Returning 10 result(s) out of 1,540,886 in 0.101 second(s)

  • 36.103.237.205:8001 (tcp/http) - last seen on 2024-11-21 at 08:46:35 UTC

    • IP
      36.103.237.205
      Network
      36.103.128.0/17
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://36.103.237.205:8001/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS134761
      Organization
      CHINANET NINGXIA province ZHONGWEI IDC network
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      OpenResty OpenResty
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      147daef0dbc1c3621880e5b317d5ab7a
      HTTP Header MD5
      d3081c05b8dffa80a3518cad609641f3
      HTTP Body MD5
      b918f8b3770dc1158b467b0dd192e59e
    • HTTP/1.1 400 Bad Request
      Server: openresty
      Date: Thu, 21 Nov 2024 08:46:35 GMT
      Content-Type: text/html
      Content-Length: 252
      Connection: close
      Request-Id: edcd673ef36b24676386efdf0a98ec4e
      
      <html>
      <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <center>The plain HTTP request was sent to HTTPS port</center>
      <hr><center>openresty</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T08:46:35.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "b918f8b3770dc1158b467b0dd192e59e",
               "bodymmh3" : 1280153115,
               "headermd5" : "d3081c05b8dffa80a3518cad609641f3",
               "headermmh3" : -857391477,
               "title" : "400 The plain HTTP request was sent to HTTPS port"
            },
            "length" : 447
         },
         "asn" : "AS134761",
         "city" : "Shenzhen",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: openresty\r\nDate: Thu, 21 Nov 2024 08:46:35 GMT\r\nContent-Type: text/html\r\nContent-Length: 252\r\nConnection: close\r\nRequest-Id: edcd673ef36b24676386efdf0a98ec4e\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "147daef0dbc1c3621880e5b317d5ab7a",
         "datammh3" : 515578823,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS134761",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "chinatelecom.cn",
               "yc.nx.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "CHINANET-NX",
            "organization" : "CHINANET ningxia province network",
            "subnet" : "36.103.128.0/17"
         },
         "ip" : "36.103.237.205",
         "ipv6" : "false",
         "latitude" : "22.5559",
         "location" : "22.5559,114.0577",
         "longitude" : "114.0577",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "CHINANET NINGXIA province ZHONGWEI IDC network",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 8001,
         "product" : "OpenResty",
         "productvendor" : "OpenResty",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "36.103.128.0/17",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 125.66.90.158:8001 (tcp/http) - last seen on 2024-11-21 at 08:46:34 UTC

    • IP
      125.66.90.158
      Network
      125.66.0.0/16
      Domain(s)
      163data.com.cn
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://125.66.90.158:8001/ 302

      HTTP Title
      302 Found
      Reverse DNS
      158.90.66.125.broad.zg.sc.dynamic.163data.com.cn
      ASN
      AS4134
      Organization
      Chinanet
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4b3c004cabe3a80fd6c1bebb82f06e27
      HTTP Header MD5
      0bd7db05e9d45334f3f4e2bfa926cad2
      HTTP Body MD5
      4fbd4661f0b77fefa9dcb08a33780d26
    • HTTP/1.1 302 Moved Temporarily
      Date: Thu, 21 Nov 2024 08:46:34 GMT
      Content-Type: text/html
      Content-Length: 138
      Connection: close
      Server: Nginx
      Expires: 0
      Pragma: no-cache
      Cache-Control: no-cache
      X-LANG: 1
      X-Timezone: 0800
      X-Timestamp: 1732178794
      X-Arch: x86
      X-Sysbit: x64
      X-Enterprise: 0
      X-Support-i18n: 0
      X-Support-wifi: 0
      X-Default-IP: 0
      Location: /login
      
      <html>
      <head><title>302 Found</title></head>
      <body>
      <center><h1>302 Found</h1></center>
      <hr><center>Nginx</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T08:46:34.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "4fbd4661f0b77fefa9dcb08a33780d26",
               "bodymmh3" : -46274005,
               "headermd5" : "0bd7db05e9d45334f3f4e2bfa926cad2",
               "headermmh3" : -1570433545,
               "title" : "302 Found"
            },
            "length" : 516
         },
         "asn" : "AS4134",
         "city" : "Chengdu",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 302 Moved Temporarily\r\nDate: Thu, 21 Nov 2024 08:46:34 GMT\r\nContent-Type: text/html\r\nContent-Length: 138\r\nConnection: close\r\nServer: Nginx\r\nExpires: 0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nX-LANG: 1\r\nX-Timezone: 0800\r\nX-Timestamp: 1732178794\r\nX-Arch: x86\r\nX-Sysbit: x64\r\nX-Enterprise: 0\r\nX-Support-i18n: 0\r\nX-Support-wifi: 0\r\nX-Default-IP: 0\r\nLocation: /login\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>Nginx</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "4b3c004cabe3a80fd6c1bebb82f06e27",
         "datammh3" : 960892958,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "163data.com.cn"
         ],
         "geolocus" : {
            "asn" : "AS4134",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "163data.com.cn",
               "189.cn",
               "chinatelecom.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "CHINANET-SC",
            "organization" : "CHINANET Sichuan province network",
            "subnet" : "125.66.0.0/16"
         },
         "host" : [
            158
         ],
         "hostname" : [
            "158.90.66.125.broad.zg.sc.dynamic.163data.com.cn"
         ],
         "ip" : "125.66.90.158",
         "ipv6" : "false",
         "latitude" : "30.6498",
         "location" : "30.6498,104.0555",
         "longitude" : "104.0555",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Chinanet",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 8001,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Moved Temporarily",
         "reverse" : [
            "158.90.66.125.broad.zg.sc.dynamic.163data.com.cn"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 302,
         "subdomains" : [
            "90.66.125.broad.zg.sc.dynamic.163data.com.cn",
            "zg.sc.dynamic.163data.com.cn",
            "125.broad.zg.sc.dynamic.163data.com.cn",
            "sc.dynamic.163data.com.cn",
            "dynamic.163data.com.cn",
            "66.125.broad.zg.sc.dynamic.163data.com.cn",
            "broad.zg.sc.dynamic.163data.com.cn"
         ],
         "subnet" : "125.66.0.0/16",
         "tld" : [
            "com.cn"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 182.233.161.195:8001 (tcp/http) - last seen on 2024-11-21 at 08:46:32 UTC

    • IP
      182.233.161.195
      Alternative IP(s)
      199.59.243.227
      Network
      182.233.0.0/16
      Domain(s)
      kbtelecom.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://182.233.161.195:8001/ 401

      Reverse DNS
      host-195.161-233-182.cable.dynamic.kbtelecom.net
      ASN
      AS9416
      Organization
      Hoshin Multimedia Center Inc.
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      808f66ab501e79b3789dc0d423eb1b06
      HTTP Header MD5
      272103ab69d40e8f5e5ce9eadf61cec7
      HTTP Body MD5
      3a1f4b7764a0f93bc15e4b6ad48ab365
    • HTTP/1.0 401 Unauthorized
      content-type: application/json; charset=utf-8
      content-length: 29
      
      <html><body>401</body></html>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T08:46:32.000Z",
         "alternativeip" : [
            "199.59.243.227"
         ],
         "app" : {
            "http" : {
               "bodymd5" : "3a1f4b7764a0f93bc15e4b6ad48ab365",
               "bodymmh3" : -628519605,
               "headermd5" : "272103ab69d40e8f5e5ce9eadf61cec7",
               "headermmh3" : 1164768797
            },
            "length" : 125
         },
         "asn" : "AS9416",
         "city" : "Keelung",
         "country" : "TW",
         "data" : "HTTP/1.0 401 Unauthorized\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 29\r\n\r\n<html><body>401</body></html>",
         "datamd5" : "808f66ab501e79b3789dc0d423eb1b06",
         "datammh3" : 640875992,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "kbtelecom.net"
         ],
         "geolocus" : {
            "asn" : "AS9416",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "TW",
            "countryname" : "Taiwan",
            "domain" : [
               "homeplus.net.tw",
               "kbtelecom.net"
            ],
            "isineu" : "false",
            "latitude" : "23.69781",
            "location" : "23.69781,120.960515",
            "longitude" : "120.960515",
            "netname" : "HOSHIN-MULTIMEDIA",
            "organization" : "Hoshin Multimedia Center Inc.",
            "subnet" : "182.233.0.0/16"
         },
         "host" : [
            "host-195"
         ],
         "hostname" : [
            "host-195.161-233-182.cable.dynamic.kbtelecom.net"
         ],
         "ip" : "182.233.161.195",
         "ipv6" : "false",
         "latitude" : "25.1322",
         "location" : "25.1322,121.7420",
         "longitude" : "121.7420",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Hoshin Multimedia Center Inc.",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 8001,
         "protocol" : "http",
         "protocolversion" : "1.0",
         "reason" : "Unauthorized",
         "reverse" : [
            "host-195.161-233-182.cable.dynamic.kbtelecom.net"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 401,
         "subdomains" : [
            "161-233-182.cable.dynamic.kbtelecom.net",
            "cable.dynamic.kbtelecom.net",
            "dynamic.kbtelecom.net"
         ],
         "subnet" : "182.233.0.0/16",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "net"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 204.242.248.98:8001 (tcp/http) - last seen on 2024-11-21 at 08:46:31 UTC

    • IP
      204.242.248.98
      Network
      204.242.240.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://204.242.248.98:8001/ 407

      ASN
      AS6079
      Organization
      RCN-AS
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      beff904528226673ee6dbdb9e7fe6002
      HTTP Header MD5
      4bd5a82db187fbf06a2b7f25b880c717
      HTTP Body MD5
      917a0ae17b6e9db13c448d39f37c69ca
    • HTTP/1.1 407 Proxy Authentication Required
      Proxy-Authenticate: Basic realm=""
      
      Proxy Authentication Required
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T08:46:31.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
               "bodymmh3" : -1539650452,
               "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
               "headermmh3" : 372433470
            },
            "length" : 111
         },
         "asn" : "AS6079",
         "city" : "Ashburn",
         "country" : "US",
         "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
         "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
         "datammh3" : 501879459,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS6079",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "cogentco.com",
               "northerncablefiber.com",
               "rackdog.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "NORTHERN-CABLE",
            "organization" : "NORTHERN CABLE AND FIBER, LLC",
            "subnet" : "204.242.224.0/19"
         },
         "ip" : "204.242.248.98",
         "ipv6" : "false",
         "latitude" : "39.0469",
         "location" : "39.0469,-77.4903",
         "longitude" : "-77.4903",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "RCN-AS",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 8001,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Proxy Authentication Required",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 407,
         "subnet" : "204.242.240.0/20",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 213.176.53.251:8001 (tcp/http) - last seen on 2024-11-21 at 08:46:28 UTC

    • IP
      213.176.53.251
      Network
      213.176.32.0/19
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://213.176.53.251:8001/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS142578
      Organization
      E-Large HongKong
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      3b40fcd13ec4c48698cf15e0d2ba5977
      HTTP Header MD5
      7de09592d0cc3062011d73fa292680b0
      HTTP Body MD5
      77bd43987adf27926b335fbe22b67813
    • HTTP/1.1 400 Bad Request
      Server: WAF
      Date: Thu, 21 Nov 2024 08:46:27 GMT
      Content-Type: text/html
      Content-Length: 262
      Connection: close
      
      <html>
      <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
      <body bgcolor="white">
      <center><h1>400 Bad Request</h1></center>
      <center>The plain HTTP request was sent to HTTPS port</center>
      <hr><center>WAF</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T08:46:28.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "77bd43987adf27926b335fbe22b67813",
               "bodymmh3" : -2135056736,
               "headermd5" : "7de09592d0cc3062011d73fa292680b0",
               "headermmh3" : 780147341,
               "title" : "400 The plain HTTP request was sent to HTTPS port"
            },
            "length" : 405
         },
         "asn" : "AS142578",
         "country" : "US",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: WAF\r\nDate: Thu, 21 Nov 2024 08:46:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 262\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>WAF</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "3b40fcd13ec4c48698cf15e0d2ba5977",
         "datammh3" : 401141661,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS35372",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "IR",
            "countryname" : "Iran",
            "domain" : [
               "irost.org"
            ],
            "isineu" : "false",
            "latitude" : "32.427908",
            "location" : "32.427908,53.688046",
            "longitude" : "53.688046",
            "netname" : "IR-IROST-19991208",
            "organization" : "Iranian Research Organization for Science & Technology",
            "subnet" : "213.176.0.0/17"
         },
         "ip" : "213.176.53.251",
         "ipv6" : "false",
         "latitude" : "34.0544",
         "location" : "34.0544,-118.2440",
         "longitude" : "-118.2440",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "E-Large HongKong",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 8001,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "213.176.32.0/19",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 45.33.75.98:8001 (tcp/http) - last seen on 2024-11-21 at 08:46:28 UTC

    • IP
      45.33.75.98
      Network
      45.33.64.0/20
      Domain(s)
      linodeusercontent.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://45.33.75.98:8001/ 403

      Reverse DNS
      45-33-75-98.ip.linodeusercontent.com
      ASN
      AS63949
      Organization
      Akamai Connected Cloud
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      294c66799bd7926b0fc53c46c5720db6
      HTTP Header MD5
      543e6b0e0bafe492b1c91ae42dc3f7d6
      HTTP Body MD5
      862ccdb877441b4a22a3b785150e6676
    • HTTP/1.1 403 Forbidden
      Content-Type: text/plain; charset=utf-8
      Content-Length: 14
      Date: Thu, 21 Nov 2024 08:46:27 GMT
      Server: Python/3.11 aiohttp/3.10.0
      Connection: close
      
      403: Forbidden
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T08:46:28.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "862ccdb877441b4a22a3b785150e6676",
               "bodymmh3" : -598614536,
               "headermd5" : "543e6b0e0bafe492b1c91ae42dc3f7d6",
               "headermmh3" : 577361787
            },
            "length" : 193
         },
         "asn" : "AS63949",
         "city" : "Cedar Knolls",
         "country" : "US",
         "data" : "HTTP/1.1 403 Forbidden\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 14\r\nDate: Thu, 21 Nov 2024 08:46:27 GMT\r\nServer: Python/3.11 aiohttp/3.10.0\r\nConnection: close\r\n\r\n403: Forbidden",
         "datamd5" : "294c66799bd7926b0fc53c46c5720db6",
         "datammh3" : 1537217735,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "linodeusercontent.com"
         ],
         "geolocus" : {
            "asn" : "AS63949",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "akamai.com",
               "linode.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "LINODE",
            "organization" : "Linode",
            "subnet" : "45.33.0.0/17"
         },
         "host" : [
            "45-33-75-98"
         ],
         "hostname" : [
            "45-33-75-98.ip.linodeusercontent.com"
         ],
         "ip" : "45.33.75.98",
         "ipv6" : "false",
         "latitude" : "40.8229",
         "location" : "40.8229,-74.4592",
         "longitude" : "-74.4592",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Akamai Connected Cloud",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 8001,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Forbidden",
         "reverse" : [
            "45-33-75-98.ip.linodeusercontent.com"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 403,
         "subdomains" : [
            "ip.linodeusercontent.com"
         ],
         "subnet" : "45.33.64.0/20",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 84.238.79.199:8001 (tcp/http) - last seen on 2024-11-21 at 08:46:10 UTC

    • IP
      84.238.79.199
      Network
      84.238.0.0/17
      Domain(s)
      bnaa.dk
      Device

      <enterprise field>: device.class

      URL

      http://84.238.79.199:8001/ 400

      HTTP Title
      400 Bad Request
      Reverse DNS
      84-238-79-199.ptr.bnaa.dk
      ASN
      AS33796
      Organization
      Bolignet-aarhus F.m.b.a.
      Protocol
      http
      Source
      datascan::redirect::1
    • Product
      Apache HTTP Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      efcb4bc6605f6b40910299bf21434c38
      HTTP Header MD5
      883e663d60fbd52b334f0919056f60ed
      HTTP Body MD5
      6efda5878ab25f4f28a89bbb3f9fa41c
    • HTTP/1.1 400 Bad Request
      Date: Thu, 21 Nov 2024 08:46:10 GMT
      Server: Apache
      Vary: Accept-Encoding
      Content-Length: 362
      Connection: close
      Content-Type: text/html; charset=iso-8859-1
      
      <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
      <html><head>
      <title>400 Bad Request</title>
      </head><body>
      <h1>Bad Request</h1>
      <p>Your browser sent a request that this server could not understand.<br />
      Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
       Instead use the HTTPS scheme to access this URL, please.<br />
      </p>
      </body></html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T08:46:10.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "6efda5878ab25f4f28a89bbb3f9fa41c",
               "bodymmh3" : -645452522,
               "headermd5" : "883e663d60fbd52b334f0919056f60ed",
               "headermmh3" : 1606198443,
               "title" : "400 Bad Request"
            },
            "length" : 551
         },
         "asn" : "AS33796",
         "city" : "Aarhus",
         "country" : "DK",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 21 Nov 2024 08:46:10 GMT\r\nServer: Apache\r\nVary: Accept-Encoding\r\nContent-Length: 362\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\nReason: You're speaking plain HTTP to an SSL-enabled server port.<br />\n Instead use the HTTPS scheme to access this URL, please.<br />\n</p>\n</body></html>\n",
         "datamd5" : "efcb4bc6605f6b40910299bf21434c38",
         "datammh3" : -512158253,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "bnaa.dk"
         ],
         "forward" : "84.238.79.199",
         "geolocus" : {
            "asn" : "AS33796",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "DK",
            "countryname" : "Denmark",
            "domain" : [
               "bnaa.dk"
            ],
            "isineu" : "true",
            "latitude" : "56.26392",
            "location" : "56.26392,9.501785",
            "longitude" : "9.501785",
            "netname" : "BNAA-INTERNAL",
            "organization" : "Internal adresses for infrastructure components",
            "subnet" : "84.238.0.0/17"
         },
         "host" : [
            "84-238-79-199"
         ],
         "hostname" : [
            "84-238-79-199.ptr.bnaa.dk",
            "84.238.79.199"
         ],
         "ip" : "84.238.79.199",
         "ipv6" : "false",
         "latitude" : "56.1567",
         "location" : "56.1567,10.2153",
         "longitude" : "10.2153",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Bolignet-aarhus F.m.b.a.",
         "port" : 8001,
         "product" : "HTTP Server",
         "productvendor" : "Apache",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "reverse" : [
            "84-238-79-199.ptr.bnaa.dk"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan::redirect::1",
         "status" : 400,
         "subdomains" : [
            "ptr.bnaa.dk"
         ],
         "subnet" : "84.238.0.0/17",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "dk"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 189.124.134.157:8001 (tcp/http) - last seen on 2024-11-21 at 08:46:10 UTC

    • IP
      189.124.134.157
      Network
      189.124.128.0/17
      Domain(s)
      llnw.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://189.124.134.157:8001/ 400

      Reverse DNS
      https-189-124-134-157.paab.llnw.net.134.124.189.delegations.llnw.net
      ASN
      AS28220
      Organization
      CABO SERVICOS DE TELECOMUNICACOES LTDA
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      b812eafa63af1db16e17227f16ed67be
      HTTP Header MD5
      732a4f122d94576069e385f668d5ea04
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e
    • HTTP/1.1 400 Bad Request
      Server: EdgePrism/5.2.6.0
      Mime-Version: 1.0
      Date: Thu, 21 Nov 2024 08:46:09 GMT
      Content-Type: text/plain
      Expires: Thu, 21 Nov 2024 08:46:09 GMT
      X-LLID: cf33d4d0e5f6d434848872a2593ef8f4
      Content-Length: 0
      Connection: close
      
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T08:46:10.000Z",
         "app" : {
            "extract" : {
               "ip" : [
                  "5.2.6.0"
               ]
            },
            "http" : {
               "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
               "bodymmh3" : -1636538602,
               "headermd5" : "732a4f122d94576069e385f668d5ea04",
               "headermmh3" : -245618273
            },
            "length" : 257
         },
         "asn" : "AS28220",
         "city" : "Natal",
         "country" : "BR",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: EdgePrism/5.2.6.0\r\nMime-Version: 1.0\r\nDate: Thu, 21 Nov 2024 08:46:09 GMT\r\nContent-Type: text/plain\r\nExpires: Thu, 21 Nov 2024 08:46:09 GMT\r\nX-LLID: cf33d4d0e5f6d434848872a2593ef8f4\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
         "datamd5" : "b812eafa63af1db16e17227f16ed67be",
         "datammh3" : -801776286,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "llnw.net"
         ],
         "geolocus" : {
            "asn" : "AS28220",
            "continent" : "SA",
            "continentname" : "South America",
            "country" : "BR",
            "countryname" : "Brazil",
            "domain" : [
               "alaresinternet.com.br",
               "as28220.net",
               "cabotelecom.com.br",
               "cert.br"
            ],
            "isineu" : "false",
            "latitude" : "-14.235004",
            "location" : "-14.235004,-51.92528",
            "longitude" : "-51.92528",
            "netname" : "02.952.192/0001-61",
            "organization" : "CABO SERVICOS DE TELECOMUNICACOES LTDA",
            "subnet" : "189.124.128.0/17"
         },
         "host" : [
            "https-189-124-134-157"
         ],
         "hostname" : [
            "https-189-124-134-157.paab.llnw.net.134.124.189.delegations.llnw.net"
         ],
         "ip" : "189.124.134.157",
         "ipv6" : "false",
         "latitude" : "-5.8111",
         "location" : "-5.8111,-35.2235",
         "longitude" : "-35.2235",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "CABO SERVICOS DE TELECOMUNICACOES LTDA",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 8001,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "reverse" : [
            "https-189-124-134-157.paab.llnw.net.134.124.189.delegations.llnw.net"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 400,
         "subdomains" : [
            "llnw.net.134.124.189.delegations.llnw.net",
            "124.189.delegations.llnw.net",
            "delegations.llnw.net",
            "189.delegations.llnw.net",
            "134.124.189.delegations.llnw.net",
            "net.134.124.189.delegations.llnw.net",
            "paab.llnw.net.134.124.189.delegations.llnw.net"
         ],
         "subnet" : "189.124.128.0/17",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "net"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 46.8.10.142:8001 (tcp/socks4a) - last seen on 2024-11-21 at 08:46:09 UTC

    • IP
      46.8.10.142
      Network
      46.8.10.0/23
      Operating System
      Linux Linux Kernel
      ASN
      AS35048
      Organization
      Biterika Group LLC
      Protocol
      socks4a
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d0667d77071710c716b7978296e1b49e
    • \x00[\x00\x00\x00\x00\x00\x00
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T08:46:09.000Z",
         "app" : {
            "length" : 8
         },
         "asn" : "AS35048",
         "city" : "Moscow",
         "country" : "RU",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "\\x00[\\x00\\x00\\x00\\x00\\x00\\x00",
         "datamd5" : "d0667d77071710c716b7978296e1b49e",
         "datammh3" : -971970408,
         "ip" : "46.8.10.142",
         "ipv6" : "false",
         "latitude" : "55.7483",
         "location" : "55.7483,37.6171",
         "longitude" : "37.6171",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Biterika Group LLC",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 8001,
         "protocol" : "socks4a",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "subnet" : "46.8.10.0/23",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp"
      }
      
  • 165.227.39.136:8001 (tcp/http) - last seen on 2024-11-21 at 08:46:08 UTC

    • IP
      165.227.39.136
      Network
      165.227.0.0/16
      Domain(s)
      39.136-cleanmark-gitlab
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://165.227.39.136:8001/ 302

      Reverse DNS
      165.227.39.136-cleanmark-gitlab
      ASN
      AS14061
      Organization
      DIGITALOCEAN-ASN
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0e47e9d22aae93d8ef9758a42b7ce36e
      HTTP Header MD5
      6f0d493133802c1c3e5fed69a6b2e87c
      HTTP Body MD5
      50ff47cabb7913ce93720946049cd015
    • HTTP/1.1 302 Found
      Server: nginx
      Date: Thu, 21 Nov 2024 08:31:44 GMT
      Content-Type: text/html; charset=utf-8
      Content-Length: 106
      Connection: close
      Cache-Control: no-cache
      Location: http://<ip>:8001/users/sign_in
      X-Content-Type-Options: nosniff
      X-Frame-Options: DENY
      X-Request-Id: f13b0ad6-347a-4634-867c-fd118c3d1a6c
      X-Runtime: 0.087461
      X-Ua-Compatible: IE=edge
      X-Xss-Protection: 1; mode=block
      Strict-Transport-Security: max-age=31536000
      
      <html><body>You are being <a href="http://<ip>:8001/users/sign_in">redirected</a>.</body></html>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T08:46:08.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "50ff47cabb7913ce93720946049cd015",
               "bodymmh3" : -1342458272,
               "headermd5" : "6f0d493133802c1c3e5fed69a6b2e87c",
               "headermmh3" : 975827662
            },
            "length" : 550
         },
         "asn" : "AS14061",
         "city" : "Toronto",
         "country" : "CA",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:31:44 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 106\r\nConnection: close\r\nCache-Control: no-cache\r\nLocation: http://<ip>:8001/users/sign_in\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: DENY\r\nX-Request-Id: f13b0ad6-347a-4634-867c-fd118c3d1a6c\r\nX-Runtime: 0.087461\r\nX-Ua-Compatible: IE=edge\r\nX-Xss-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html><body>You are being <a href=\"http://<ip>:8001/users/sign_in\">redirected</a>.</body></html>",
         "datamd5" : "0e47e9d22aae93d8ef9758a42b7ce36e",
         "datammh3" : 90580178,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "39.136-cleanmark-gitlab"
         ],
         "geolocus" : {
            "asn" : "AS14061",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "digitalocean.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "DIGITALOCEAN-165-227-0-0",
            "organization" : "DigitalOcean, LLC",
            "subnet" : "165.227.32.0/20"
         },
         "host" : [
            165
         ],
         "hostname" : [
            "165.227.39.136-cleanmark-gitlab"
         ],
         "ip" : "165.227.39.136",
         "ipv6" : "false",
         "latitude" : "43.6547",
         "location" : "43.6547,-79.3623",
         "longitude" : "-79.3623",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "DIGITALOCEAN-ASN",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 8001,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Found",
         "reverse" : [
            "165.227.39.136-cleanmark-gitlab"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 302,
         "subdomains" : [
            "227.39.136-cleanmark-gitlab"
         ],
         "subnet" : "165.227.0.0/16",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "136-cleanmark-gitlab"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }