Cyber Defense Search Engine

IP
143.47.186.76

Network
143.47.176.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS31898

Organization
ORACLE-BMC-31898

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
68b329da9893e34099c7d8ad5cb9c940

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:57:28.000Z",
   "app" : {
      "length" : 1
   },
   "asn" : "AS31898",
   "city" : "Amsterdam",
   "country" : "NL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n",
   "datamd5" : "68b329da9893e34099c7d8ad5cb9c940",
   "datammh3" : -1840324437,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS31898",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "IE",
      "countryname" : "Ireland",
      "domain" : [
         "oracle.com",
         "oracleemaildelivery.com"
      ],
      "isineu" : "true",
      "latitude" : "53.41291",
      "location" : "53.41291,-8.24389",
      "longitude" : "-8.24389",
      "netname" : "ORACLE-IE",
      "organization" : "Oracle Svenska AB",
      "subnet" : "143.47.0.0/16"
   },
   "ip" : "143.47.186.76",
   "ipv6" : "false",
   "latitude" : "52.3520",
   "location" : "52.3520,4.9392",
   "longitude" : "4.9392",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ORACLE-BMC-31898",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5988,
   "protocol" : "unknown",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "143.47.176.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
211.83.5.89

Network
211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.5.89:5988/ 200

ASN
AS4538

Organization
China Education and Research Network Center

Protocol
http

Source
datascan
Product
Apache HTTP Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
bbbbb7fb688308c056ecc3320e0ab633

HTTP Header MD5
97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5
d67fd62cd234dd0c9e7aabec238c313e

HTTP/1.1 200 ok
Server: Apache
Content-Length:  221
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:5988/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:57:08.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.100.100.114",
            "211.83.41.225"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "d67fd62cd234dd0c9e7aabec238c313e",
         "bodymmh3" : 1825971859,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : -1664957083
      },
      "length" : 311
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  221\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:5988/'</script>\r\n\r\n",
   "datamd5" : "bbbbb7fb688308c056ecc3320e0ab633",
   "datammh3" : -554375618,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.5.89",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 5988,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
174.173.37.2

Network
174.168.0.0/13

Domain(s)
comcast.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://174.173.37.2:5988/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
c-174-173-37-2.hsd1.pa.comcast.net

ASN
AS7922

Organization
COMCAST-7922

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 08:57:03 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:57:03.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 700119283,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS7922",
   "city" : "Wallingford",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:57:03 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "comcast.net"
   ],
   "geolocus" : {
      "asn" : "AS7922",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "comcast.com",
         "comcast.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "COMCAST-VOIP-4",
      "organization" : "Comcast Cable Communications, LLC",
      "subnet" : "174.160.0.0/11"
   },
   "host" : [
      "c-174-173-37-2"
   ],
   "hostname" : [
      "c-174-173-37-2.hsd1.pa.comcast.net"
   ],
   "ip" : "174.173.37.2",
   "ipv6" : "false",
   "latitude" : "39.8924",
   "location" : "39.8924,-75.3585",
   "longitude" : "-75.3585",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "COMCAST-7922",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5988,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "c-174-173-37-2.hsd1.pa.comcast.net"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "hsd1.pa.comcast.net",
      "pa.comcast.net"
   ],
   "subnet" : "174.168.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
37.140.216.147

Network
37.140.216.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS49424

Organization
New Line Solutions LLC

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
68b329da9893e34099c7d8ad5cb9c940

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:57:00.000Z",
   "app" : {
      "length" : 1
   },
   "asn" : "AS49424",
   "city" : "Tashkent",
   "country" : "UZ",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n",
   "datamd5" : "68b329da9893e34099c7d8ad5cb9c940",
   "datammh3" : -1840324437,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "37.140.216.147",
   "ipv6" : "false",
   "latitude" : "41.2615",
   "location" : "41.2615,69.2177",
   "longitude" : "69.2177",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "New Line Solutions LLC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5988,
   "protocol" : "unknown",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "37.140.216.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
185.251.210.147

Network
185.251.208.0/22

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

ASN
AS47806

Organization
Telecondado SL

Protocol
ftp

Source
datascan
Operating System
Linux Linux Ubuntu

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b26fac0d61ad3587a5465e689b49dac8

220 LOSMATOS FTP server ready.
500 GET / HTTP/1.1: command not understood.
500 HOST: <ip>:5988: command not understood.
500 CONNECTION: close: command not understood.
500 USER-AGENT: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0: command not understood.
500 ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8: command not understood.
500 ACCEPT-LANGUAGE: en-US,en;q=0.5: command not understood.
500 : command not understood.
331 Password required for anonymous.
530 Login incorrect.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:56:46.000Z",
   "app" : {
      "ftp" : {
         "anonymous" : "false"
      },
      "length" : 545
   },
   "asn" : "AS47806",
   "city" : "Bollullos par del Condado",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220 LOSMATOS FTP server ready.\r\n500 GET / HTTP/1.1: command not understood.\r\n500 HOST: <ip>:5988: command not understood.\r\n500 CONNECTION: close: command not understood.\r\n500 USER-AGENT: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0: command not understood.\r\n500 ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8: command not understood.\r\n500 ACCEPT-LANGUAGE: en-US,en;q=0.5: command not understood.\r\n500 : command not understood.\r\n331 Password required for anonymous.\n530 Login incorrect.\n",
   "datamd5" : "b26fac0d61ad3587a5465e689b49dac8",
   "datammh3" : 670130019,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "185.251.210.147",
   "ipv6" : "false",
   "latitude" : "37.3405",
   "location" : "37.3405,-6.5339",
   "longitude" : "-6.5339",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Telecondado SL",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 5988,
   "protocol" : "ftp",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "185.251.208.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
93.88.76.144

Network
93.88.76.0/22

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://93.88.76.144:5988/ 501

ASN
AS57487

Organization
Advanced Solutions LLC

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e1a05c9eeaed3b745f846d501c56b47e

HTTP Header MD5
92564426898a37623d0327f04279e8fa

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 501 Not Implemented
Server: sfcHttpd
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:56:22.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "92564426898a37623d0327f04279e8fa",
         "headermmh3" : 1582009671
      },
      "length" : 88
   },
   "asn" : "AS57487",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 501 Not Implemented\r\nServer: sfcHttpd\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "e1a05c9eeaed3b745f846d501c56b47e",
   "datammh3" : 1839676083,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "93.88.76.144",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Advanced Solutions LLC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5988,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Implemented",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 501,
   "subnet" : "93.88.76.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
103.160.12.100

Network
103.160.12.0/23

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS131111

Organization
PT Mora Telematika Indonesia

Protocol
mysql

Source
datascan
Operating System
Linux Linux Kernel

Product
Oracle MySQL 8.0.40

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2d7ba1a7daf92803a74a6855fec196db

[\x00\x00\x00
8.0.40-0ubuntu0.22.04.1\x00\xe0\x87\x00\x00T@+\x07Y6[ \x00\xff\xff\xff\x02\x00\xff\xdf\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00CFdhpm^0\x01\x04\x1b7\x00caching_sha2_password\x00!\x00\x00\x01\xff\x84\x04#08S01Got packets out of order

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:56:08.000Z",
   "app" : {
      "length" : 132
   },
   "asn" : "AS131111",
   "city" : "Jakarta",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "[\\x00\\x00\\x00\n8.0.40-0ubuntu0.22.04.1\\x00\\xe0\\x87\\x00\\x00T@+\\x07Y6[ \\x00\\xff\\xff\\xff\\x02\\x00\\xff\\xdf\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00CFdhpm^0\\x01\\x04\\x1b7\\x00caching_sha2_password\\x00!\\x00\\x00\\x01\\xff\\x84\\x04#08S01Got packets out of order",
   "datamd5" : "2d7ba1a7daf92803a74a6855fec196db",
   "datammh3" : 1447626809,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS131111",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "metrodataekajaya.co.id",
         "moratelindo.co.id"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "IDNIC-METRODATAJAYA-ID",
      "organization" : "MORATELINDONAP-ID",
      "subnet" : "103.160.12.0/23"
   },
   "ip" : "103.160.12.100",
   "ipv6" : "false",
   "latitude" : "-6.2114",
   "location" : "-6.2114,106.8446",
   "longitude" : "106.8446",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PT Mora Telematika Indonesia",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5988,
   "product" : "MySQL",
   "productvendor" : "Oracle",
   "productversion" : "8.0.40",
   "protocol" : "mysql",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "103.160.12.0/23",
   "tls" : "false",
   "transport" : "tcp"
}

IP
173.226.134.214

Network
173.226.132.0/22

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://173.226.134.214:5988/ 501

ASN
AS3549

Organization
LVLT-3549

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e1a05c9eeaed3b745f846d501c56b47e

HTTP Header MD5
92564426898a37623d0327f04279e8fa

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 501 Not Implemented
Server: sfcHttpd
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:56:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "92564426898a37623d0327f04279e8fa",
         "headermmh3" : 1582009671
      },
      "length" : 88
   },
   "asn" : "AS3549",
   "city" : "Covington",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 501 Not Implemented\r\nServer: sfcHttpd\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "e1a05c9eeaed3b745f846d501c56b47e",
   "datammh3" : 1839676083,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS3549",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "level3.com",
         "lumen.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "TWTC-NETBLK-18",
      "organization" : "Level 3 Parent, LLC",
      "subnet" : "173.226.132.0/22"
   },
   "ip" : "173.226.134.214",
   "ipv6" : "false",
   "latitude" : "30.4856",
   "location" : "30.4856,-90.0977",
   "longitude" : "-90.0977",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "LVLT-3549",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5988,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Implemented",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 501,
   "subnet" : "173.226.132.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
45.89.19.110

Network
45.89.16.0/22

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://45.89.19.110:5988/ 502

HTTP Title
502 Bad Gateway

ASN
AS35048

Organization
Biterika Group LLC

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
32fcb3f665faf4e475e0e712d6338e00

HTTP Header MD5
9976a0aae19252854ae9a24c46259840

HTTP Body MD5
e4e3eb9161b288a684b5a7fc9445ee63

HTTP/1.0 502 Bad Gateway
Connection: close
Content-type: text/html; charset=utf-8

<html><head><title>502 Bad Gateway</title></head>
<body><h2>502 Bad Gateway</h2><h3>Host Not Found or connection failed</h3></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:56:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "e4e3eb9161b288a684b5a7fc9445ee63",
         "bodymmh3" : 1749980019,
         "headermd5" : "9976a0aae19252854ae9a24c46259840",
         "headermmh3" : 871199424,
         "title" : "502 Bad Gateway"
      },
      "length" : 228
   },
   "asn" : "AS35048",
   "city" : "Moscow",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 502 Bad Gateway\r\nConnection: close\r\nContent-type: text/html; charset=utf-8\r\n\r\n<html><head><title>502 Bad Gateway</title></head>\r\n<body><h2>502 Bad Gateway</h2><h3>Host Not Found or connection failed</h3></body></html>\r\n",
   "datamd5" : "32fcb3f665faf4e475e0e712d6338e00",
   "datammh3" : 623745929,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS55933",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "apnic.net"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "IANA-NETBLOCK-45",
      "organization" : "This network range is not fully allocated to APNIC.",
      "subnet" : "45.0.0.0/8"
   },
   "ip" : "45.89.19.110",
   "ipv6" : "false",
   "latitude" : "55.7483",
   "location" : "55.7483,37.6171",
   "longitude" : "37.6171",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Biterika Group LLC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5988,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Bad Gateway",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 502,
   "subnet" : "45.89.16.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
172.233.91.80

Network
172.233.0.0/16

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://172.233.91.80:5988/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
172-233-91-80.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 08:48:54 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:48:54.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 839996858,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS63949",
   "city" : "Osaka",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:48:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "172.233.64.0/19"
   },
   "host" : [
      "172-233-91-80"
   ],
   "hostname" : [
      "172-233-91-80.ip.linodeusercontent.com"
   ],
   "ip" : "172.233.91.80",
   "ipv6" : "false",
   "latitude" : "34.6946",
   "location" : "34.6946,135.5021",
   "longitude" : "135.5021",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5988,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "172-233-91-80.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "172.233.0.0/16",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 33,494 in 0.046 second(s)

143.47.186.76:5988 (tcp/unknown) - last seen on 2024-11-21 at 08:57:28 UTC

211.83.5.89:5988 (tcp/http) - last seen on 2024-11-21 at 08:57:08 UTC

174.173.37.2:5988 (tcp/http) - last seen on 2024-11-21 at 08:57:03 UTC

37.140.216.147:5988 (tcp/unknown) - last seen on 2024-11-21 at 08:57:00 UTC

185.251.210.147:5988 (tcp/ftp) - last seen on 2024-11-21 at 08:56:46 UTC

93.88.76.144:5988 (tcp/http) - last seen on 2024-11-21 at 08:56:22 UTC

103.160.12.100:5988 (tcp/mysql) - last seen on 2024-11-21 at 08:56:08 UTC

173.226.134.214:5988 (tcp/http) - last seen on 2024-11-21 at 08:56:07 UTC

45.89.19.110:5988 (tcp/http) - last seen on 2024-11-21 at 08:56:05 UTC

172.233.91.80:5988 (tcp/http) - last seen on 2024-11-21 at 08:48:54 UTC