ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 51,360 in 0.123 second(s)

  • <access denied by policy>:<access denied by policy> (<access denied by policy>/<access denied by policy>) - last seen on 2024-11-21 at 08:36:19 UTC

    • IP

      <access denied by policy>

      Network

      <access denied by policy>

      Operating System

      <access denied by policy> <access denied by policy> <access denied by policy>

      Reverse DNS

      <access denied by policy>

      ASN

      <access denied by policy>

      Organization

      <access denied by policy>

      Protocol

      <access denied by policy>

      Source

      <access denied by policy>

    • Operating System

      <access denied by policy> <access denied by policy> <access denied by policy>

      Product

      <access denied by policy> <access denied by policy> <access denied by policy>

      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5

      <access denied by policy>

    • <access denied by policy>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:36:19.000Z",
   "app" : "<enterprise field>: app",
   "asn" : "<access denied by policy>",
   "city" : "<access denied by policy>",
   "country" : "<access denied by policy>",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<access denied by policy>",
   "datamd5" : "<access denied by policy>",
   "datammh3" : "<access denied by policy>",
   "device" : "<enterprise field>: device",
   "geolocus" : "<enterprise field>: geolocus",
   "hostname" : "<access denied by policy>",
   "ip" : "<access denied by policy>",
   "ipv6" : "<access denied by policy>",
   "latitude" : "<access denied by policy>",
   "location" : "<access denied by policy>",
   "longitude" : "<access denied by policy>",
   "node" : "<enterprise field>: node",
   "organization" : "<access denied by policy>",
   "os" : "<access denied by policy>",
   "osdistribution" : "<access denied by policy>",
   "osvendor" : "<access denied by policy>",
   "port" : "<access denied by policy>",
   "product" : "<access denied by policy>",
   "productvendor" : "<access denied by policy>",
   "productversion" : "<access denied by policy>",
   "protocol" : "<access denied by policy>",
   "protocolversion" : "<access denied by policy>",
   "reverse" : "<access denied by policy>",
   "seen_date" : "<access denied by policy>",
   "source" : "<access denied by policy>",
   "subnet" : "<access denied by policy>",
   "tag" : "<enterprise field>: tag",
   "tld" : "<access denied by policy>",
   "tls" : "<access denied by policy>",
   "transport" : "<access denied by policy>",
   "url" : "<access denied by policy>"
}

  • 199.203.64.128:37777 (tcp/http) - last seen on 2024-11-21 at 08:36:19 UTC

    • IP
      199.203.64.128
      Network
      199.203.0.0/16
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://199.203.64.128:37777/ 200

      ASN
      AS1680
      Organization
      Cellcom Fixed Line Communication L.P
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a04762f4d1fad796ef2cb81524723c96
      HTTP Header MD5
      d213f521959f4f10fe9b3f06a3b074ee
      HTTP Body MD5
      94c71d977452866d8acf4a884561fe77 
    • HTTP/1.1 200 OK
Content-type: text/html
Content-Length: 1936
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close

<!DOCTYPE html>
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <title></title>
    <link rel="shortcut icon" type="image/x-icon" href="favicon.ico" media="screen" />
</head>
<body>
    <div class="loadingIndicator_bk">
    </div>
    <div class="loadingIndicator_tip">
        <div style="height: 300px;">
        </div>
        <span class="msg_border"><span class="msg"></span></span>
    </div>
    <div id="InitialView" style="background: #fff center url(css/Pictures/initview.gif) no-repeat; width: 100%; height: 100%;"></div>
    <div id="BaseContent">
    </div>
    <!---->
    <div id="topFloatMsg">
        <div id="topFloatMsg_title">
        </div>
        <div id="topFloatMsg_body">
            <div id="topFloatMsg_icon">
            </div>
            <div id="topFloatMsg_content">
            </div>
        </div>
        <div id="topFloatMsg_bottom">
        </div>
    </div>
    <iframe id="topFloatMsg_bk" scrolling="no" frameborder="0" src="about:blank"></iframe>
    <!---->
    <div id="topRollMsg">
        <div id="topRollMsg_title">
            <span lc="html" lk="IDCS_INFO_TIP"></span>
            <div id="topRollMsg_close">
            </div>
        </div>
        <div id="topRollMsg_content">
        </div>
    </div>
    <iframe id="topRollMsg_bk" width="100%" height="100%" scrolling="no" frameborder="0"
        src="about:blank"></iframe>
    <script language="javascript" for="VideoPlugin" event="NotifyResultToJs(strXMLFormat, lStrLen)">
        VideoPluginNotify(strXMLFormat, lStrLen);
    </script>
    <script language="javascript" for="TimeSliderPlugin" event="NotifyResultToJs(strXMLFormat, lStrLen)">
        TimeSliderPluginNotify(strXMLFormat, lStrLen);
    </script>
    <script data-main="js/index.js?v=20230720.01" src="js/lib/require.js" type="text/javascript"></script>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:36:19.000Z",
   "app" : {
      "favicon" : {
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "94c71d977452866d8acf4a884561fe77",
         "bodymmh3" : 1590452328,
         "headermd5" : "d213f521959f4f10fe9b3f06a3b074ee",
         "headermmh3" : -330928921
      },
      "length" : 2116
   },
   "asn" : "AS1680",
   "city" : "Kadima Zoran",
   "country" : "IL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-type: text/html\r\nContent-Length: 1936\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nConnection: close\r\n\r\n<!DOCTYPE html>\r\n<html>\r\n<head>\r\n\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\r\n    <title></title>\r\n    <link rel=\"shortcut icon\" type=\"image/x-icon\" href=\"favicon.ico\" media=\"screen\" />\r\n</head>\r\n<body>\r\n    <div class=\"loadingIndicator_bk\">\r\n    </div>\r\n    <div class=\"loadingIndicator_tip\">\r\n        <div style=\"height: 300px;\">\r\n        </div>\r\n        <span class=\"msg_border\"><span class=\"msg\"></span></span>\r\n    </div>\r\n    <div id=\"InitialView\" style=\"background: #fff center url(css/Pictures/initview.gif) no-repeat; width: 100%; height: 100%;\"></div>\r\n    <div id=\"BaseContent\">\r\n    </div>\r\n    <!---->\r\n    <div id=\"topFloatMsg\">\r\n        <div id=\"topFloatMsg_title\">\r\n        </div>\r\n        <div id=\"topFloatMsg_body\">\r\n            <div id=\"topFloatMsg_icon\">\r\n            </div>\r\n            <div id=\"topFloatMsg_content\">\r\n            </div>\r\n        </div>\r\n        <div id=\"topFloatMsg_bottom\">\r\n        </div>\r\n    </div>\r\n    <iframe id=\"topFloatMsg_bk\" scrolling=\"no\" frameborder=\"0\" src=\"about:blank\"></iframe>\r\n    <!---->\r\n    <div id=\"topRollMsg\">\r\n        <div id=\"topRollMsg_title\">\r\n            <span lc=\"html\" lk=\"IDCS_INFO_TIP\"></span>\r\n            <div id=\"topRollMsg_close\">\r\n            </div>\r\n        </div>\r\n        <div id=\"topRollMsg_content\">\r\n        </div>\r\n    </div>\r\n    <iframe id=\"topRollMsg_bk\" width=\"100%\" height=\"100%\" scrolling=\"no\" frameborder=\"0\"\r\n        src=\"about:blank\"></iframe>\r\n    <script language=\"javascript\" for=\"VideoPlugin\" event=\"NotifyResultToJs(strXMLFormat, lStrLen)\">\r\n        VideoPluginNotify(strXMLFormat, lStrLen);\r\n    </script>\r\n    <script language=\"javascript\" for=\"TimeSliderPlugin\" event=\"NotifyResultToJs(strXMLFormat, lStrLen)\">\r\n        TimeSliderPluginNotify(strXMLFormat, lStrLen);\r\n    </script>\r\n    <script data-main=\"js/index.js?v=20230720.01\" src=\"js/lib/require.js\" type=\"text/javascript\"></script>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "a04762f4d1fad796ef2cb81524723c96",
   "datammh3" : 969029720,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS1680",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IL",
      "countryname" : "Israel",
      "domain" : [
         "cellcom.co.il",
         "nv.net.il"
      ],
      "isineu" : "false",
      "latitude" : "31.046051",
      "location" : "31.046051,34.851612",
      "longitude" : "34.851612",
      "netname" : "IL-NETVISION-19940322",
      "organization" : "Cellcom Fixed Line Communication L.P",
      "subnet" : "199.203.0.0/16"
   },
   "ip" : "199.203.64.128",
   "ipv6" : "false",
   "latitude" : "32.2709",
   "location" : "32.2709,34.9240",
   "longitude" : "34.9240",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Cellcom Fixed Line Communication L.P",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 37777,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "199.203.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 221.128.171.139:37777 (tcp/http) - last seen on 2024-11-21 at 08:35:57 UTC

    • IP
      221.128.171.139
      Network
      221.128.128.0/17
      Domain(s)
      imidc.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://221.128.171.139:37777/ 200

      Reverse DNS
      unknown.imidc.com
      ASN
      AS55933
      Organization
      Cloudie Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      49f8feefe000f3ef7ff88fd39eac2832
      HTTP Header MD5
      9b25fd43ac35a3b878f5988c823bdb9e
      HTTP Body MD5
      d69bf8038dfc888d2fa7461209afc0c1 
    • HTTP/1.1 200 OK
Server: nginx
Date: Thu, 21 Nov 2024 08:35:56 GMT
Content-Type: text/html
Content-Length: 1021
Last-Modified: Tue, 19 Nov 2024 01:10:12 GMT
Connection: close
ETag: "673be574-3fd"
Accept-Ranges: bytes

<!doctype html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="renderer" content="webkit|ie-comp|ie-stand"><meta http-equiv="X-UA-Compatible" content="IE =edge,chrome =1"><meta name="viewport" content="width=device-width,initial-scale=1,user-scalable=no,minimum-scale=1,maximum-scale=1"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title></head><body><script type="text/javascript">window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };
    _MICHAT("cptid", "dcff02fbad18");
    _MICHAT("host", "emfz.music916.com");
    (function (m, d, q, j, s) {
        j = d.createElement(q),s = d.getElementsByTagName(q)[0];
        j.async = true;
        j.charset ="UTF-8";
        j.src = ("https:" == document.location.protocol ? "https://" : "http://") + "emfz.music916.com/Web/js/loader.js";
        s.parentNode.insertBefore(j, s);
    })(window, document, "script");</script></body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:35:57.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d69bf8038dfc888d2fa7461209afc0c1",
         "bodymmh3" : -1502575373,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 19 Nov 2024 01:10:12 GMT"
            },
            {
               "name" : "ETag",
               "value" : "673be574-3fd"
            }
         ],
         "headermd5" : "9b25fd43ac35a3b878f5988c823bdb9e",
         "headermmh3" : -2107956453
      },
      "length" : 1248
   },
   "asn" : "AS55933",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:35:56 GMT\r\nContent-Type: text/html\r\nContent-Length: 1021\r\nLast-Modified: Tue, 19 Nov 2024 01:10:12 GMT\r\nConnection: close\r\nETag: \"673be574-3fd\"\r\nAccept-Ranges: bytes\r\n\r\n<!doctype html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"><meta name=\"renderer\" content=\"webkit|ie-comp|ie-stand\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE =edge,chrome =1\"><meta name=\"viewport\" content=\"width=device-width,initial-scale=1,user-scalable=no,minimum-scale=1,maximum-scale=1\"><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"><title></title></head><body><script type=\"text/javascript\">window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };\r\n    _MICHAT(\"cptid\", \"dcff02fbad18\");\r\n    _MICHAT(\"host\", \"emfz.music916.com\");\r\n    (function (m, d, q, j, s) {\r\n        j = d.createElement(q),s = d.getElementsByTagName(q)[0];\r\n        j.async = true;\r\n        j.charset =\"UTF-8\";\r\n        j.src = (\"https:\" == document.location.protocol ? \"https://\" : \"http://\") + \"emfz.music916.com/Web/js/loader.js\";\r\n        s.parentNode.insertBefore(j, s);\r\n    })(window, document, \"script\");</script></body></html>",
   "datamd5" : "49f8feefe000f3ef7ff88fd39eac2832",
   "datammh3" : -8769080,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "imidc.com"
   ],
   "geolocus" : {
      "asn" : "AS55933",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnnic.cn",
         "fbiinet.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CYNET",
      "organization" : "Beijing Chang Ying Netowrk Service Co.Ltd",
      "subnet" : "221.128.160.0/19"
   },
   "host" : [
      "unknown"
   ],
   "hostname" : [
      "unknown.imidc.com"
   ],
   "ip" : "221.128.171.139",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Cloudie Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 37777,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "unknown.imidc.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "221.128.128.0/17",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 221.128.167.96:37777 (tcp/http) - last seen on 2024-11-21 at 08:35:54 UTC

    • IP
      221.128.167.96
      Network
      221.128.128.0/17
      Domain(s)
      imidc.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://221.128.167.96:37777/ 200

      Reverse DNS
      unknown.imidc.com
      ASN
      AS55933
      Organization
      Cloudie Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a8501d143ee0b529d1442b0764b707be
      HTTP Header MD5
      9b25fd43ac35a3b878f5988c823bdb9e
      HTTP Body MD5
      6d77c15d500012aa2df779634061cb9f 
    • HTTP/1.1 200 OK
Server: nginx
Date: Thu, 21 Nov 2024 08:35:54 GMT
Content-Type: text/html
Content-Length: 1015
Last-Modified: Wed, 20 Nov 2024 05:39:21 GMT
Connection: close
ETag: "673d7609-3f7"
Accept-Ranges: bytes

<!doctype html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="renderer" content="webkit|ie-comp|ie-stand"><meta http-equiv="X-UA-Compatible" content="IE =edge,chrome =1"><meta name="viewport" content="width=device-width,initial-scale=1,user-scalable=no,minimum-scale=1,maximum-scale=1"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title></head><body><script type="text/javascript">window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };
    _MICHAT("cptid", "14b1b6acffc3");
    _MICHAT("host", "emgr.omzrt.com");
    (function (m, d, q, j, s) {
        j = d.createElement(q),s = d.getElementsByTagName(q)[0];
        j.async = true;
        j.charset ="UTF-8";
        j.src = ("https:" == document.location.protocol ? "https://" : "http://") + "emgr.omzrt.com/Web/js/loader.js";
        s.parentNode.insertBefore(j, s);
    })(window, document, "script");</script></body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:35:54.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "6d77c15d500012aa2df779634061cb9f",
         "bodymmh3" : 1706101898,
         "header" : [
            {
               "value" : "Wed, 20 Nov 2024 05:39:21 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "673d7609-3f7",
               "name" : "ETag"
            }
         ],
         "headermd5" : "9b25fd43ac35a3b878f5988c823bdb9e",
         "headermmh3" : 196008646
      },
      "length" : 1242
   },
   "asn" : "AS55933",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:35:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 1015\r\nLast-Modified: Wed, 20 Nov 2024 05:39:21 GMT\r\nConnection: close\r\nETag: \"673d7609-3f7\"\r\nAccept-Ranges: bytes\r\n\r\n<!doctype html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"><meta name=\"renderer\" content=\"webkit|ie-comp|ie-stand\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE =edge,chrome =1\"><meta name=\"viewport\" content=\"width=device-width,initial-scale=1,user-scalable=no,minimum-scale=1,maximum-scale=1\"><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"><title></title></head><body><script type=\"text/javascript\">window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };\r\n    _MICHAT(\"cptid\", \"14b1b6acffc3\");\r\n    _MICHAT(\"host\", \"emgr.omzrt.com\");\r\n    (function (m, d, q, j, s) {\r\n        j = d.createElement(q),s = d.getElementsByTagName(q)[0];\r\n        j.async = true;\r\n        j.charset =\"UTF-8\";\r\n        j.src = (\"https:\" == document.location.protocol ? \"https://\" : \"http://\") + \"emgr.omzrt.com/Web/js/loader.js\";\r\n        s.parentNode.insertBefore(j, s);\r\n    })(window, document, \"script\");</script></body></html>",
   "datamd5" : "a8501d143ee0b529d1442b0764b707be",
   "datammh3" : -67078578,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "imidc.com"
   ],
   "geolocus" : {
      "asn" : "AS55933",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnnic.cn",
         "fbiinet.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CYNET",
      "organization" : "Beijing Chang Ying Netowrk Service Co.Ltd",
      "subnet" : "221.128.160.0/19"
   },
   "host" : [
      "unknown"
   ],
   "hostname" : [
      "unknown.imidc.com"
   ],
   "ip" : "221.128.167.96",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Cloudie Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 37777,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "unknown.imidc.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "221.128.128.0/17",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 45.221.117.54:37777 (tcp/http) - last seen on 2024-11-21 at 08:35:27 UTC

    • IP
      45.221.117.54
      Network
      45.221.116.0/23
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://45.221.117.54:37777/ 200

      ASN
      AS55933
      Organization
      Cloudie Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      b6e4ab9c4524cfd7ea41ddbd0fc4d29d
      HTTP Header MD5
      9b25fd43ac35a3b878f5988c823bdb9e
      HTTP Body MD5
      03b2f8f1218be488c86da0e988926f81 
    • HTTP/1.1 200 OK
Server: nginx
Date: Thu, 21 Nov 2024 08:35:27 GMT
Content-Type: text/html
Content-Length: 1019
Last-Modified: Sat, 16 Nov 2024 08:05:27 GMT
Connection: close
ETag: "67385247-3fb"
Accept-Ranges: bytes

<!doctype html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="renderer" content="webkit|ie-comp|ie-stand"><meta http-equiv="X-UA-Compatible" content="IE =edge,chrome =1"><meta name="viewport" content="width=device-width,initial-scale=1,user-scalable=no,minimum-scale=1,maximum-scale=1"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title></head><body><script type="text/javascript">window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };
    _MICHAT("cptid", "773abbe59d39");
    _MICHAT("host", "emfn.stand02.com");
    (function (m, d, q, j, s) {
        j = d.createElement(q),s = d.getElementsByTagName(q)[0];
        j.async = true;
        j.charset ="UTF-8";
        j.src = ("https:" == document.location.protocol ? "https://" : "http://") + "emfn.stand02.com/Web/js/loader.js";
        s.parentNode.insertBefore(j, s);
    })(window, document, "script");</script></body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:35:27.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "03b2f8f1218be488c86da0e988926f81",
         "bodymmh3" : 1195897387,
         "header" : [
            {
               "value" : "Sat, 16 Nov 2024 08:05:27 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "67385247-3fb",
               "name" : "ETag"
            }
         ],
         "headermd5" : "9b25fd43ac35a3b878f5988c823bdb9e",
         "headermmh3" : 1744146164
      },
      "length" : 1246
   },
   "asn" : "AS55933",
   "country" : "ZA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:35:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 1019\r\nLast-Modified: Sat, 16 Nov 2024 08:05:27 GMT\r\nConnection: close\r\nETag: \"67385247-3fb\"\r\nAccept-Ranges: bytes\r\n\r\n<!doctype html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"><meta name=\"renderer\" content=\"webkit|ie-comp|ie-stand\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE =edge,chrome =1\"><meta name=\"viewport\" content=\"width=device-width,initial-scale=1,user-scalable=no,minimum-scale=1,maximum-scale=1\"><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"><title></title></head><body><script type=\"text/javascript\">window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };\r\n    _MICHAT(\"cptid\", \"773abbe59d39\");\r\n    _MICHAT(\"host\", \"emfn.stand02.com\");\r\n    (function (m, d, q, j, s) {\r\n        j = d.createElement(q),s = d.getElementsByTagName(q)[0];\r\n        j.async = true;\r\n        j.charset =\"UTF-8\";\r\n        j.src = (\"https:\" == document.location.protocol ? \"https://\" : \"http://\") + \"emfn.stand02.com/Web/js/loader.js\";\r\n        s.parentNode.insertBefore(j, s);\r\n    })(window, document, \"script\");</script></body></html>",
   "datamd5" : "b6e4ab9c4524cfd7ea41ddbd0fc4d29d",
   "datammh3" : 2143757542,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS328543",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "ZA",
      "countryname" : "South Africa",
      "domain" : [
         "bluegate-exchange.co.za"
      ],
      "isineu" : "false",
      "latitude" : "-30.559482",
      "location" : "-30.559482,22.937506",
      "longitude" : "22.937506",
      "netname" : "SUN-NETWORK-COMPANY-LIMITED",
      "organization" : "route object 45.221.112.0/24",
      "subnet" : "45.221.112.0/20"
   },
   "ip" : "45.221.117.54",
   "ipv6" : "false",
   "latitude" : "-28.9984",
   "location" : "-28.9984,23.9888",
   "longitude" : "23.9888",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Cloudie Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 37777,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "45.221.116.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 103.212.186.253:37777 (tcp/http) - last seen on 2024-11-21 at 08:35:23 UTC

    • IP
      103.212.186.253
      Network
      103.212.186.0/23
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://103.212.186.253:37777/ 200

      ASN
      AS55933
      Organization
      Cloudie Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      9ecf0d37d320ff9c3752653322135b77
      HTTP Header MD5
      9b25fd43ac35a3b878f5988c823bdb9e
      HTTP Body MD5
      3b41834700914e49c9dd831183923bc0 
    • HTTP/1.1 200 OK
Server: nginx
Date: Thu, 21 Nov 2024 08:35:23 GMT
Content-Type: text/html
Content-Length: 1019
Last-Modified: Tue, 12 Nov 2024 05:15:02 GMT
Connection: close
ETag: "6732e456-3fb"
Accept-Ranges: bytes

<!doctype html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="renderer" content="webkit|ie-comp|ie-stand"><meta http-equiv="X-UA-Compatible" content="IE =edge,chrome =1"><meta name="viewport" content="width=device-width,initial-scale=1,user-scalable=no,minimum-scale=1,maximum-scale=1"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title></head><body><script type="text/javascript">window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };
    _MICHAT("cptid", "89a3cdee6f6b");
    _MICHAT("host", "emcr.dfxgidi.com");
    (function (m, d, q, j, s) {
        j = d.createElement(q),s = d.getElementsByTagName(q)[0];
        j.async = true;
        j.charset ="UTF-8";
        j.src = ("https:" == document.location.protocol ? "https://" : "http://") + "emcr.dfxgidi.com/Web/js/loader.js";
        s.parentNode.insertBefore(j, s);
    })(window, document, "script");</script></body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:35:23.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "3b41834700914e49c9dd831183923bc0",
         "bodymmh3" : 430500537,
         "header" : [
            {
               "value" : "Tue, 12 Nov 2024 05:15:02 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "6732e456-3fb",
               "name" : "ETag"
            }
         ],
         "headermd5" : "9b25fd43ac35a3b878f5988c823bdb9e",
         "headermmh3" : 1864645909
      },
      "length" : 1246
   },
   "asn" : "AS55933",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:35:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 1019\r\nLast-Modified: Tue, 12 Nov 2024 05:15:02 GMT\r\nConnection: close\r\nETag: \"6732e456-3fb\"\r\nAccept-Ranges: bytes\r\n\r\n<!doctype html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"><meta name=\"renderer\" content=\"webkit|ie-comp|ie-stand\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE =edge,chrome =1\"><meta name=\"viewport\" content=\"width=device-width,initial-scale=1,user-scalable=no,minimum-scale=1,maximum-scale=1\"><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"><title></title></head><body><script type=\"text/javascript\">window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };\r\n    _MICHAT(\"cptid\", \"89a3cdee6f6b\");\r\n    _MICHAT(\"host\", \"emcr.dfxgidi.com\");\r\n    (function (m, d, q, j, s) {\r\n        j = d.createElement(q),s = d.getElementsByTagName(q)[0];\r\n        j.async = true;\r\n        j.charset =\"UTF-8\";\r\n        j.src = (\"https:\" == document.location.protocol ? \"https://\" : \"http://\") + \"emcr.dfxgidi.com/Web/js/loader.js\";\r\n        s.parentNode.insertBefore(j, s);\r\n    })(window, document, \"script\");</script></body></html>",
   "datamd5" : "9ecf0d37d320ff9c3752653322135b77",
   "datammh3" : -1242745106,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS55933",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "ampus.hk"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "AMPUSLTD-HK",
      "organization" : "Ampus Limited",
      "subnet" : "103.212.186.0/23"
   },
   "ip" : "103.212.186.253",
   "ipv6" : "false",
   "latitude" : "22.2578",
   "location" : "22.2578,114.1657",
   "longitude" : "114.1657",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Cloudie Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 37777,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "103.212.186.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 103.106.160.35:37777 (tcp/http) - last seen on 2024-11-21 at 08:35:20 UTC

    • IP
      103.106.160.35
      Network
      103.106.160.0/22
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://103.106.160.35:37777/ 200

      ASN
      AS40065
      Organization
      CNSERVERS
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      1b5ea9181bb34125b974304e52dc13e0
      HTTP Header MD5
      db929ee95f62f99728d840d6c0c11e00
      HTTP Body MD5
      1dceb1e7ff2c1ad413b1c65aaf73a27e 
    • HTTP/1.1 200 OK
Server: nginx
Date: Thu, 21 Nov 2024 08:35:19 GMT
Content-Type: text/html
Content-Length: 1101
Last-Modified: Fri, 08 Nov 2024 06:16:15 GMT
Connection: close
Vary: Accept-Encoding
ETag: "672dacaf-44d"
Accept-Ranges: bytes

<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="renderer" content="webkit|ie-comp|ie-stand">
    <meta http-equiv="X-UA-Compatible" content="IE =edge,chrome =1" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0">
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title></title>
</head>
<body>
    <script type="text/javascript">
    window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };
    _MICHAT("cptid", "957f30599e75");
    _MICHAT("host", "emca.dtlgpj.cn");
    (function (m, d, q, j, s) {
        j = d.createElement(q),s = d.getElementsByTagName(q)[0];
        j.async = true;
        j.charset ="UTF-8";
        j.src = ("https:" == document.location.protocol ? "https://" : "http://") + "emca.dtlgpj.cn/Web/js/loader.js";
        s.parentNode.insertBefore(j, s);
    })(window, document, "script");
    </script>
    </body >
  </html >
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:35:20.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "1dceb1e7ff2c1ad413b1c65aaf73a27e",
         "bodymmh3" : 900372658,
         "header" : [
            {
               "value" : "Fri, 08 Nov 2024 06:16:15 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "672dacaf-44d"
            }
         ],
         "headermd5" : "db929ee95f62f99728d840d6c0c11e00",
         "headermmh3" : -806359050
      },
      "length" : 1351
   },
   "asn" : "AS40065",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:35:19 GMT\r\nContent-Type: text/html\r\nContent-Length: 1101\r\nLast-Modified: Fri, 08 Nov 2024 06:16:15 GMT\r\nConnection: close\r\nVary: Accept-Encoding\r\nETag: \"672dacaf-44d\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n    <meta charset=\"utf-8\">\r\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\r\n    <meta name=\"renderer\" content=\"webkit|ie-comp|ie-stand\">\r\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE =edge,chrome =1\" />\r\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0\">\r\n    <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n    <title></title>\n</head>\n<body>\n    <script type=\"text/javascript\">\r\n    window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };\r\n    _MICHAT(\"cptid\", \"957f30599e75\");\r\n    _MICHAT(\"host\", \"emca.dtlgpj.cn\");\r\n    (function (m, d, q, j, s) {\r\n        j = d.createElement(q),s = d.getElementsByTagName(q)[0];\r\n        j.async = true;\r\n        j.charset =\"UTF-8\";\r\n        j.src = (\"https:\" == document.location.protocol ? \"https://\" : \"http://\") + \"emca.dtlgpj.cn/Web/js/loader.js\";\r\n        s.parentNode.insertBefore(j, s);\r\n    })(window, document, \"script\");\r\n    </script>\n    </body >\n  </html >",
   "datamd5" : "1b5ea9181bb34125b974304e52dc13e0",
   "datammh3" : -1117341561,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS40065",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "SG",
      "countryname" : "Singapore",
      "domain" : [
         "cloudie.hk"
      ],
      "isineu" : "false",
      "latitude" : "1.352083",
      "location" : "1.352083,103.819836",
      "longitude" : "103.819836",
      "netname" : "Ybnetwork",
      "organization" : "Rainbow Network Limited",
      "subnet" : "103.106.160.0/22"
   },
   "ip" : "103.106.160.35",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CNSERVERS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 37777,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "103.106.160.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 75.80.78.242:37777 (tcp/http) - last seen on 2024-11-21 at 08:34:58 UTC

    • IP
      75.80.78.242
      Network
      75.80.64.0/19
      Domain(s)
      spectrum.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://75.80.78.242:37777/ 400

      HTTP Title
      ERROR: The requested URL could not be retrieved
      Reverse DNS
      syn-075-080-078-242.biz.spectrum.com
      ASN
      AS20001
      Organization
      TWC-20001-PACWEST
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      squid-cache Squid
      HTTP Component(s)
      squid-cache Squid
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d8c89609170c7a7d9fd14497dd4af94e
      HTTP Header MD5
      a1f5ec1bb269c5d965c6d8207917b251
      HTTP Body MD5
      1e827e1be8352fea6d8322fe1a1488c4 
    • HTTP/1.1 400 Bad Request
Server: squid
Mime-Version: 1.0
Date: Thu, 21 Nov 2024 08:34:58 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 1718
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from TB28
Via: 1.1 TB28 (squid)
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta type="copyright" content="Copyright (C) 1996-2021 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!-- 
 

body
:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }
:lang(he) { direction: rtl; }
 --></style>
</head><body id=ERR_INVALID_URL>
<div id="titles">
<h1>ERROR</h1>
<h2>The requested URL could not be retrieved</h2>
</div>
<hr>

<div id="content">
<p>The following error was encountered while trying to retrieve the URL: <a href="/">/</a></p>

<blockquote id="error">
<p><b>Invalid URL</b></p>
</blockquote>

<p>Some aspect of the requested URL is incorrect.</p>

<p>Some possible problems are:</p>
<ul>
<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>
<li><p>Missing hostname</p></li>
<li><p>Illegal double-escape in the URL-Path</p></li>
<li><p>Illegal character in hostname; underscores are not allowed.</p></li>
</ul>

<p>Your cache administrator is <a href="mailto:webmaster@mydomain.com?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20TB28%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Thu,%2021%20Nov%202024%2008%3A34%3A58%20GMT%0D%0A%0D%0AClientIP%3A%20<srcip>%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A">webmaster@mydomain.com</a>.</p>
<br>
</div>

<hr>
<div id="footer">
<p>Generated Thu, 21 Nov 2024 08:34:58 GMT by TB28 (squid)</p>
<!-- ERR_INVALID_URL -->
</div>
</body></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:34:58.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "1e827e1be8352fea6d8322fe1a1488c4",
         "bodymmh3" : -1681508269,
         "component" : [
            {
               "productvendor" : "squid-cache",
               "product" : "Squid"
            }
         ],
         "headermd5" : "a1f5ec1bb269c5d965c6d8207917b251",
         "headermmh3" : 1390436883,
         "title" : "ERROR: The requested URL could not be retrieved"
      },
      "length" : 2017
   },
   "asn" : "AS20001",
   "city" : "Kapolei",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: squid\r\nMime-Version: 1.0\r\nDate: Thu, 21 Nov 2024 08:34:58 GMT\r\nContent-Type: text/html;charset=utf-8\r\nContent-Length: 1718\r\nX-Squid-Error: ERR_INVALID_URL 0\r\nVary: Accept-Language\r\nContent-Language: en\r\nX-Cache: MISS from TB28\r\nVia: 1.1 TB28 (squid)\r\nConnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html><head>\n<meta type=\"copyright\" content=\"Copyright (C) 1996-2021 The Squid Software Foundation and contributors\">\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>ERROR: The requested URL could not be retrieved</title>\n<style type=\"text/css\"><!-- \n \n\nbody\n:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }\n:lang(he) { direction: rtl; }\n --></style>\n</head><body id=ERR_INVALID_URL>\n<div id=\"titles\">\n<h1>ERROR</h1>\n<h2>The requested URL could not be retrieved</h2>\n</div>\n<hr>\n\n<div id=\"content\">\n<p>The following error was encountered while trying to retrieve the URL: <a href=\"/\">/</a></p>\n\n<blockquote id=\"error\">\n<p><b>Invalid URL</b></p>\n</blockquote>\n\n<p>Some aspect of the requested URL is incorrect.</p>\n\n<p>Some possible problems are:</p>\n<ul>\n<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>\n<li><p>Missing hostname</p></li>\n<li><p>Illegal double-escape in the URL-Path</p></li>\n<li><p>Illegal character in hostname; underscores are not allowed.</p></li>\n</ul>\n\n<p>Your cache administrator is <a href=\"mailto:webmaster@mydomain.com?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20TB28%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Thu,%2021%20Nov%202024%2008%3A34%3A58%20GMT%0D%0A%0D%0AClientIP%3A%20<srcip>%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A\">webmaster@mydomain.com</a>.</p>\n<br>\n</div>\n\n<hr>\n<div id=\"footer\">\n<p>Generated Thu, 21 Nov 2024 08:34:58 GMT by TB28 (squid)</p>\n<!-- ERR_INVALID_URL -->\n</div>\n</body></html>\n",
   "datamd5" : "d8c89609170c7a7d9fd14497dd4af94e",
   "datammh3" : -1201414564,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "spectrum.com"
   ],
   "geolocus" : {
      "asn" : "AS20001",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "charter.com",
         "charter.net",
         "spectrum.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "RRWE",
      "organization" : "Charter Communications Inc",
      "subnet" : "75.80.0.0/16"
   },
   "host" : [
      "syn-075-080-078-242"
   ],
   "hostname" : [
      "syn-075-080-078-242.biz.spectrum.com"
   ],
   "ip" : "75.80.78.242",
   "ipv6" : "false",
   "latitude" : "21.3454",
   "location" : "21.3454,-158.0842",
   "longitude" : "-158.0842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TWC-20001-PACWEST",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 37777,
   "product" : "Squid",
   "productvendor" : "squid-cache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "syn-075-080-078-242.biz.spectrum.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "biz.spectrum.com"
   ],
   "subnet" : "75.80.64.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 135.148.90.231:37777 (tcp/http) - last seen on 2024-11-21 at 08:34:55 UTC

    • IP
      135.148.90.231
      Network
      135.148.64.0/18
      Domain(s)
      ip-135-148-90.us
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://135.148.90.231:37777/ 200

      Reverse DNS
      ip231.ip-135-148-90.us
      ASN
      AS16276
      Organization
      OVH SAS
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx 1.24.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0a27c525895b4e6ba6e3f96b5d83c063
      HTTP Header MD5
      015b9a4f802a4b37bd2deffe0fc86295
      HTTP Body MD5
      2a8b386871b3ee79bbda2e198bd465c3 
    • HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Thu, 21 Nov 2024 08:34:55 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: close

3
OK

0


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:34:55.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2a8b386871b3ee79bbda2e198bd465c3",
         "bodymmh3" : -779443654,
         "headermd5" : "015b9a4f802a4b37bd2deffe0fc86295",
         "headermmh3" : 896928947
      },
      "length" : 164
   },
   "asn" : "AS16276",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 21 Nov 2024 08:34:55 GMT\r\nContent-Type: text/plain\r\nTransfer-Encoding: chunked\r\nConnection: close\r\n\r\n3\r\nOK\n\r\n0\r\n\r\n",
   "datamd5" : "0a27c525895b4e6ba6e3f96b5d83c063",
   "datammh3" : 492492387,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ip-135-148-90.us"
   ],
   "geolocus" : {
      "asn" : "AS16276",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "ip-135-148-0.us",
         "ovh.net",
         "ovh.us"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "OVH-CUST-438705",
      "organization" : "OVH US LLC",
      "subnet" : "135.148.0.0/17"
   },
   "host" : [
      "ip231"
   ],
   "hostname" : [
      "ip231.ip-135-148-90.us"
   ],
   "ip" : "135.148.90.231",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "OVH SAS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 37777,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.24.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ip231.ip-135-148-90.us"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "135.148.64.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "us"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 18.171.247.159:37777 (tcp/http) - last seen on 2024-11-21 at 08:34:32 UTC

    • IP
      18.171.247.159
      Network
      18.168.0.0/14
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://18.171.247.159:37777/ 301

      Reverse DNS
      ec2-18-171-247-159.eu-west-2.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      HTTP Component(s)
      Atlassian Confluence Oracle Java
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      b487871ae8c78b5acdac57b0ca3a4ac2
      HTTP Header MD5
      4f3a403c55200c36cd7b19c82083b591
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Date: Thu, 21 Nov 2024 08:34:32 GMT
Server: nginx
X-Confluence-Request-Time: 1732178072
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=nnpapo5bcq4irlqaamfphxwonzn8kur5; Path=/; Secure; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=63072000
Location: ./login.action
Content-Length: 0


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:34:32.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "product" : "Confluence",
               "productvendor" : "Atlassian"
            },
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            }
         ],
         "headermd5" : "4f3a403c55200c36cd7b19c82083b591",
         "headermmh3" : 848209645
      },
      "length" : 587
   },
   "asn" : "AS16509",
   "city" : "London",
   "country" : "GB",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nConnection: keep-alive\r\nDate: Thu, 21 Nov 2024 08:34:32 GMT\r\nServer: nginx\r\nX-Confluence-Request-Time: 1732178072\r\nContent-Type: text/html;charset=UTF-8\r\nCache-Control: no-cache, must-revalidate\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nSet-Cookie: JSESSIONID=nnpapo5bcq4irlqaamfphxwonzn8kur5; Path=/; Secure; HttpOnly\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'\r\nStrict-Transport-Security: max-age=63072000\r\nLocation: ./login.action\r\nContent-Length: 0\r\n\r\n",
   "datamd5" : "b487871ae8c78b5acdac57b0ca3a4ac2",
   "datammh3" : -1460277453,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "GB",
      "countryname" : "United Kingdom",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "55.378051",
      "location" : "55.378051,-3.435973",
      "longitude" : "-3.435973",
      "netname" : "AMAZON-LHR",
      "organization" : "Amazon Data Services UK",
      "subnet" : "18.168.0.0/14"
   },
   "host" : [
      "ec2-18-171-247-159"
   ],
   "hostname" : [
      "ec2-18-171-247-159.eu-west-2.compute.amazonaws.com"
   ],
   "ip" : "18.171.247.159",
   "ipv6" : "false",
   "latitude" : "51.5088",
   "location" : "51.5088,-0.0930",
   "longitude" : "-0.0930",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 37777,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "reverse" : [
      "ec2-18-171-247-159.eu-west-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 301,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-west-2.compute.amazonaws.com"
   ],
   "subnet" : "18.168.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}