization

      <access denied by policy>

      Protocol

      <access denied by policy>

      Source

      <access denied by policy>

    • Operating System

      <access denied by policy> <access denied by policy>

      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5

      <access denied by policy>

    • <access denied by policy>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:19:25.000Z",
         "app" : "<enterprise field>: app",
         "asn" : "<access denied by policy>",
         "city" : "<access denied by policy>",
         "country" : "<access denied by policy>",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "<access denied by policy>",
         "datamd5" : "<access denied by policy>",
         "datammh3" : "<access denied by policy>",
         "device" : "<enterprise field>: device",
         "geolocus" : "<enterprise field>: geolocus",
         "ip" : "<access denied by policy>",
         "ipv6" : "<access denied by policy>",
         "latitude" : "<access denied by policy>",
         "location" : "<access denied by policy>",
         "longitude" : "<access denied by policy>",
         "node" : "<enterprise field>: node",
         "organization" : "<access denied by policy>",
         "os" : "<access denied by policy>",
         "osvendor" : "<access denied by policy>",
         "port" : "<access denied by policy>",
         "protocol" : "<access denied by policy>",
         "protocolversion" : "<access denied by policy>",
         "reason" : "<access denied by policy>",
         "seen_date" : "<access denied by policy>",
         "source" : "<access denied by policy>",
         "status" : "<access denied by policy>",
         "subnet" : "<access denied by policy>",
         "tag" : "<enterprise field>: tag",
         "tls" : "<access denied by policy>",
         "transport" : "<access denied by policy>",
         "url" : "<access denied by policy>"
      }
      
  • 185.213.154.118:4566 (tcp/http) - last seen on 2024-11-07 at 03:19:15 UTC

    • IP
      185.213.154.118
      Network
      185.213.152.0/22
      Device

      <enterprise field>: device.class

      URL

      http://185.213.154.118:4566/ 400

      ASN
      AS39351
      Organization
      31173 Services AB
      Protocol
      http
      Source
      datascan
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      7ec6fc76f1262fda24211ad1f325a0f1
      HTTP Header MD5
      e1ac934a33d282a0f9203d1f38959cd4
      HTTP Body MD5
      b634668f41ef53ef6d608dc70c4e0dcb
    • HTTP/1.0 400 Bad Request
      
      Client sent an HTTP request to an HTTPS server.
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:19:15.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "b634668f41ef53ef6d608dc70c4e0dcb",
               "bodymmh3" : 759042204,
               "headermd5" : "e1ac934a33d282a0f9203d1f38959cd4",
               "headermmh3" : 247729568
            },
            "length" : 76
         },
         "asn" : "AS39351",
         "city" : "Gothenburg",
         "country" : "SE",
         "data" : "HTTP/1.0 400 Bad Request\r\n\r\nClient sent an HTTP request to an HTTPS server.\n",
         "datamd5" : "7ec6fc76f1262fda24211ad1f325a0f1",
         "datammh3" : 785411303,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS39351",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "SE",
            "countryname" : "Sweden",
            "domain" : [
               "31173.se"
            ],
            "isineu" : "true",
            "latitude" : "60.128161",
            "location" : "60.128161,18.643501",
            "longitude" : "18.643501",
            "netname" : "NET-31173-185-213-154",
            "organization" : "31173 Services AB",
            "subnet" : "185.213.154.64/26"
         },
         "ip" : "185.213.154.118",
         "ipv6" : "false",
         "latitude" : "57.7065",
         "location" : "57.7065,11.9670",
         "longitude" : "11.9670",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "31173 Services AB",
         "port" : 4566,
         "protocol" : "http",
         "protocolversion" : "1.0",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "185.213.152.0/22",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 13.251.45.65:4566 (tcp/http) - last seen on 2024-11-07 at 03:19:15 UTC

    • IP
      13.251.45.65
      Network
      13.250.0.0/15
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://13.251.45.65:4566/ 200

      Reverse DNS
      ec2-13-251-45-65.ap-southeast-1.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      97f64c9c6bf158d0d05d3f05372b5a7a
      HTTP Header MD5
      9f060a9cb1b31c417a3a68e629ae97e3
      HTTP Body MD5
      c25cbaf569d22e9f526ff69fe9e61bbf
    • HTTP/1.1 200 OK
      Connection: close
      Date: Thu, 07 Nov 2024 03:19:15 GMT
      Server: nginx
      Content-Length: 583
      Content-Type: text/html
      
      <html style="background:#007cef">
      <head>
      <meta http-equiv="expires" content="0">
      <script type='text/javascript'>
      pr=(document.location.protocol == 'https:') ? 'https' : 'http';
      pt=(location.port == '') ? '' : ':' + location.port;
      redirect_suffix = "/redirect.html?count="+Math.random();
      if(location.hostname.indexOf(':') == -1)
      {
      location.href=pr+"://"+location.hostname+pt+redirect_suffix;
      }
      else    //could be ipv6 addr
      {
      var url = "";
      url=pr+"://["+ location.hostname.replace(/[\[\]]/g, '') +"]"+pt+redirect_suffix;
      location.href = url;
      }
      </script>
      </head>
      <body>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:19:15.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "c25cbaf569d22e9f526ff69fe9e61bbf",
               "bodymmh3" : 2073015905,
               "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
               "headermmh3" : -735030231
            },
            "length" : 719
         },
         "asn" : "AS16509",
         "city" : "Singapore",
         "country" : "SG",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 03:19:15 GMT\r\nServer: nginx\r\nContent-Length: 583\r\nContent-Type: text/html\r\n\r\n<html style=\"background:#007cef\">\n<head>\n<meta http-equiv=\"expires\" content=\"0\">\n<script type='text/javascript'>\npr=(document.location.protocol == 'https:') ? 'https' : 'http';\npt=(location.port == '') ? '' : ':' + location.port;\nredirect_suffix = \"/redirect.html?count=\"+Math.random();\nif(location.hostname.indexOf(':') == -1)\n{\nlocation.href=pr+\"://\"+location.hostname+pt+redirect_suffix;\n}\nelse    //could be ipv6 addr\n{\nvar url = \"\";\nurl=pr+\"://[\"+ location.hostname.replace(/[\\[\\]]/g, '') +\"]\"+pt+redirect_suffix;\nlocation.href = url;\n}\n</script>\n</head>\n<body>\n</body>\n</html>\n",
         "datamd5" : "97f64c9c6bf158d0d05d3f05372b5a7a",
         "datammh3" : 1079192638,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "amazonaws.com"
         ],
         "geolocus" : {
            "asn" : "AS16509",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "SG",
            "countryname" : "Singapore",
            "domain" : [
               "amazon.com",
               "amazonaws.com",
               "aws.com"
            ],
            "isineu" : "false",
            "latitude" : "1.352083",
            "location" : "1.352083,103.819836",
            "longitude" : "103.819836",
            "netname" : "AMAZON-SIN",
            "organization" : "Amazon Data Services Singapore",
            "subnet" : "13.250.0.0/15"
         },
         "host" : [
            "ec2-13-251-45-65"
         ],
         "hostname" : [
            "ec2-13-251-45-65.ap-southeast-1.compute.amazonaws.com"
         ],
         "ip" : "13.251.45.65",
         "ipv6" : "false",
         "latitude" : "1.2868",
         "location" : "1.2868,103.8503",
         "longitude" : "103.8503",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "AMAZON-02",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 4566,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "reverse" : [
            "ec2-13-251-45-65.ap-southeast-1.compute.amazonaws.com"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subdomains" : [
            "ap-southeast-1.compute.amazonaws.com",
            "compute.amazonaws.com"
         ],
         "subnet" : "13.250.0.0/15",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 201.108.163.107:4566 (tcp/http) - last seen on 2024-11-07 at 03:18:22 UTC

    • IP
      201.108.163.107
      Network
      201.108.0.0/14
      Domain(s)
      prod-dial.com.mx
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://201.108.163.107:4566/ 200

      HTTP Title
      VIVOTEK Web Console
      Reverse DNS
      dsl-201-108-163-107.prod-dial.com.mx
      ASN
      AS8151
      Organization
      UNINET
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e7b37d18794a44f0740d8ca524ef5bb2
      HTTP Header MD5
      5bf85e1ef94af60552a435cb3ab24afb
      HTTP Body MD5
      225e2055746af24acafc1dba663bfa8d
    • HTTP/1.1 200 OK
      Cache-Control: no-store, no-cache, must-revalidate
      Cache-Control: post-check=0, pre-check=0
      Pragma: no-cache
      Date: Wed Nov  6 21:18:22 2024 GMT--600
      Expires: Mon, 1 Mon 1990 00:00:00 GMT
      Set-Cookie: sid=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
      Content-Type: text/html
      Content-Length: 906
      
      <!DOCTYPE HTML>
      <html lang="en">
      	<head>
      		<meta http-equiv="X-UA-Compatible" content="IE=8" />
      		<meta http-equiv="content-type" content="text/html; charset=utf-8" />
      		<title>VIVOTEK Web Console</title>
      		<link href="css/index.css" media="all" rel="stylesheet" type="text/css" />
      		<script>
      			function SetAuth(type)
      			{
      				document.getElementById('AuthType').value = type;
      			}
      		</script>
      	</head>
      	<body>
      		<div >
      			<img id="logo" src="images/logo.png" />
      			<img id="user" src="images/User.png" />
      		</div>
      		
      		<form id="AuthForm" action="Authenticate.html" method="POST">
      			<input type="submit" id="VASTButton" value="Basic Account" onclick="SetAuth('digest')"/>
      
      			<input type="submit" id="ADButton" value="Windows AD Account" onclick="SetAuth('AD')"/>
      
      			<input id="AuthType" name="AuthType" type="hidden" value="" />
      		</form>
      				
      		</div>
      	</body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:18:22.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "225e2055746af24acafc1dba663bfa8d",
               "bodymmh3" : -1872607953,
               "headermd5" : "5bf85e1ef94af60552a435cb3ab24afb",
               "headermmh3" : -1313518093,
               "title" : "VIVOTEK Web Console"
            },
            "length" : 1228
         },
         "asn" : "AS8151",
         "city" : "Xalapa",
         "country" : "MX",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nCache-Control: no-store, no-cache, must-revalidate\r\nCache-Control: post-check=0, pre-check=0\r\nPragma: no-cache\r\nDate: Wed Nov  6 21:18:22 2024 GMT--600\r\nExpires: Mon, 1 Mon 1990 00:00:00 GMT\r\nSet-Cookie: sid=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT\r\nContent-Type: text/html\r\nContent-Length: 906\r\n\r\n<!DOCTYPE HTML>\r\n<html lang=\"en\">\r\n\t<head>\r\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8\" />\r\n\t\t<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\" />\r\n\t\t<title>VIVOTEK Web Console</title>\r\n\t\t<link href=\"css/index.css\" media=\"all\" rel=\"stylesheet\" type=\"text/css\" />\r\n\t\t<script>\r\n\t\t\tfunction SetAuth(type)\r\n\t\t\t{\r\n\t\t\t\tdocument.getElementById('AuthType').value = type;\r\n\t\t\t}\r\n\t\t</script>\r\n\t</head>\r\n\t<body>\r\n\t\t<div >\r\n\t\t\t<img id=\"logo\" src=\"images/logo.png\" />\r\n\t\t\t<img id=\"user\" src=\"images/User.png\" />\r\n\t\t</div>\r\n\t\t\r\n\t\t<form id=\"AuthForm\" action=\"Authenticate.html\" method=\"POST\">\r\n\t\t\t<input type=\"submit\" id=\"VASTButton\" value=\"Basic Account\" onclick=\"SetAuth('digest')\"/>\r\n\r\n\t\t\t<input type=\"submit\" id=\"ADButton\" value=\"Windows AD Account\" onclick=\"SetAuth('AD')\"/>\r\n\r\n\t\t\t<input id=\"AuthType\" name=\"AuthType\" type=\"hidden\" value=\"\" />\r\n\t\t</form>\r\n\t\t\t\t\r\n\t\t</div>\r\n\t</body>\r\n</html>\r\n",
         "datamd5" : "e7b37d18794a44f0740d8ca524ef5bb2",
         "datammh3" : -442391697,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "prod-dial.com.mx"
         ],
         "geolocus" : {
            "asn" : "AS8151",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "MX",
            "countryname" : "Mexico",
            "domain" : [
               "uninet-ide.com.mx",
               "uninet.com.mx"
            ],
            "isineu" : "false",
            "latitude" : "23.634501",
            "location" : "23.634501,-102.552784",
            "longitude" : "-102.552784",
            "netname" : "MX-USCV4-LACNIC",
            "organization" : "UNINET",
            "subnet" : "201.96.0.0/12"
         },
         "host" : [
            "dsl-201-108-163-107"
         ],
         "hostname" : [
            "dsl-201-108-163-107.prod-dial.com.mx"
         ],
         "ip" : "201.108.163.107",
         "ipv6" : "false",
         "latitude" : "19.3107",
         "location" : "19.3107,-96.9638",
         "longitude" : "-96.9638",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "UNINET",
         "os" : "Windows",
         "osvendor" : "Microsoft",
         "port" : 4566,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "reverse" : [
            "dsl-201-108-163-107.prod-dial.com.mx"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "201.108.0.0/14",
         "tld" : [
            "com.mx"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 95.189.103.234:4566 (tcp/http) - last seen on 2024-11-07 at 03:18:01 UTC

    • IP
      95.189.103.234
      Network
      95.189.96.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://95.189.103.234:4566/ 200

      HTTP Title
      IIS Windows
      ASN
      AS12389
      Organization
      Rostelecom
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      Microsoft IIS 10.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      01193d3fd55f7980fcb64ff1fb8b75c9
      HTTP Header MD5
      498aa3fde37c67fc39d713f9b02f652c
      HTTP Body MD5
      1dd82f6fc356bc3cddf7e82615de177c
    • HTTP/1.1 200 OK
      Content-Type: text/html
      Last-Modified: Fri, 18 Jun 2021 12:30:04 GMT
      Accept-Ranges: bytes
      ETag: "958043aa3d64d71:0"
      Server: Microsoft-IIS/10.0
      Date: Thu, 07 Nov 2024 03:18:01 GMT
      Connection: close
      Content-Length: 696
      
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
      <html xmlns="http://www.w3.org/1999/xhtml">
      <head>
      <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
      <title>IIS Windows</title>
      <style type="text/css">
      <!--
      body {
      	color:#000000;
      	background-color:#0072C6;
      	margin:0;
      }
      
      #container {
      	margin-left:auto;
      	margin-right:auto;
      	text-align:center;
      	}
      
      a img {
      	border:none;
      }
      
      -->
      </style>
      </head>
      <body>
      <div id="container">
      <a href="http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409"><img src="iisstart.png" alt="IIS" width="960" height="600" /></a>
      </div>
      </body>
      </html>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:18:01.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "w3.org",
                  "microsoft.com"
               ],
               "hostname" : [
                  "go.microsoft.com",
                  "www.w3.org"
               ],
               "url" : [
                  "http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409",
                  "http://www.w3.org/1999/xhtml",
                  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
               ]
            },
            "http" : {
               "bodymd5" : "1dd82f6fc356bc3cddf7e82615de177c",
               "bodymmh3" : 1971329886,
               "header" : [
                  {
                     "value" : "Fri, 18 Jun 2021 12:30:04 GMT",
                     "name" : "Last-Modified"
                  },
                  {
                     "name" : "ETag",
                     "value" : "958043aa3d64d71:0"
                  }
               ],
               "headermd5" : "498aa3fde37c67fc39d713f9b02f652c",
               "headermmh3" : 1345705608,
               "title" : "IIS Windows"
            },
            "length" : 940
         },
         "asn" : "AS12389",
         "city" : "Chita",
         "country" : "RU",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nLast-Modified: Fri, 18 Jun 2021 12:30:04 GMT\r\nAccept-Ranges: bytes\r\nETag: \"958043aa3d64d71:0\"\r\nServer: Microsoft-IIS/10.0\r\nDate: Thu, 07 Nov 2024 03:18:01 GMT\r\nConnection: close\r\nContent-Length: 696\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\r\n<title>IIS Windows</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody {\r\n\tcolor:#000000;\r\n\tbackground-color:#0072C6;\r\n\tmargin:0;\r\n}\r\n\r\n#container {\r\n\tmargin-left:auto;\r\n\tmargin-right:auto;\r\n\ttext-align:center;\r\n\t}\r\n\r\na img {\r\n\tborder:none;\r\n}\r\n\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"container\">\r\n<a href=\"http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409\"><img src=\"iisstart.png\" alt=\"IIS\" width=\"960\" height=\"600\" /></a>\r\n</div>\r\n</body>\r\n</html>",
         "datamd5" : "01193d3fd55f7980fcb64ff1fb8b75c9",
         "datammh3" : 625036870,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS39407",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "RU",
            "countryname" : "Russia",
            "domain" : [
               "rt.ru",
               "sinor.ru"
            ],
            "isineu" : "false",
            "latitude" : "61.52401",
            "location" : "61.52401,105.318756",
            "longitude" : "105.318756",
            "netname" : "WEBSTREAM",
            "organization" : "OJSC \"Sibirtelecom",
            "subnet" : "95.189.96.0/20"
         },
         "ip" : "95.189.103.234",
         "ipv6" : "false",
         "latitude" : "52.0388",
         "location" : "52.0388,113.5595",
         "longitude" : "113.5595",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Rostelecom",
         "os" : "Windows",
         "osvendor" : "Microsoft",
         "osversion" : [
            "Server 2016",
            10
         ],
         "port" : 4566,
         "product" : "IIS",
         "productvendor" : "Microsoft",
         "productversion" : "10.0",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "95.189.96.0/20",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 203.83.10.253:4566 (tcp/http) - last seen on 2024-11-07 at 03:18:00 UTC

    • IP
      203.83.10.253
      Network
      203.83.8.0/22
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://203.83.10.253:4566/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS132883
      Organization
      TOPWAY GLOBAL LIMITED
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      F5 Nginx 1.17.6
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      023c8c5e51d9ce9369af8e1f921f5e3f
      HTTP Header MD5
      f4eaba8998b0e515f84d95c1ad5ea5c7
      HTTP Body MD5
      a2b4897849c71fbcb21dd632d3506361
    • HTTP/1.1 400 Bad Request
      Server: nginx/1.17.6
      Date: Thu, 07 Nov 2024 03:18:00 GMT
      Content-Type: text/html
      Content-Length: 255
      Connection: close
      
      <html>
      <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <center>The plain HTTP request was sent to HTTPS port</center>
      <hr><center>nginx/1.17.6</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:18:00.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "a2b4897849c71fbcb21dd632d3506361",
               "bodymmh3" : -2063426561,
               "headermd5" : "f4eaba8998b0e515f84d95c1ad5ea5c7",
               "headermmh3" : 912304483,
               "title" : "400 The plain HTTP request was sent to HTTPS port"
            },
            "length" : 407
         },
         "asn" : "AS132883",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 03:18:00 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.17.6</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "023c8c5e51d9ce9369af8e1f921f5e3f",
         "datammh3" : 457427036,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS132883",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "cnaaa.com",
               "cnnic.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "cnaaa",
            "organization" : "Jiangsu Sanai network science and technology co ,LTD",
            "subnet" : "203.83.8.0/22"
         },
         "ip" : "203.83.10.253",
         "ipv6" : "false",
         "latitude" : "34.7732",
         "location" : "34.7732,113.7220",
         "longitude" : "113.7220",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "TOPWAY GLOBAL LIMITED",
         "os" : "Windows",
         "osvendor" : "Microsoft",
         "port" : 4566,
         "product" : "Nginx",
         "productvendor" : "F5",
         "productversion" : "1.17.6",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "203.83.8.0/22",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 69.191.242.59:4566 (tcp/http) - last seen on 2024-11-07 at 03:17:38 UTC

    • IP
      69.191.242.59
      Network
      69.191.240.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://69.191.242.59:4566/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS10361
      Organization
      BLOOMBERG-NET
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0c1820e0d381850a77897bf32978a1f0
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      ea425366a98dfc499c0cbeedb9a4f02a
    • HTTP/1.1 400 Bad Request
      Server: nginx
      Date: Thu, 07 Nov 2024 03:17:38 GMT
      Content-Type: text/html
      Content-Length: 248
      Connection: close
      
      <html>
      <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <center>The plain HTTP request was sent to HTTPS port</center>
      <hr><center>nginx</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:17:38.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
               "bodymmh3" : 1153229498,
               "headermd5" : "a629a0fe278971ad61801ba6975ba467",
               "headermmh3" : 857695530,
               "title" : "400 The plain HTTP request was sent to HTTPS port"
            },
            "length" : 393
         },
         "asn" : "AS10361",
         "city" : "Hoboken",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:17:38 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
         "datammh3" : 190190724,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS10361",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "bloomberg.com",
               "bloomberg.net"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "BLOOMBERG-NET-2",
            "organization" : "Bloomberg Financial Market",
            "subnet" : "69.191.240.0/20"
         },
         "ip" : "69.191.242.59",
         "ipv6" : "false",
         "latitude" : "40.7424",
         "location" : "40.7424,-74.0325",
         "longitude" : "-74.0325",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "BLOOMBERG-NET",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 4566,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "69.191.240.0/20",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 104.250.52.14:4566 (tcp/unknown) - last seen on 2024-11-07 at 03:10:49 UTC

    • IP
      104.250.52.14
      Network
      104.250.48.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      ASN
      AS137280
      Organization
      Kingsoft cloud corporation limited
      Protocol
      unknown
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      68b329da9893e34099c7d8ad5cb9c940
    • 
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:10:49.000Z",
         "app" : {
            "length" : 1
         },
         "asn" : "AS137280",
         "city" : "Singapore",
         "country" : "SG",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "\n",
         "datamd5" : "68b329da9893e34099c7d8ad5cb9c940",
         "datammh3" : -1840324437,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS137280",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "HK",
            "countryname" : "Hong Kong",
            "domain" : [
               "kingsoft.com"
            ],
            "isineu" : "false",
            "latitude" : "22.396428",
            "location" : "22.396428,114.109497",
            "longitude" : "114.109497",
            "netname" : "KSYUNGLOBAL-HK",
            "organization" : "Kingsoft cloud corporation limited",
            "subnet" : "104.250.52.0/22"
         },
         "ip" : "104.250.52.14",
         "ipv6" : "false",
         "latitude" : "1.2868",
         "location" : "1.2868,103.8503",
         "longitude" : "103.8503",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Kingsoft cloud corporation limited",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 4566,
         "protocol" : "unknown",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "subnet" : "104.250.48.0/20",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 109.63.94.211:4566 (tcp/http) - last seen on 2024-11-07 at 03:10:48 UTC

    • IP
      109.63.94.211
      Network
      109.63.80.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://109.63.94.211:4566/ 401

      HTTP Title
      Unauthorized
      ASN
      AS51375
      Organization
      Stc Bahrain B.s.c Closed
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      HTTP Component(s)
      Plex Media Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2de861031040181ee2188040cc83180e
      HTTP Header MD5
      9ca01530123920eac6307b32e7d89d3b
      HTTP Body MD5
      58839c8a9d6616ca62adc7b6e3610676
    • HTTP/1.1 401 Unauthorized
      X-Plex-Protocol: 1.0
      Content-Length: 193
      Content-Type: text/html
      Connection: close
      Cache-Control: no-cache
      Date: Thu, 07 Nov 2024 03:10:47 GMT
      
      <html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:10:48.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
               "bodymmh3" : 1524593440,
               "component" : [
                  {
                     "product" : "Media Server",
                     "productvendor" : "Plex"
                  }
               ],
               "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
               "headermmh3" : 2054410825,
               "title" : "Unauthorized"
            },
            "length" : 371
         },
         "asn" : "AS51375",
         "city" : "Hamad Town",
         "country" : "BH",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 07 Nov 2024 03:10:47 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
         "datamd5" : "2de861031040181ee2188040cc83180e",
         "datammh3" : -1584694499,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "ip" : "109.63.94.211",
         "ipv6" : "false",
         "latitude" : "26.1180",
         "location" : "26.1180,50.5011",
         "longitude" : "50.5011",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Stc Bahrain B.s.c Closed",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 4566,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Unauthorized",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 401,
         "subnet" : "109.63.80.0/20",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 44.244.33.218:4566 (tcp/http) - last seen on 2024-11-07 at 03:10:47 UTC

    • IP
      44.244.33.218
      Network
      44.224.0.0/11
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://44.244.33.218:4566/ 200

      HTTP Title
      Infocon Holding - EasyIO-30P Sedona
      Reverse DNS
      ec2-44-244-33-218.us-west-2.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a0d13f5a8644408f638911c1a4d30bc0
      HTTP Header MD5
      b93e910767bc7dd35ce0736d46622fe3
      HTTP Body MD5
      1852f44d5a4231d68b3b2ca70e893cc5
    • HTTP/1.1 200 OK
      Connection: close
      Date: Thu, 07 Nov 2024 03:10:47 GMT
      Server: nginx
      Content-Type: text/html
      Content-Length: 1289
      
      <html><head><link rel=stylesheet type="text/css" href=menu.css><title>Infocon Holding - EasyIO-30P Sedona</title></head><body style="margin:0;" onload="onDocLoad();"><script language=javascript src=menuitem.js></script><script language=javascript src=menusc.js></script><div id=dropMenu onmouseout="onDropMenuMouseout(event);" onmouseover="onDropMenuMouseover();"></div><TABLE width=100% cellSpacing=0 cellPadding=0 bgcolor=#ffffff border=0 align=center><tr><td height=53px><img src=logo.gif class='clsMenu'><img src=btl.jpg></td></tr><tr><td><table width=100% bgcolor=#ece9d8 cellSpacing=0 cellPadding=2 border=1><tr id=menubar><td height=28><span id=mmenu onmouseover="onMenuBarMouseover();"></span></td><td id=login></td><td id=userid></td></tr></table></td></tr><tr height=768 valign=top align=center bgcolor="white"><td><table><tr><td colspan=2 height=10></td></tr><TR><Th colspan=2 id="cTtl"></Th></TR><tr><td align=center colspan=2><br></td></tr><tr><td colspan=2 height=10></td></tr><tr><td colspan=2 ID="cTbl"></td></tr><tr><td colspan=2 height=10></td></tr></table></td></tr></table><script language=javascript src=main.js></script><script language=javascript src=table.js></script><script language=javascript>function onDocLoad(){cTxtTbl();createMenu();}</script></body></html>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:10:47.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "1852f44d5a4231d68b3b2ca70e893cc5",
               "bodymmh3" : 777722857,
               "headermd5" : "b93e910767bc7dd35ce0736d46622fe3",
               "headermmh3" : 999796036,
               "title" : "Infocon Holding - EasyIO-30P Sedona"
            },
            "length" : 1426
         },
         "asn" : "AS16509",
         "city" : "Boardman",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 03:10:47 GMT\r\nServer: nginx\r\nContent-Type: text/html\r\nContent-Length: 1289\r\n\r\n<html><head><link rel=stylesheet type=\"text/css\" href=menu.css><title>Infocon Holding - EasyIO-30P Sedona</title></head><body style=\"margin:0;\" onload=\"onDocLoad();\"><script language=javascript src=menuitem.js></script><script language=javascript src=menusc.js></script><div id=dropMenu onmouseout=\"onDropMenuMouseout(event);\" onmouseover=\"onDropMenuMouseover();\"></div><TABLE width=100% cellSpacing=0 cellPadding=0 bgcolor=#ffffff border=0 align=center><tr><td height=53px><img src=logo.gif class='clsMenu'><img src=btl.jpg></td></tr><tr><td><table width=100% bgcolor=#ece9d8 cellSpacing=0 cellPadding=2 border=1><tr id=menubar><td height=28><span id=mmenu onmouseover=\"onMenuBarMouseover();\"></span></td><td id=login></td><td id=userid></td></tr></table></td></tr><tr height=768 valign=top align=center bgcolor=\"white\"><td><table><tr><td colspan=2 height=10></td></tr><TR><Th colspan=2 id=\"cTtl\"></Th></TR><tr><td align=center colspan=2><br></td></tr><tr><td colspan=2 height=10></td></tr><tr><td colspan=2 ID=\"cTbl\"></td></tr><tr><td colspan=2 height=10></td></tr></table></td></tr></table><script language=javascript src=main.js></script><script language=javascript src=table.js></script><script language=javascript>function onDocLoad(){cTxtTbl();createMenu();}</script></body></html>\u0000",
         "datamd5" : "a0d13f5a8644408f638911c1a4d30bc0",
         "datammh3" : -2071317735,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "amazonaws.com"
         ],
         "geolocus" : {
            "asn" : "AS16509",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "amazon.com",
               "amazonaws.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "AMAZO-ZPDX",
            "organization" : "Amazon.com, Inc.",
            "subnet" : "44.224.0.0/11"
         },
         "host" : [
            "ec2-44-244-33-218"
         ],
         "hostname" : [
            "ec2-44-244-33-218.us-west-2.compute.amazonaws.com"
         ],
         "ip" : "44.244.33.218",
         "ipv6" : "false",
         "latitude" : "45.8491",
         "location" : "45.8491,-119.7143",
         "longitude" : "-119.7143",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "AMAZON-02",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 4566,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "reverse" : [
            "ec2-44-244-33-218.us-west-2.compute.amazonaws.com"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subdomains" : [
            "compute.amazonaws.com",
            "us-west-2.compute.amazonaws.com"
         ],
         "subnet" : "44.224.0.0/11",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }