Cyber Defense Search Engine

IP
221.178.82.71

Network
221.178.0.0/17

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://221.178.82.71:8099/ 403

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1ebf7a56ef2489c96b886531e1b21553

HTTP Header MD5
7d14cc0f46428a44b1ab6ceaa0cd3827

HTTP Body MD5
e487c2463d50fe6ec7df945cc31c468b

HTTP/1.1 403 Forbidden
Server: volc-dcdn
Date: Thu, 21 Nov 2024 10:23:01 GMT
Content-Type: application/octet-stream
Content-Length: 30
Connection: close
via: n221-178-082-022.bdcdn-cqcm06.ToB
x-request-ip: <srcip>
x-tt-trace-tag: id=5
x-dsa-trace-id: 173218458190418809e501b599d500f223161c51c5
X-Dsa-Origin-Status: -

<redacted>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:23:01.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "e487c2463d50fe6ec7df945cc31c468b",
         "bodymmh3" : -1530396008,
         "headermd5" : "7d14cc0f46428a44b1ab6ceaa0cd3827",
         "headermmh3" : 1072009355
      },
      "length" : 351
   },
   "asn" : "AS9808",
   "city" : "Zhuhai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nServer: volc-dcdn\r\nDate: Thu, 21 Nov 2024 10:23:01 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 30\r\nConnection: close\r\nvia: n221-178-082-022.bdcdn-cqcm06.ToB\r\nx-request-ip: <srcip>\r\nx-tt-trace-tag: id=5\r\nx-dsa-trace-id: 173218458190418809e501b599d500f223161c51c5\r\nX-Dsa-Origin-Status: -\n\n<redacted>",
   "datamd5" : "1ebf7a56ef2489c96b886531e1b21553",
   "datammh3" : 2110552475,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "221.178.0.0/17"
   },
   "ip" : "221.178.82.71",
   "ipv6" : "false",
   "latitude" : "22.2767",
   "location" : "22.2767,113.5788",
   "longitude" : "113.5788",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8099,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 403,
   "subnet" : "221.178.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
120.201.49.38

Network
120.201.32.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://120.201.49.38:8099/ 403

HTTP Title
403 Forbidden

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
00903f39ce760aa4a0283695ae551b55

HTTP Header MD5
845a67741ca7c7ed0fc2c97227af8da8

HTTP Body MD5
57ede614e9fec033fab1a90ec92a11ad

HTTP/1.1 403 Forbidden
Server: openresty
Date: Thu, 21 Nov 2024 10:22:34 GMT
Content-Type: text/html
Connection: close
Content-Length: 317
via: CHN-LNshenyang-SSPM1-CACHE37[0]
X-CCDN-FORBID-CODE: 040001

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>openresty</center>
<p>Date: 2024/11/21 18:22:34</p>
<p>Node_info: 4425-CACHE37</p>
<p>Request_id: -</p>
<p>Client_ip: <srcip></p>
<p>Forbid_code: 040001</p>
<p>Hit-status: MISS</p>

</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:22:34.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "57ede614e9fec033fab1a90ec92a11ad",
         "bodymmh3" : 1716008587,
         "headermd5" : "845a67741ca7c7ed0fc2c97227af8da8",
         "headermmh3" : -322918173,
         "title" : "403 Forbidden"
      },
      "length" : 525
   },
   "asn" : "AS9808",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nServer: openresty\r\nDate: Thu, 21 Nov 2024 10:22:34 GMT\r\nContent-Type: text/html\r\nConnection: close\r\nContent-Length: 317\r\nvia: CHN-LNshenyang-SSPM1-CACHE37[0]\r\nX-CCDN-FORBID-CODE: 040001\r\n\r\n<html>\n<head><title>403 Forbidden</title></head>\n<body>\n<center><h1>403 Forbidden</h1></center>\n<hr><center>openresty</center>\n<p>Date: 2024/11/21 18:22:34</p>\r\n<p>Node_info: 4425-CACHE37</p>\r\n<p>Request_id: -</p>\r\n<p>Client_ip: <srcip></p>\r\n<p>Forbid_code: 040001</p>\r\n<p>Hit-status: MISS</p>\r\n\n</body>\n</html>\n",
   "datamd5" : "00903f39ce760aa4a0283695ae551b55",
   "datammh3" : -1136026384,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "120.201.48.0/20"
   },
   "ip" : "120.201.49.38",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8099,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 403,
   "subnet" : "120.201.32.0/19",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
111.48.231.12

Network
111.48.0.0/14

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://111.48.231.12:8099/ 400

HTTP Title
400 Bad Request

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
6019465539ee2a3fc772d9b540369fa0

HTTP Header MD5
acd64aef0aafba912c941074634d53a4

HTTP Body MD5
c9d8964f3a31d83a305982db91422f8d

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 10:22:19 GMT
Content-Type: text/html
Content-Length: 2423
Connection: close
x-ws-request-id: 673f09db_PS-WUH-01Mn571_18420-8115

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 21 Nov 2024 10:22:19 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-WUH-01Mn571
				<br>URL: http://<ip>:8099/
				<br>Request-Id: 673f09db_PS-WUH-01Mn571_18420-8115
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:8099/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:22:20.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "c9d8964f3a31d83a305982db91422f8d",
         "bodymmh3" : -508639323,
         "headermd5" : "acd64aef0aafba912c941074634d53a4",
         "headermmh3" : 1968918871,
         "title" : "400 Bad Request"
      },
      "length" : 2597
   },
   "asn" : "AS9808",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 10:22:19 GMT\r\nContent-Type: text/html\r\nContent-Length: 2423\r\nConnection: close\r\nx-ws-request-id: 673f09db_PS-WUH-01Mn571_18420-8115\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 21 Nov 2024 10:22:19 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-WUH-01Mn571\n\t\t\t\t<br>URL: http://<ip>:8099/\n\t\t\t\t<br>Request-Id: 673f09db_PS-WUH-01Mn571_18420-8115\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:8099/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "6019465539ee2a3fc772d9b540369fa0",
   "datammh3" : -615252031,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "111.48.0.0/14"
   },
   "ip" : "111.48.231.12",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8099,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "111.48.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
223.75.76.206

Network
223.75.0.0/16

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
unknown

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
bca5bbe9fd2fdb94963c5d303418cb87
```
\x15\x03\x01\x00\x02\x02
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:21:30.000Z",
   "app" : {
      "length" : 7
   },
   "asn" : "AS9808",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\\x15\\x03\\x01\\x00\\x02\\x02\n",
   "datamd5" : "bca5bbe9fd2fdb94963c5d303418cb87",
   "datammh3" : 1602334322,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "223.75.0.0/16"
   },
   "ip" : "223.75.76.206",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 8099,
   "protocol" : "unknown",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "223.75.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
111.7.93.9

Network
111.7.64.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://111.7.93.9:8099/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b6dc27ca2cba2c9bf1ba1b66681433dd

HTTP Header MD5
0d850a9f1c1eeb9861d677c978c199ba

HTTP Body MD5
b918f8b3770dc1158b467b0dd192e59e

HTTP/1.1 400 Bad Request
Server: openresty
Date: Thu, 21 Nov 2024 10:21:06 GMT
Content-Type: text/html
Content-Length: 252
Connection: close
Request-Id: 5d09673f09926f076f51741935228c24

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>openresty</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:21:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b918f8b3770dc1158b467b0dd192e59e",
         "bodymmh3" : 1280153115,
         "headermd5" : "0d850a9f1c1eeb9861d677c978c199ba",
         "headermmh3" : -1509918287,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 447
   },
   "asn" : "AS9808",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: openresty\r\nDate: Thu, 21 Nov 2024 10:21:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 252\r\nConnection: close\r\nRequest-Id: 5d09673f09926f076f51741935228c24\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "b6dc27ca2cba2c9bf1ba1b66681433dd",
   "datammh3" : 1132630189,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "111.7.64.0/19"
   },
   "ip" : "111.7.93.9",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8099,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "111.7.64.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
112.48.137.70

Network
112.48.0.0/14

Device

<enterprise field>: device.class

URL

http://112.48.137.70:8099/ 400

HTTP Title
400 Bad Request

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
6fa54eaf363266676c15c54b36bd87d3

HTTP Header MD5
8fc839858a8a1b669b7d1508fdc4107c

HTTP Body MD5
235426ae94abc06ee4640774a9bb734a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 10:13:31 GMT
Content-Type: text/html
Content-Length: 2421
Connection: close
x-ws-request-id: 673f07cb_PS-XMN-01Jjm21_5925-61271

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 21 Nov 2024 10:13:31 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-XMN-01Jjm21
				<br>URL: http://<ip>:8099/
				<br>Request-Id: 673f07cb_PS-XMN-01Jjm21_5925-61271
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:8099/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:13:31.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "235426ae94abc06ee4640774a9bb734a",
         "bodymmh3" : -355173229,
         "headermd5" : "8fc839858a8a1b669b7d1508fdc4107c",
         "headermmh3" : 1909950699,
         "title" : "400 Bad Request"
      },
      "length" : 2597
   },
   "asn" : "AS9808",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 10:13:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 2421\r\nConnection: close\r\nx-ws-request-id: 673f07cb_PS-XMN-01Jjm21_5925-61271\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 21 Nov 2024 10:13:31 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-XMN-01Jjm21\n\t\t\t\t<br>URL: http://<ip>:8099/\n\t\t\t\t<br>Request-Id: 673f07cb_PS-XMN-01Jjm21_5925-61271\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:8099/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "6fa54eaf363266676c15c54b36bd87d3",
   "datammh3" : -1221328083,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile Communications Corporation",
      "subnet" : "112.48.128.0/17"
   },
   "ip" : "112.48.137.70",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "port" : 8099,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "112.48.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
39.137.10.3

Network
39.137.10.0/23

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://39.137.10.3:8099/ 403

HTTP Title
403 Forbidden

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
368388b00d34a5da7a2ebd2b2d54f53e

HTTP Header MD5
2290432dd907f1f1853d979f23450f7b

HTTP Body MD5
ff5b472ff3dfab4781dbed501b06bdf9

HTTP/1.1 403 Forbidden
Server: openresty
Date: Thu, 21 Nov 2024 10:13:00 GMT
Content-Type: text/html
Connection: close
Content-Length: 317
via: CHN-SNxian-CMCCZJ2-CACHE2[0]
X-CCDN-FORBID-CODE: 040001

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>openresty</center>
<p>Date: 2024/11/21 18:13:00</p>
<p>Node_info: 3380-CACHE2</p>
<p>Request_id: -</p>
<p>Client_ip: <srcip></p>
<p>Forbid_code: 040001</p>
<p>Hit-status: MISS</p>

</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:13:01.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ff5b472ff3dfab4781dbed501b06bdf9",
         "bodymmh3" : 1851771797,
         "headermd5" : "2290432dd907f1f1853d979f23450f7b",
         "headermmh3" : 359621751,
         "title" : "403 Forbidden"
      },
      "length" : 521
   },
   "asn" : "AS9808",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nServer: openresty\r\nDate: Thu, 21 Nov 2024 10:13:00 GMT\r\nContent-Type: text/html\r\nConnection: close\r\nContent-Length: 317\r\nvia: CHN-SNxian-CMCCZJ2-CACHE2[0]\r\nX-CCDN-FORBID-CODE: 040001\r\n\r\n<html>\n<head><title>403 Forbidden</title></head>\n<body>\n<center><h1>403 Forbidden</h1></center>\n<hr><center>openresty</center>\n<p>Date: 2024/11/21 18:13:00</p>\r\n<p>Node_info: 3380-CACHE2</p>\r\n<p>Request_id: -</p>\r\n<p>Client_ip: <srcip></p>\r\n<p>Forbid_code: 040001</p>\r\n<p>Hit-status: MISS</p>\r\n\n</body>\n</html>\n",
   "datamd5" : "368388b00d34a5da7a2ebd2b2d54f53e",
   "datammh3" : 1759405285,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "39.137.10.0/23"
   },
   "ip" : "39.137.10.3",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8099,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 403,
   "subnet" : "39.137.10.0/23",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
39.136.233.173

Network
39.136.232.0/23

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://39.136.233.173:8099/ 403

HTTP Title
403 Forbidden

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5a0796aa5fe977bc385c686cfe3c1f86

HTTP Header MD5
048f5e02eddec97a06ba0d8c4813c84b

HTTP Body MD5
e41a659189d54dbede4fecb72de7a9b2

HTTP/1.1 403 Forbidden
Server: openresty
Date: Thu, 21 Nov 2024 10:12:25 GMT
Content-Type: text/html
Connection: close
Content-Length: 317
via: CHN-AHhuainan-CMCCZJ5-CACHE44[0]
X-CCDN-FORBID-CODE: 040001

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>openresty</center>
<p>Date: 2024/11/21 18:12:25</p>
<p>Node_info: 3448-CACHE44</p>
<p>Request_id: -</p>
<p>Client_ip: <srcip></p>
<p>Forbid_code: 040001</p>
<p>Hit-status: MISS</p>

</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:12:25.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "e41a659189d54dbede4fecb72de7a9b2",
         "bodymmh3" : 1447480596,
         "headermd5" : "048f5e02eddec97a06ba0d8c4813c84b",
         "headermmh3" : -1762259317,
         "title" : "403 Forbidden"
      },
      "length" : 526
   },
   "asn" : "AS9808",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nServer: openresty\r\nDate: Thu, 21 Nov 2024 10:12:25 GMT\r\nContent-Type: text/html\r\nConnection: close\r\nContent-Length: 317\r\nvia: CHN-AHhuainan-CMCCZJ5-CACHE44[0]\r\nX-CCDN-FORBID-CODE: 040001\r\n\r\n<html>\n<head><title>403 Forbidden</title></head>\n<body>\n<center><h1>403 Forbidden</h1></center>\n<hr><center>openresty</center>\n<p>Date: 2024/11/21 18:12:25</p>\r\n<p>Node_info: 3448-CACHE44</p>\r\n<p>Request_id: -</p>\r\n<p>Client_ip: <srcip></p>\r\n<p>Forbid_code: 040001</p>\r\n<p>Hit-status: MISS</p>\r\n\n</body>\n</html>\n",
   "datamd5" : "5a0796aa5fe977bc385c686cfe3c1f86",
   "datammh3" : 483215108,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "39.136.232.0/23"
   },
   "ip" : "39.136.233.173",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8099,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 403,
   "subnet" : "39.136.232.0/23",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
120.209.101.67

Network
120.209.0.0/16

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://120.209.101.67:8099/ 403

HTTP Title
403 Forbidden

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
534fb3d83a1036f296568e14e14be92c

HTTP Header MD5
6bae047b6b99cdd594d7fe1cc706b774

HTTP Body MD5
49fb23dbce426d0dd05f08616b3c9aa8

HTTP/1.1 403 Forbidden
Server: kngx/1.10.2
Date: Thu, 21 Nov 2024 10:12:07 GMT
Content-Type: text/html
Content-Length: 168
Connection: close
KS-Deny-Reason: 302rechange-get_uri_and_host-error
x-link-via: tluv03:8099;

<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>kngx/1.10.2</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:12:08.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "49fb23dbce426d0dd05f08616b3c9aa8",
         "bodymmh3" : 2018066217,
         "headermd5" : "6bae047b6b99cdd594d7fe1cc706b774",
         "headermmh3" : -98342397,
         "title" : "403 Forbidden"
      },
      "length" : 395
   },
   "asn" : "AS9808",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nServer: kngx/1.10.2\r\nDate: Thu, 21 Nov 2024 10:12:07 GMT\r\nContent-Type: text/html\r\nContent-Length: 168\r\nConnection: close\r\nKS-Deny-Reason: 302rechange-get_uri_and_host-error\r\nx-link-via: tluv03:8099;\r\n\r\n<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>kngx/1.10.2</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "534fb3d83a1036f296568e14e14be92c",
   "datammh3" : -1856249723,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "120.209.0.0/16"
   },
   "ip" : "120.209.101.67",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8099,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 403,
   "subnet" : "120.209.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
120.233.179.41

Network
120.233.160.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://120.233.179.41:8099/ 403

HTTP Title
403 Forbidden

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
6c203fe8a960cd288e8b1875b53b64a5

HTTP Header MD5
b87163103da6492565fe026ee9a8de07

HTTP Body MD5
d5530c41f4d9155ace26e3f39f0c1cb4

HTTP/1.1 403 Forbidden
Server: openresty
Date: Thu, 21 Nov 2024 10:11:56 GMT
Content-Type: text/html
Connection: close
Content-Length: 319
via: CHN-GDdongguan-CMCC5-CACHE40[2]
X-CCDN-FORBID-CODE: 040001

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>openresty</center>
<p>Date: 2024/11/21 18:11:56</p>
<p>Node_info: 2868-CACHE40</p>
<p>Request_id: -</p>
<p>Client_ip: <srcip></p>
<p>Forbid_code: 040001</p>
<p>Hit-status: MISS</p>

</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:11:56.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d5530c41f4d9155ace26e3f39f0c1cb4",
         "bodymmh3" : 2060400500,
         "headermd5" : "b87163103da6492565fe026ee9a8de07",
         "headermmh3" : -1446552690,
         "title" : "403 Forbidden"
      },
      "length" : 525
   },
   "asn" : "AS9808",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nServer: openresty\r\nDate: Thu, 21 Nov 2024 10:11:56 GMT\r\nContent-Type: text/html\r\nConnection: close\r\nContent-Length: 319\r\nvia: CHN-GDdongguan-CMCC5-CACHE40[2]\r\nX-CCDN-FORBID-CODE: 040001\r\n\r\n<html>\n<head><title>403 Forbidden</title></head>\n<body>\n<center><h1>403 Forbidden</h1></center>\n<hr><center>openresty</center>\n<p>Date: 2024/11/21 18:11:56</p>\r\n<p>Node_info: 2868-CACHE40</p>\r\n<p>Request_id: -</p>\r\n<p>Client_ip: <srcip></p>\r\n<p>Forbid_code: 040001</p>\r\n<p>Hit-status: MISS</p>\r\n\n</body>\n</html>\n",
   "datamd5" : "6c203fe8a960cd288e8b1875b53b64a5",
   "datammh3" : 322788304,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS56040",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "120.233.178.0/23"
   },
   "ip" : "120.233.179.41",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8099,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 403,
   "subnet" : "120.233.160.0/19",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 16,219 in 0.133 second(s)

221.178.82.71:8099 (tcp/http) - last seen on 2024-11-21 at 10:23:01 UTC

120.201.49.38:8099 (tcp/http) - last seen on 2024-11-21 at 10:22:34 UTC

111.48.231.12:8099 (tcp/http) - last seen on 2024-11-21 at 10:22:20 UTC

223.75.76.206:8099 (tcp/unknown) - last seen on 2024-11-21 at 10:21:30 UTC

111.7.93.9:8099 (tcp/http) - last seen on 2024-11-21 at 10:21:07 UTC

112.48.137.70:8099 (tcp/http) - last seen on 2024-11-21 at 10:13:31 UTC

39.137.10.3:8099 (tcp/http) - last seen on 2024-11-21 at 10:13:01 UTC

39.136.233.173:8099 (tcp/http) - last seen on 2024-11-21 at 10:12:25 UTC

120.209.101.67:8099 (tcp/http) - last seen on 2024-11-21 at 10:12:08 UTC

120.233.179.41:8099 (tcp/http) - last seen on 2024-11-21 at 10:11:56 UTC