Cyber Defense Search Engine

IP
192.9.144.142

Network
192.9.128.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://192.9.144.142:563/ 404

ASN
AS31898

Organization
ORACLE-BMC-31898

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a3cd00a196cde5ea124d92a8eaef2177

HTTP Header MD5
962341e5c600ce0bd0add6892f8f6280

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 404 Not Found
Date: Thu, 07 Nov 2024 05:32:03 GMT
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:32:03.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "962341e5c600ce0bd0add6892f8f6280",
         "headermmh3" : -1605812643
      },
      "length" : 101
   },
   "asn" : "AS31898",
   "city" : "San Jose",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 404 Not Found\r\nDate: Thu, 07 Nov 2024 05:32:03 GMT\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "a3cd00a196cde5ea124d92a8eaef2177",
   "datammh3" : -2033630795,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS31898",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "oracle.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ORACLE-BRM1",
      "organization" : "Oracle Corporation",
      "subnet" : "192.9.0.0/16"
   },
   "ip" : "192.9.144.142",
   "ipv6" : "false",
   "latitude" : "37.2379",
   "location" : "37.2379,-121.7946",
   "longitude" : "-121.7946",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ORACLE-BMC-31898",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "192.9.128.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
222.187.219.238

Network
222.186.0.0/15

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://222.187.219.238:563/ 400

HTTP Title
Bad Request

ASN
AS4134

Organization
Chinanet

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1e3da087cece0c04e321b39f7db77842

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
112a99975e327b76e1a2242ca34a4c3f

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 05:31:40 GMT
Connection: close
Content-Length: 334

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Hostname</h2>
<hr><p>HTTP Error 400. The request hostname is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:31:41.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "112a99975e327b76e1a2242ca34a4c3f",
         "bodymmh3" : 2139917292,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : -72204221,
         "title" : "Bad Request"
      },
      "length" : 513
   },
   "asn" : "AS4134",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 05:31:40 GMT\r\nConnection: close\r\nContent-Length: 334\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Hostname</h2>\r\n<hr><p>HTTP Error 400. The request hostname is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "1e3da087cece0c04e321b39f7db77842",
   "datammh3" : 1555438320,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4134",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "163.com",
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-JS",
      "organization" : "CHINANET jiangsu province network",
      "subnet" : "222.184.0.0/14"
   },
   "ip" : "222.187.219.238",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Chinanet",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 563,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "222.186.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
64.44.61.3

Network
64.44.0.0/18

Domain(s)
3-61-44-64.reverse-dns

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://64.44.61.3:563/ 401

Reverse DNS
3-61-44-64.reverse-dns

ASN
AS20278

Organization
NEXEON

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
16234ea1da40e03f1317c21396981c69

HTTP Header MD5
8f4a29b9be97398ee40f9827947fcbaf

HTTP Body MD5
9c13653d29a59fbb245670a68c158d4c

HTTP/1.1 401 Unauthorized
Date: Thu, 07 Nov 2024 05:31:40 UTC
Content-Type: text/plain;charset=UTF-8
Connection: keep-alive
TeamCity-Node-Id: MAIN_SERVER
WWW-Authenticate: Basic realm="TeamCity"
WWW-Authenticate: Bearer realm="TeamCity"
Cache-Control: no-store

Authentication required
To login manually go to "/login.html" page

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:31:40.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "9c13653d29a59fbb245670a68c158d4c",
         "bodymmh3" : 866407170,
         "headermd5" : "8f4a29b9be97398ee40f9827947fcbaf",
         "headermmh3" : -1124114884,
         "realm" : "TeamCity"
      },
      "length" : 337
   },
   "asn" : "AS20278",
   "city" : "Chicago",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nDate: Thu, 07 Nov 2024 05:31:40 UTC\r\nContent-Type: text/plain;charset=UTF-8\r\nConnection: keep-alive\r\nTeamCity-Node-Id: MAIN_SERVER\r\nWWW-Authenticate: Basic realm=\"TeamCity\"\r\nWWW-Authenticate: Bearer realm=\"TeamCity\"\r\nCache-Control: no-store\r\n\r\nAuthentication required\nTo login manually go to \"/login.html\" page",
   "datamd5" : "16234ea1da40e03f1317c21396981c69",
   "datammh3" : 1096304710,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "3-61-44-64.reverse-dns"
   ],
   "geolocus" : {
      "asn" : "AS20278",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "1-0-44-64-.reverse-dns",
         "nexeontech.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NEXEON-IPV4-6",
      "organization" : "Nexeon Technologies, Inc.",
      "subnet" : "64.44.0.0/18"
   },
   "hostname" : [
      "3-61-44-64.reverse-dns"
   ],
   "ip" : "64.44.61.3",
   "ipv6" : "false",
   "latitude" : "41.8879",
   "location" : "41.8879,-88.1995",
   "longitude" : "-88.1995",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "NEXEON",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "3-61-44-64.reverse-dns"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "64.44.0.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "reverse-dns"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
103.56.92.201

Network
103.56.92.0/23

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://103.56.92.201:563/ 302

ASN
AS58477

Organization
Argon Data Communication

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Apache HTTP Server 2.4.54

HTTP Component(s)
OpenSSL OpenSSL 1.1.1p PHP PHP 7.4.30

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
400e9f78d391b66642b3b46892bf34fd

HTTP Header MD5
bcf983bb29cf6cbcc8aa580517b37fab

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Date: Thu, 07 Nov 2024 05:31:17 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
X-Powered-By: PHP/7.4.30
Location: http://<ip>:563/simrsrabain/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:31:18.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "product" : "PHP",
               "productversion" : "7.4.30",
               "productvendor" : "PHP"
            },
            {
               "product" : "OpenSSL",
               "productvendor" : "OpenSSL",
               "productversion" : "1.1.1p"
            }
         ],
         "headermd5" : "bcf983bb29cf6cbcc8aa580517b37fab",
         "headermmh3" : 1489821423
      },
      "length" : 260
   },
   "asn" : "AS58477",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 05:31:17 GMT\r\nServer: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30\r\nX-Powered-By: PHP/7.4.30\r\nLocation: http://<ip>:563/simrsrabain/\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n",
   "datamd5" : "400e9f78d391b66642b3b46892bf34fd",
   "datammh3" : -429198336,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS58477",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "maudynetwork.id"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "IDNIC-MNK-ID",
      "organization" : "CV Maudy Network Komunikasi",
      "subnet" : "103.56.92.0/23"
   },
   "ip" : "103.56.92.201",
   "ipv6" : "false",
   "latitude" : "-6.1728",
   "location" : "-6.1728,106.8272",
   "longitude" : "106.8272",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Argon Data Communication",
   "os" : "Windows",
   "osbits" : 64,
   "osvendor" : "Microsoft",
   "port" : 563,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.54",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "103.56.92.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
14.100.37.218

Network
14.100.0.0/17

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://14.100.37.218:563/ 401

HTTP Title
Unauthorized

ASN
AS9506

Organization
Singtel Fibre Broadband

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

HTTP Component(s)
Plex Media Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2de861031040181ee2188040cc83180e

HTTP Header MD5
9ca01530123920eac6307b32e7d89d3b

HTTP Body MD5
58839c8a9d6616ca62adc7b6e3610676

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 07 Nov 2024 05:31:17 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:31:17.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "product" : "Media Server",
               "productvendor" : "Plex"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : -53989072,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS9506",
   "city" : "Singapore",
   "country" : "SG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 07 Nov 2024 05:31:17 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9506",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "SG",
      "countryname" : "Singapore",
      "domain" : [
         "singnet.com.sg"
      ],
      "isineu" : "false",
      "latitude" : "1.352083",
      "location" : "1.352083,103.819836",
      "longitude" : "103.819836",
      "netname" : "SINGNET-SG",
      "organization" : "SingNet Pte Ltd",
      "subnet" : "14.100.0.0/17"
   },
   "ip" : "14.100.37.218",
   "ipv6" : "false",
   "latitude" : "1.3236",
   "location" : "1.3236,103.7909",
   "longitude" : "103.7909",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Singtel Fibre Broadband",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "14.100.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
96.71.120.42

Network
96.64.0.0/11

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://96.71.120.42:563/ 200

ASN
AS7922

Organization
COMCAST-7922

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
fa5f73369c2cf74b9976133471387628

HTTP Header MD5
f133e42ed94a1823eabeff2e3a111dde

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.0 200 OK
Server:IP Camera
Date: Wed Feb  7 02:09:16 2024 GMT
Cache-Control: no-store
Pragma: no-cache
Content-Type: application/x-rtsp-tunnelled

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:38.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "headermd5" : "f133e42ed94a1823eabeff2e3a111dde",
         "headermmh3" : 72683295
      },
      "length" : 160
   },
   "asn" : "AS7922",
   "city" : "Sarasota",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nServer:IP Camera\r\nDate: Wed Feb  7 02:09:16 2024 GMT\r\nCache-Control: no-store\r\nPragma: no-cache\r\nContent-Type: application/x-rtsp-tunnelled\r\n\r\n",
   "datamd5" : "fa5f73369c2cf74b9976133471387628",
   "datammh3" : 702918186,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS7922",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "comcast.com",
         "comcast.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MICHIGAN-CCCS-35",
      "organization" : "Comcast Cable Communications, LLC",
      "subnet" : "96.64.0.0/12"
   },
   "ip" : "96.71.120.42",
   "ipv6" : "false",
   "latitude" : "27.3254",
   "location" : "27.3254,-82.4733",
   "longitude" : "-82.4733",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "COMCAST-7922",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "96.64.0.0/11",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
164.215.124.234

Network
164.215.112.0/20

Domain(s)
poda.cz

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://164.215.124.234:563/ 302

Reverse DNS
static-2765585642.poda.cz

ASN
AS30764

Organization
PODA a.s.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
d288d9dc31029dbfd0ec2ca9d8a35695

HTTP Header MD5
f9434fba64e80d7c044c4cdf72ee9381

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 
Location: https://<ip>:563/
Content-Length: 0
Date: Thu, 07 Nov 2024 05:30:05 GMT
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "f9434fba64e80d7c044c4cdf72ee9381",
         "headermmh3" : 554257337
      },
      "length" : 121
   },
   "asn" : "AS30764",
   "city" : "Ostrava",
   "country" : "CZ",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 \r\nLocation: https://<ip>:563/\r\nContent-Length: 0\r\nDate: Thu, 07 Nov 2024 05:30:05 GMT\r\nConnection: close\r\n\r\n",
   "datamd5" : "d288d9dc31029dbfd0ec2ca9d8a35695",
   "datammh3" : 1561419619,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "poda.cz"
   ],
   "host" : [
      "static-2765585642"
   ],
   "hostname" : [
      "static-2765585642.poda.cz"
   ],
   "ip" : "164.215.124.234",
   "ipv6" : "false",
   "latitude" : "49.7977",
   "location" : "49.7977,18.2311",
   "longitude" : "18.2311",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PODA a.s.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reverse" : [
      "static-2765585642.poda.cz"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "164.215.112.0/20",
   "tld" : [
      "cz"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
154.177.90.38

Network
154.176.0.0/12

Domain(s)
tedata.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://154.177.90.38:563/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
host-154.177.38.90-static.tedata.net

ASN
AS8452

Organization
TE Data

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:24:30 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:24:30.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 471134111,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS8452",
   "city" : "Cairo",
   "country" : "EG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:24:30 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "tedata.net"
   ],
   "geolocus" : {
      "asn" : "AS8452",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "EG",
      "countryname" : "Egypt",
      "domain" : [
         "te.eg",
         "tedata.net"
      ],
      "isineu" : "false",
      "latitude" : "26.820553",
      "location" : "26.820553,30.802498",
      "longitude" : "30.802498",
      "netname" : "All-41",
      "organization" : "Telecom-Egypt-Data",
      "subnet" : "154.177.0.0/16"
   },
   "host" : [
      "host-154"
   ],
   "hostname" : [
      "host-154.177.38.90-static.tedata.net"
   ],
   "ip" : "154.177.90.38",
   "ipv6" : "false",
   "latitude" : "30.0588",
   "location" : "30.0588,31.2268",
   "longitude" : "31.2268",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TE Data",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 563,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "host-154.177.38.90-static.tedata.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "90-static.tedata.net",
      "177.38.90-static.tedata.net",
      "38.90-static.tedata.net"
   ],
   "subnet" : "154.176.0.0/12",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
62.146.38.23

Network
62.146.0.0/17

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://62.146.38.23:563/

HTTP Title
400 Bad Request

ASN
AS15598

Organization
NorthC Deutschland GmbH

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

HTTP Component(s)
Apache HTTP Server 2.2.14

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e71ffb6e390417bd5fd5b1a980327ff2

HTTP Header MD5
e71ffb6e390417bd5fd5b1a980327ff2

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
Instead use the HTTPS scheme to access this URL, please.<br />
<blockquote>Hint: <a href="https://tim.int.webt3ch.net/"><b>https://tim.int.webt3ch.net/</b></a></blockquote></p>
<hr>
<address>Apache/2.2.14 (Ubuntu) Server at tim.int.webt3ch.net Port 443</address>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:24:07.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "webt3ch.net"
         ],
         "hostname" : [
            "tim.int.webt3ch.net"
         ],
         "url" : [
            "https://tim.int.webt3ch.net/"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "productvendor" : "Apache",
               "productversion" : "2.2.14",
               "product" : "HTTP Server"
            }
         ],
         "headermd5" : "e71ffb6e390417bd5fd5b1a980327ff2",
         "headermmh3" : -1304831057,
         "title" : "400 Bad Request"
      },
      "length" : 556
   },
   "asn" : "AS15598",
   "city" : "Dernbach",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\nReason: You're speaking plain HTTP to an SSL-enabled server port.<br />\nInstead use the HTTPS scheme to access this URL, please.<br />\n<blockquote>Hint: <a href=\"https://tim.int.webt3ch.net/\"><b>https://tim.int.webt3ch.net/</b></a></blockquote></p>\n<hr>\n<address>Apache/2.2.14 (Ubuntu) Server at tim.int.webt3ch.net Port 443</address>\n</body></html>\n",
   "datamd5" : "e71ffb6e390417bd5fd5b1a980327ff2",
   "datammh3" : -1304831057,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "62.146.38.23",
   "ipv6" : "false",
   "latitude" : "50.4656",
   "location" : "50.4656,7.7860",
   "longitude" : "7.7860",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "NorthC Deutschland GmbH",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 563,
   "protocol" : "http",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "62.146.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
36.95.73.81

Network
36.80.0.0/12

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://36.95.73.81:563/ 302

ASN
AS7713

Organization
PT Telekomunikasi Indonesia

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Apache HTTP Server 2.4.4

HTTP Component(s)
PHP PHP 5.4.19 OpenSSL OpenSSL 0.9.8y

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
54ea41491e21ccdb5638fd4ac1c76a2a

HTTP Header MD5
e6ce841cf146256fa0db76a2ef644b36

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Date: Thu, 07 Nov 2024 05:23:17 GMT
Server: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.19
X-Powered-By: PHP/5.4.19
Location: http://<ip>:563/dashboard/
Content-Length: 0
Connection: close
Content-Type: text/html

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:23:17.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "productvendor" : "PHP",
               "productversion" : "5.4.19",
               "product" : "PHP"
            },
            {
               "productversion" : "0.9.8y",
               "productvendor" : "OpenSSL",
               "product" : "OpenSSL"
            }
         ],
         "headermd5" : "e6ce841cf146256fa0db76a2ef644b36",
         "headermmh3" : -1204558361
      },
      "length" : 242
   },
   "asn" : "AS7713",
   "city" : "Galur",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 05:23:17 GMT\r\nServer: Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.19\r\nX-Powered-By: PHP/5.4.19\r\nLocation: http://<ip>:563/dashboard/\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html\r\n\r\n",
   "datamd5" : "54ea41491e21ccdb5638fd4ac1c76a2a",
   "datammh3" : 418246376,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS7713",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "telin.net",
         "telkom.co.id",
         "telkom.net.id"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "TELKOMNET",
      "organization" : "Telekomunikasi Indonesia (PT)",
      "subnet" : "36.95.72.0/21"
   },
   "ip" : "36.95.73.81",
   "ipv6" : "false",
   "latitude" : "-6.2294",
   "location" : "-6.2294,106.8870",
   "longitude" : "106.8870",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PT Telekomunikasi Indonesia",
   "os" : "Windows",
   "osbits" : 32,
   "osvendor" : "Microsoft",
   "port" : 563,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.4",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "36.80.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 17,859 in 0.080 second(s)

192.9.144.142:563 (tcp/http) - last seen on 2024-11-07 at 05:32:03 UTC

222.187.219.238:563 (tcp/http) - last seen on 2024-11-07 at 05:31:41 UTC

64.44.61.3:563 (tcp/http) - last seen on 2024-11-07 at 05:31:40 UTC

103.56.92.201:563 (tcp/http) - last seen on 2024-11-07 at 05:31:18 UTC

14.100.37.218:563 (tcp/http) - last seen on 2024-11-07 at 05:31:17 UTC

96.71.120.42:563 (tcp/http) - last seen on 2024-11-07 at 05:30:38 UTC

164.215.124.234:563 (tcp/http) - last seen on 2024-11-07 at 05:30:05 UTC

154.177.90.38:563 (tcp/http) - last seen on 2024-11-07 at 05:24:30 UTC

62.146.38.23:563 (tcp/http) - last seen on 2024-11-07 at 05:24:07 UTC

36.95.73.81:563 (tcp/http) - last seen on 2024-11-07 at 05:23:17 UTC