Cyber Defense Search Engine

IP
118.189.111.85

Network
118.189.0.0/17

Domain(s)
m1net.com.sg

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

Reverse DNS
85.111.189.118.static.m1net.com.sg

ASN
AS17547

Organization
M1 NET LTD

Protocol
smtp

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft SMTP Service 10.0.14393.4169

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e834e43abc15a18c19a1db987a69fe17

220 EQVSMTP01.NETLINKNBN.LOCAL Microsoft ESMTP MAIL Service, Version: 10.0.14393.4169 ready at  Thu, 7 Nov 2024 11:19:40 +0800 
500 5.3.3 Unrecognized command
500 5.3.3 Unrecognized command
500 5.3.3 Unrecognized command
500 5.3.3 Unrecognized command
500 5.3.3 Unrecognized command
500 5.3.3 Unrecognized command

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:19:47.000Z",
   "app" : {
      "length" : 321
   },
   "asn" : "AS17547",
   "city" : "Singapore",
   "country" : "SG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220 EQVSMTP01.NETLINKNBN.LOCAL Microsoft ESMTP MAIL Service, Version: 10.0.14393.4169 ready at  Thu, 7 Nov 2024 11:19:40 +0800 \r\n500 5.3.3 Unrecognized command\r\n500 5.3.3 Unrecognized command\r\n500 5.3.3 Unrecognized command\r\n500 5.3.3 Unrecognized command\r\n500 5.3.3 Unrecognized command\r\n500 5.3.3 Unrecognized command\r\n",
   "datamd5" : "e834e43abc15a18c19a1db987a69fe17",
   "datammh3" : 1129292072,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "m1net.com.sg"
   ],
   "geolocus" : {
      "asn" : "AS17547",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "SG",
      "countryname" : "Singapore",
      "domain" : [
         "m1.com.sg",
         "m1net.com.sg",
         "m1net.sg"
      ],
      "isineu" : "false",
      "latitude" : "1.352083",
      "location" : "1.352083,103.819836",
      "longitude" : "103.819836",
      "netname" : "M1NET-SG",
      "organization" : "M1 NET LTD",
      "subnet" : "118.189.0.0/17"
   },
   "host" : [
      85
   ],
   "hostname" : [
      "85.111.189.118.static.m1net.com.sg"
   ],
   "ip" : "118.189.111.85",
   "ipv6" : "false",
   "latitude" : "1.3248",
   "location" : "1.3248,103.7799",
   "longitude" : "103.7799",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "M1 NET LTD",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9151,
   "product" : "SMTP Service",
   "productvendor" : "Microsoft",
   "productversion" : "10.0.14393.4169",
   "protocol" : "smtp",
   "reverse" : [
      "85.111.189.118.static.m1net.com.sg"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "static.m1net.com.sg",
      "118.static.m1net.com.sg",
      "111.189.118.static.m1net.com.sg",
      "189.118.static.m1net.com.sg"
   ],
   "subnet" : "118.189.0.0/17",
   "tld" : [
      "com.sg"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
154.205.172.7

Network
154.205.172.0/23

Device

<enterprise field>: device.class

URL

http://154.205.172.7:9151/ 407

ASN
AS29802

Organization
HVC-AS

Protocol
http

Source
datascan

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5
4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5
917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:19:38.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS29802",
   "city" : "Los Angeles",
   "country" : "US",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS29802",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cloudinnovation.org"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "GuangZhou_Zike_Network_Technology_Co_Ltd",
      "organization" : "GuangZhou Zike Network Technology Co Ltd",
      "subnet" : "154.205.172.0/23"
   },
   "ip" : "154.205.172.7",
   "ipv6" : "false",
   "latitude" : "34.0544",
   "location" : "34.0544,-118.2441",
   "longitude" : "-118.2441",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "HVC-AS",
   "port" : 9151,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "154.205.172.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
43.251.112.114

Network
43.251.112.0/23

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://43.251.112.114:9151/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS132825

Organization
MYTEK TRADING PTY LTD

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
200a1e2110613326e210f0efb0c87609

HTTP Header MD5
c88b3cd80d6cd97ad9f042de5425a2c2

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 03:19:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:19:16.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : -543419858,
         "headermd5" : "c88b3cd80d6cd97ad9f042de5425a2c2",
         "headermmh3" : -1842606223,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 408
   },
   "asn" : "AS132825",
   "country" : "AU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:19:15 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "200a1e2110613326e210f0efb0c87609",
   "datammh3" : -1593142602,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS132825",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "cnc-int.com"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "MYTEK-AU",
      "organization" : "MYTEK TRADING PTY LTD",
      "subnet" : "43.251.112.0/23"
   },
   "ip" : "43.251.112.114",
   "ipv6" : "false",
   "latitude" : "-33.4940",
   "location" : "-33.4940,143.2104",
   "longitude" : "143.2104",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MYTEK TRADING PTY LTD",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9151,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "43.251.112.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
192.142.174.30

Network
192.142.174.0/23

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://192.142.174.30:9151/ 407

ASN
AS212238

Organization
Datacamp Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5
4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5
917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:19:15.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS212238",
   "city" : "Hanoi",
   "country" : "VN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS212238",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "logicweb.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LOGICWEB",
      "organization" : "LOGICWEB",
      "subnet" : "192.142.174.0/23"
   },
   "ip" : "192.142.174.30",
   "ipv6" : "false",
   "latitude" : "21.0292",
   "location" : "21.0292,105.8526",
   "longitude" : "105.8526",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Datacamp Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9151,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "192.142.174.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
14.170.208.201

Alternative IP(s)
203.162.0.78

Network
14.160.0.0/12

Domain(s)
vnpt.vn

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://14.170.208.201:9151/ 200

Reverse DNS
static.vnpt.vn

ASN
AS45899

Organization
VNPT Corp

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
c03ea71cf5d488ef183005e3486689bd

HTTP Header MD5
fd8e0a765092d70d012b61df4ef95edf

HTTP Body MD5
167b799d5d5294a1c72f3865f37e43c3

HTTP/1.1 200 OK
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
X-Content-Type-Options: nosniff
Date: Thu, 07 Nov 2024 10:19:13 GMT
ETag: 1730700213
Content-Length: 481
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 14 Sep 2021 03:07:17 GMT
Connection: close
Accept-Ranges: bytes

<!doctype html>
<html>
<head>
	<title></title>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta http-equiv="X-UA-Compatible" content="IE=edge" >
	<meta http-equiv="Pragma" content="no-cache" />
	<meta http-equiv="Cache-Control" content="no-cache, must-revalidate" />
	<meta http-equiv="Expires" content="0" />
</head>
<body>
</body>
<script>
	window.location.href = "./doc/page/login.asp?_" + (new Date()).getTime();
</script>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:19:14.000Z",
   "alternativeip" : [
      "203.162.0.78"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "167b799d5d5294a1c72f3865f37e43c3",
         "bodymmh3" : -370724244,
         "header" : [
            {
               "value" : 1730700213,
               "name" : "ETag"
            },
            {
               "value" : "Tue, 14 Sep 2021 03:07:17 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "fd8e0a765092d70d012b61df4ef95edf",
         "headermmh3" : 102636189
      },
      "length" : 806
   },
   "asn" : "AS45899",
   "city" : "B\u1eafc Giang",
   "country" : "VN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nVary: Accept-Encoding\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Type: text/html\r\nX-Content-Type-Options: nosniff\r\nDate: Thu, 07 Nov 2024 10:19:13 GMT\r\nETag: 1730700213\r\nContent-Length: 481\r\nX-XSS-Protection: 1; mode=block\r\nLast-Modified: Tue, 14 Sep 2021 03:07:17 GMT\r\nConnection: close\r\nAccept-Ranges: bytes\r\n\r\n\ufeff<!doctype html>\r\n<html>\r\n<head>\r\n\t<title></title>\r\n\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" >\r\n\t<meta http-equiv=\"Pragma\" content=\"no-cache\" />\r\n\t<meta http-equiv=\"Cache-Control\" content=\"no-cache, must-revalidate\" />\r\n\t<meta http-equiv=\"Expires\" content=\"0\" />\r\n</head>\r\n<body>\r\n</body>\r\n<script>\r\n\twindow.location.href = \"./doc/page/login.asp?_\" + (new Date()).getTime();\r\n</script>\r\n</html>",
   "datamd5" : "c03ea71cf5d488ef183005e3486689bd",
   "datammh3" : 734548108,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "vnpt.vn"
   ],
   "geolocus" : {
      "asn" : "AS45899",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "VN",
      "countryname" : "Vietnam",
      "domain" : [
         "vnnic.vn",
         "vnpt.vn"
      ],
      "isineu" : "false",
      "latitude" : "14.058324",
      "location" : "14.058324,108.277199",
      "longitude" : "108.277199",
      "netname" : "VNPT-VN",
      "organization" : "VNPT",
      "subnet" : "14.160.0.0/11"
   },
   "host" : [
      "static"
   ],
   "hostname" : [
      "static.vnpt.vn"
   ],
   "ip" : "14.170.208.201",
   "ipv6" : "false",
   "latitude" : "21.2749",
   "location" : "21.2749,106.1933",
   "longitude" : "106.1933",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "VNPT Corp",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9151,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "static.vnpt.vn"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "14.160.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "vn"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
204.242.252.38

Network
204.242.240.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://204.242.252.38:9151/ 407

ASN
AS6079

Organization
RCN-AS

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5
4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5
917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:19:13.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS6079",
   "city" : "Ashburn",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS6079",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cogentco.com",
         "northerncablefiber.com",
         "rackdog.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NORTHERN-CABLE",
      "organization" : "NORTHERN CABLE AND FIBER, LLC",
      "subnet" : "204.242.224.0/19"
   },
   "ip" : "204.242.252.38",
   "ipv6" : "false",
   "latitude" : "39.0469",
   "location" : "39.0469,-77.4903",
   "longitude" : "-77.4903",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "RCN-AS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9151,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "204.242.240.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
192.142.175.52

Network
192.142.174.0/23

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://192.142.175.52:9151/ 407

ASN
AS212238

Organization
Datacamp Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5
4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5
917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:19:13.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS212238",
   "city" : "Hanoi",
   "country" : "VN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS212238",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "logicweb.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LOGICWEB",
      "organization" : "LOGICWEB",
      "subnet" : "192.142.174.0/23"
   },
   "ip" : "192.142.175.52",
   "ipv6" : "false",
   "latitude" : "21.0292",
   "location" : "21.0292,105.8526",
   "longitude" : "105.8526",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Datacamp Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9151,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "192.142.174.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
118.107.253.7

Network
118.107.248.0/21

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://118.107.253.7:9151/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS132825

Organization
MYTEK TRADING PTY LTD

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
200a1e2110613326e210f0efb0c87609

HTTP Header MD5
c88b3cd80d6cd97ad9f042de5425a2c2

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 03:18:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:18:52.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : -543419858,
         "headermd5" : "c88b3cd80d6cd97ad9f042de5425a2c2",
         "headermmh3" : 623007134,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 408
   },
   "asn" : "AS132825",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:18:52 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "200a1e2110613326e210f0efb0c87609",
   "datammh3" : -1593142602,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS132825",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "cnc-int.com"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "MYTEK-AU",
      "organization" : "Australia",
      "subnet" : "118.107.252.0/22"
   },
   "ip" : "118.107.253.7",
   "ipv6" : "false",
   "latitude" : "22.2578",
   "location" : "22.2578,114.1657",
   "longitude" : "114.1657",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MYTEK TRADING PTY LTD",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9151,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "118.107.248.0/21",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
14.0.53.60

Network
14.0.52.0/22

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://14.0.53.60:9151/ 400

HTTP Title
400 Bad Request

ASN
AS54994

Organization
ML-1432-54994

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a328d5d9b8ce4f87b6681a056ecfc7db

HTTP Header MD5
e467e350bcfee78523741f3925a4ba4f

HTTP Body MD5
139ddfe1012a81859afd2ce6c84d72bf

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 03:18:52 GMT
Content-Type: text/html
Content-Length: 2399
Connection: close
x-ws-request-id: 672c319c_qn135_44217-39663

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 03:18:52 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: qn135
				<br>URL: http://<ip>:9151/
				<br>Request-Id: 672c319c_qn135_44217-39663
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:9151/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:18:52.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "139ddfe1012a81859afd2ce6c84d72bf",
         "bodymmh3" : -55331063,
         "headermd5" : "e467e350bcfee78523741f3925a4ba4f",
         "headermmh3" : -2027330292,
         "title" : "400 Bad Request"
      },
      "length" : 2572
   },
   "asn" : "AS54994",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:18:52 GMT\r\nContent-Type: text/html\r\nContent-Length: 2399\r\nConnection: close\r\nx-ws-request-id: 672c319c_qn135_44217-39663\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 03:18:52 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: qn135\n\t\t\t\t<br>URL: http://<ip>:9151/\n\t\t\t\t<br>Request-Id: 672c319c_qn135_44217-39663\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:9151/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "a328d5d9b8ce4f87b6681a056ecfc7db",
   "datammh3" : 875371783,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS54994",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "cdnetworks.com",
         "nic.or.kr"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "CDNETWORKS",
      "organization" : "CDNetworks",
      "subnet" : "14.0.52.0/22"
   },
   "ip" : "14.0.53.60",
   "ipv6" : "false",
   "latitude" : "37.5112",
   "location" : "37.5112,126.9741",
   "longitude" : "126.9741",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ML-1432-54994",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9151,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "14.0.52.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
46.100.90.116

Network
46.100.80.0/20

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://46.100.90.116:9151/ 302

HTTP Title
Object moved

ASN
AS58224

Organization
Iran Telecommunication Company PJS

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft IIS 10.0

HTTP Component(s)
Microsoft ASP.NET 4.0.30319

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
baa5749ed3dc0cb41a21d3fa51ef183b

HTTP Header MD5
3b64aef1e3899f44dd5f23daa1319520

HTTP Body MD5
b2d3861f7cbeefdb2bdaef8eb1d6a46b

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Pages/Login.aspx
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=qpa0dhbldaeqt5ljrxvletxz; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 04:15:51 GMT
Connection: close
Content-Length: 134

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/Pages/Login.aspx">here</a>.</h2>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:18:52.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b2d3861f7cbeefdb2bdaef8eb1d6a46b",
         "bodymmh3" : 707392779,
         "component" : [
            {
               "product" : "ASP.NET",
               "productversion" : "4.0.30319",
               "productvendor" : "Microsoft"
            }
         ],
         "headermd5" : "3b64aef1e3899f44dd5f23daa1319520",
         "headermmh3" : 455018967,
         "title" : "Object moved"
      },
      "length" : 494
   },
   "asn" : "AS58224",
   "country" : "IR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nLocation: /Pages/Login.aspx\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: ASP.NET_SessionId=qpa0dhbldaeqt5ljrxvletxz; path=/; HttpOnly; SameSite=Lax\r\nX-AspNet-Version: 4.0.30319\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 04:15:51 GMT\r\nConnection: close\r\nContent-Length: 134\r\n\r\n<html><head><title>Object moved</title></head><body>\r\n<h2>Object moved to <a href=\"/Pages/Login.aspx\">here</a>.</h2>\r\n</body></html>\r\n",
   "datamd5" : "baa5749ed3dc0cb41a21d3fa51ef183b",
   "datammh3" : -633685722,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS58224",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IR",
      "countryname" : "Iran",
      "domain" : [
         "tci.ir"
      ],
      "isineu" : "false",
      "latitude" : "32.427908",
      "location" : "32.427908,53.688046",
      "longitude" : "53.688046",
      "netname" : "TCIAZS",
      "organization" : "Telecommunication Company of Azarbayejan Sharghi",
      "subnet" : "46.100.88.0/21"
   },
   "ip" : "46.100.90.116",
   "ipv6" : "false",
   "latitude" : "35.6980",
   "location" : "35.6980,51.4115",
   "longitude" : "51.4115",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Iran Telecommunication Company PJS",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 9151,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "46.100.80.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 111,687 in 0.023 second(s)

118.189.111.85:9151 (tcp/smtp) - last seen on 2024-11-07 at 03:19:47 UTC

154.205.172.7:9151 (tcp/http) - last seen on 2024-11-07 at 03:19:38 UTC

43.251.112.114:9151 (tcp/http) - last seen on 2024-11-07 at 03:19:16 UTC

192.142.174.30:9151 (tcp/http) - last seen on 2024-11-07 at 03:19:15 UTC

14.170.208.201:9151 (tcp/http) - last seen on 2024-11-07 at 03:19:14 UTC

204.242.252.38:9151 (tcp/http) - last seen on 2024-11-07 at 03:19:13 UTC

192.142.175.52:9151 (tcp/http) - last seen on 2024-11-07 at 03:19:13 UTC

118.107.253.7:9151 (tcp/http) - last seen on 2024-11-07 at 03:18:52 UTC

14.0.53.60:9151 (tcp/http) - last seen on 2024-11-07 at 03:18:52 UTC

46.100.90.116:9151 (tcp/http) - last seen on 2024-11-07 at 03:18:52 UTC