IP

61.171.91.75

Network

61.170.0.0/15

Domain(s)

163data.com.cn

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://61.171.91.75:18080/ 407

Reverse DNS

75.91.171.61.broad.xw.sh.dynamic.163data.com.cn

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

595869b15ebe90b2b5280d952e99c364

HTTP Header MD5

4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5

829cb2a9568859e1304c1effc06913af

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

proxy authorization invalid, client ip <srcip> authorization failed, proxy ip 192.168.0.23

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:50:27.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.0.23"
         ]
      },
      "http" : {
         "bodymd5" : "829cb2a9568859e1304c1effc06913af",
         "bodymmh3" : 780519798,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 172
   },
   "asn" : "AS4812",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nproxy authorization invalid, client ip <srcip> authorization failed, proxy ip 192.168.0.23",
   "datamd5" : "595869b15ebe90b2b5280d952e99c364",
   "datammh3" : 256302839,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "163data.com.cn"
   ],
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "163data.com.cn",
         "chinatelecom.cn",
         "online.sh.cn",
         "shtel.com.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET Shanghai province network",
      "subnet" : "61.170.0.0/15"
   },
   "host" : [
      75
   ],
   "hostname" : [
      "75.91.171.61.broad.xw.sh.dynamic.163data.com.cn"
   ],
   "ip" : "61.171.91.75",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 18080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "reverse" : [
      "75.91.171.61.broad.xw.sh.dynamic.163data.com.cn"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subdomains" : [
      "xw.sh.dynamic.163data.com.cn",
      "sh.dynamic.163data.com.cn",
      "dynamic.163data.com.cn",
      "171.61.broad.xw.sh.dynamic.163data.com.cn",
      "91.171.61.broad.xw.sh.dynamic.163data.com.cn",
      "61.broad.xw.sh.dynamic.163data.com.cn",
      "broad.xw.sh.dynamic.163data.com.cn"
   ],
   "subnet" : "61.170.0.0/15",
   "tld" : [
      "com.cn"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

180.163.200.103

Network

180.160.0.0/12

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://180.163.200.103:18080/ 400

HTTP Title

400 The plain HTTP request was sent to HTTPS port

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

Data MD5

45619bcdfbfcd8121064b214274ffe3c

HTTP Header MD5

b0d092b10b6c51540318bef6079109ed

HTTP Body MD5

b918f8b3770dc1158b467b0dd192e59e

HTTP/1.1 400 Bad Request
Server: openresty
Date: Thu, 07 Nov 2024 05:43:16 GMT
Content-Type: text/html
Content-Length: 252
Connection: close
Request-Id: c867672c5374b4a335621c67ba5c55c1

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>openresty</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:43:17.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b918f8b3770dc1158b467b0dd192e59e",
         "bodymmh3" : 1280153115,
         "headermd5" : "b0d092b10b6c51540318bef6079109ed",
         "headermmh3" : 486976953,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 447
   },
   "asn" : "AS4812",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: openresty\r\nDate: Thu, 07 Nov 2024 05:43:16 GMT\r\nContent-Type: text/html\r\nContent-Length: 252\r\nConnection: close\r\nRequest-Id: c867672c5374b4a335621c67ba5c55c1\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "45619bcdfbfcd8121064b214274ffe3c",
   "datammh3" : -322062668,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET SHANGHAI PROVINCE NETWORK",
      "subnet" : "180.160.0.0/13"
   },
   "ip" : "180.163.200.103",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 18080,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "180.160.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

180.163.116.41

Network

180.160.0.0/12

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://180.163.116.41:18080/ 400

HTTP Title

400 Bad Request

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

811f2636f49935bb4ddbbbf2fd4e094d

HTTP Header MD5

4b4a51adfa6c288d4f741353762f5fd2

HTTP Body MD5

8e7e5464b73143a6238b664de799d6d7

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:42:03 GMT
Content-Type: text/html
Content-Length: 2425
Connection: close
x-ws-request-id: 672c532b_PS-SHA-012DQ58_50486-5526

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 05:42:03 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-SHA-012DQ58
				<br>URL: http://<ip>:18080/
				<br>Request-Id: 672c532b_PS-SHA-012DQ58_50486-5526
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:18080/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:42:03.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "8e7e5464b73143a6238b664de799d6d7",
         "bodymmh3" : 1380714922,
         "headermd5" : "4b4a51adfa6c288d4f741353762f5fd2",
         "headermmh3" : 247947299,
         "title" : "400 Bad Request"
      },
      "length" : 2599
   },
   "asn" : "AS4812",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:42:03 GMT\r\nContent-Type: text/html\r\nContent-Length: 2425\r\nConnection: close\r\nx-ws-request-id: 672c532b_PS-SHA-012DQ58_50486-5526\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 05:42:03 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-SHA-012DQ58\n\t\t\t\t<br>URL: http://<ip>:18080/\n\t\t\t\t<br>Request-Id: 672c532b_PS-SHA-012DQ58_50486-5526\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:18080/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "811f2636f49935bb4ddbbbf2fd4e094d",
   "datammh3" : -256843497,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET SHANGHAI PROVINCE NETWORK",
      "subnet" : "180.160.0.0/13"
   },
   "ip" : "180.163.116.41",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 18080,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "180.160.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

101.91.199.40

Network

101.80.0.0/12

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://101.91.199.40:18080/ 407

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

9727fd865600321f2dc5377629edf844

HTTP Header MD5

4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5

453e2c8dde1002f2cacb17de2e7781c2

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

proxy authorization invalid, client ip <srcip> authorization failed, proxy ip 192.168.0.8

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:41:40.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.0.8"
         ]
      },
      "http" : {
         "bodymd5" : "453e2c8dde1002f2cacb17de2e7781c2",
         "bodymmh3" : -460303582,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 171
   },
   "asn" : "AS4812",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nproxy authorization invalid, client ip <srcip> authorization failed, proxy ip 192.168.0.8",
   "datamd5" : "9727fd865600321f2dc5377629edf844",
   "datammh3" : 663386810,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn",
         "online.sh.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET SHANGHAI PROVINCE NETWORK",
      "subnet" : "101.80.0.0/12"
   },
   "ip" : "101.91.199.40",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 18080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "101.80.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

45.124.126.193

Network

45.124.124.0/22

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://45.124.126.193:18080/ 400

HTTP Title

400 Bad Request

ASN

AS4811

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

b96e5c2306d95fda8f9f236e3147c53b

HTTP Header MD5

10357a06be90f392e5d4e56d4c7e4f2c

HTTP Body MD5

5c10fb5abab0e1052cf1de8bc1948c7f

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:32:30 GMT
Content-Type: text/html
Content-Length: 2410
Connection: close
x-ws-request-id: 672c50ee_hdx204_33740-25019

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 05:32:30 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: hdx204
				<br>URL: http://<ip>:18080/
				<br>Request-Id: 672c50ee_hdx204_33740-25019
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:18080/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:32:30.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "5c10fb5abab0e1052cf1de8bc1948c7f",
         "bodymmh3" : 1948823076,
         "headermd5" : "10357a06be90f392e5d4e56d4c7e4f2c",
         "headermmh3" : 465383244,
         "title" : "400 Bad Request"
      },
      "length" : 2577
   },
   "asn" : "AS4811",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:32:30 GMT\r\nContent-Type: text/html\r\nContent-Length: 2410\r\nConnection: close\r\nx-ws-request-id: 672c50ee_hdx204_33740-25019\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 05:32:30 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: hdx204\n\t\t\t\t<br>URL: http://<ip>:18080/\n\t\t\t\t<br>Request-Id: 672c50ee_hdx204_33740-25019\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:18080/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "b96e5c2306d95fda8f9f236e3147c53b",
   "datammh3" : 1578614216,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4811",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnnic.cn",
         "zhao-1.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "ZHAOONE-NET",
      "organization" : "shanghai wexchange network technology Co. Ltd.",
      "subnet" : "45.124.124.0/22"
   },
   "ip" : "45.124.126.193",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 18080,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "45.124.124.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

218.78.117.159

Network

218.78.0.0/15

Domain(s)

163data.com.cn

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://218.78.117.159:18080/ 407

Reverse DNS

159.117.78.218.dial.xw.sh.dynamic.163data.com.cn

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

3eb504e319b953255702fdcf12a39b3e

HTTP Header MD5

4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5

348a6ffd39747dcfd92b143ac26c1bcb

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

proxy authorization invalid, client ip <srcip> authorization failed, proxy ip 192.168.0.89

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:16:59.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.0.89"
         ]
      },
      "http" : {
         "bodymd5" : "348a6ffd39747dcfd92b143ac26c1bcb",
         "bodymmh3" : 2020559091,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 172
   },
   "asn" : "AS4812",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nproxy authorization invalid, client ip <srcip> authorization failed, proxy ip 192.168.0.89",
   "datamd5" : "3eb504e319b953255702fdcf12a39b3e",
   "datammh3" : 437728553,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "163data.com.cn"
   ],
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "163data.com.cn",
         "chinatelecom.cn",
         "online.sh.cn",
         "shtel.com.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET Shanghai province network",
      "subnet" : "218.78.0.0/15"
   },
   "host" : [
      159
   ],
   "hostname" : [
      "159.117.78.218.dial.xw.sh.dynamic.163data.com.cn"
   ],
   "ip" : "218.78.117.159",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 18080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "reverse" : [
      "159.117.78.218.dial.xw.sh.dynamic.163data.com.cn"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subdomains" : [
      "218.dial.xw.sh.dynamic.163data.com.cn",
      "dial.xw.sh.dynamic.163data.com.cn",
      "117.78.218.dial.xw.sh.dynamic.163data.com.cn",
      "xw.sh.dynamic.163data.com.cn",
      "sh.dynamic.163data.com.cn",
      "dynamic.163data.com.cn",
      "78.218.dial.xw.sh.dynamic.163data.com.cn"
   ],
   "subnet" : "218.78.0.0/15",
   "tld" : [
      "com.cn"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

180.175.203.208

Network

180.160.0.0/12

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://180.175.203.208:18080/ 200

HTTP Title

403

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

3df03b55fd6f0fee09a0d291cfea49ae

HTTP Header MD5

f6f90bb692c1bf102a951cb19b81c0e0

HTTP Body MD5

e31051844ed4abd420fdfb35f62f7da0

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: text/html; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 07 Nov 2024 05:16:59 GMT
Date: Thu, 07 Nov 2024 05:16:59 GMT
Content-Length: 722
Connection: close


<html lang="en"><head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <title>403</title>
    <style>
      html,
      body {
        height: 100%;
      }
      body {
        display: flex;
        justify-content: center;
        align-items: center;
        flex-direction: column;
      }
      .title {
        margin-top: 0;
        color: red;
        font-size: 10em;
      }
      .desc {
        margin-top: -5em;
        color: red;
      }
    </style>
  </head>
  <body>
    <h1 class="title">403</h1>
    <p class="desc">为了你的帐号安全，只允许内网访问</p>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:16:59.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "e31051844ed4abd420fdfb35f62f7da0",
         "bodymmh3" : 642518266,
         "header" : [
            {
               "value" : "Thu, 07 Nov 2024 05:16:59 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "f6f90bb692c1bf102a951cb19b81c0e0",
         "headermmh3" : -1255393979,
         "title" : 403
      },
      "length" : 1007
   },
   "asn" : "AS4812",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nCache-Control: no-cache, no-store, max-age=0, must-revalidate\r\nContent-Type: text/html; charset=utf-8\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nLast-Modified: Thu, 07 Nov 2024 05:16:59 GMT\r\nDate: Thu, 07 Nov 2024 05:16:59 GMT\r\nContent-Length: 722\r\nConnection: close\r\n\r\n\n<html lang=\"en\"><head>\n    <meta charset=\"UTF-8\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"ie=edge\">\n    <title>403</title>\n    <style>\n      html,\n      body {\n        height: 100%;\n      }\n      body {\n        display: flex;\n        justify-content: center;\n        align-items: center;\n        flex-direction: column;\n      }\n      .title {\n        margin-top: 0;\n        color: red;\n        font-size: 10em;\n      }\n      .desc {\n        margin-top: -5em;\n        color: red;\n      }\n    </style>\n  </head>\n  <body>\n    <h1 class=\"title\">403</h1>\n    <p class=\"desc\">\u4e3a\u4e86\u4f60\u7684\u5e10\u53f7\u5b89\u5168\uff0c\u53ea\u5141\u8bb8\u5185\u7f51\u8bbf\u95ee</p>\n</body></html>\n",
   "datamd5" : "3df03b55fd6f0fee09a0d291cfea49ae",
   "datammh3" : -1679919489,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET SHANGHAI PROVINCE NETWORK",
      "subnet" : "180.172.0.0/14"
   },
   "ip" : "180.175.203.208",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 18080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "180.160.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

101.91.207.207

Network

101.80.0.0/12

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://101.91.207.207:18080/ 407

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

58f7b385ffb67d75f32d56d8c464ac0a

HTTP Header MD5

4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5

6c1bb93ac9e2c9f1779c839db48d8628

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

proxy authorization invalid, client ip <srcip> authorization failed, proxy ip 192.168.0.18

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:59:05.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.0.18"
         ]
      },
      "http" : {
         "bodymd5" : "6c1bb93ac9e2c9f1779c839db48d8628",
         "bodymmh3" : 283993993,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 172
   },
   "asn" : "AS4812",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nproxy authorization invalid, client ip <srcip> authorization failed, proxy ip 192.168.0.18",
   "datamd5" : "58f7b385ffb67d75f32d56d8c464ac0a",
   "datammh3" : 474035644,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn",
         "online.sh.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET SHANGHAI PROVINCE NETWORK",
      "subnet" : "101.80.0.0/12"
   },
   "ip" : "101.91.207.207",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 18080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "101.80.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

101.81.78.67

Network

101.80.0.0/12

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://101.81.78.67:18080/ 200

HTTP Title

403

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

3df03b55fd6f0fee09a0d291cfea49ae

HTTP Header MD5

f6f90bb692c1bf102a951cb19b81c0e0

HTTP Body MD5

e31051844ed4abd420fdfb35f62f7da0

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: text/html; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 07 Nov 2024 04:59:04 GMT
Date: Thu, 07 Nov 2024 04:59:04 GMT
Content-Length: 722
Connection: close


<html lang="en"><head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <title>403</title>
    <style>
      html,
      body {
        height: 100%;
      }
      body {
        display: flex;
        justify-content: center;
        align-items: center;
        flex-direction: column;
      }
      .title {
        margin-top: 0;
        color: red;
        font-size: 10em;
      }
      .desc {
        margin-top: -5em;
        color: red;
      }
    </style>
  </head>
  <body>
    <h1 class="title">403</h1>
    <p class="desc">为了你的帐号安全，只允许内网访问</p>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:59:04.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "e31051844ed4abd420fdfb35f62f7da0",
         "bodymmh3" : 642518266,
         "header" : [
            {
               "value" : "Thu, 07 Nov 2024 04:59:04 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "f6f90bb692c1bf102a951cb19b81c0e0",
         "headermmh3" : -346791784,
         "title" : 403
      },
      "length" : 1007
   },
   "asn" : "AS4812",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nCache-Control: no-cache, no-store, max-age=0, must-revalidate\r\nContent-Type: text/html; charset=utf-8\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nLast-Modified: Thu, 07 Nov 2024 04:59:04 GMT\r\nDate: Thu, 07 Nov 2024 04:59:04 GMT\r\nContent-Length: 722\r\nConnection: close\r\n\r\n\n<html lang=\"en\"><head>\n    <meta charset=\"UTF-8\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"ie=edge\">\n    <title>403</title>\n    <style>\n      html,\n      body {\n        height: 100%;\n      }\n      body {\n        display: flex;\n        justify-content: center;\n        align-items: center;\n        flex-direction: column;\n      }\n      .title {\n        margin-top: 0;\n        color: red;\n        font-size: 10em;\n      }\n      .desc {\n        margin-top: -5em;\n        color: red;\n      }\n    </style>\n  </head>\n  <body>\n    <h1 class=\"title\">403</h1>\n    <p class=\"desc\">\u4e3a\u4e86\u4f60\u7684\u5e10\u53f7\u5b89\u5168\uff0c\u53ea\u5141\u8bb8\u5185\u7f51\u8bbf\u95ee</p>\n</body></html>\n",
   "datamd5" : "3df03b55fd6f0fee09a0d291cfea49ae",
   "datammh3" : -1679919489,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn",
         "online.sh.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET SHANGHAI PROVINCE NETWORK",
      "subnet" : "101.80.0.0/12"
   },
   "ip" : "101.81.78.67",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 18080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "101.80.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

180.163.116.72

Network

180.160.0.0/12

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://180.163.116.72:18080/ 400

HTTP Title

400 Bad Request

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

f804a1514faf4ef6497de2a327fdb9a8

HTTP Header MD5

2f17c4a7ef5dbda2cb4f83db0e5421de

HTTP Body MD5

11d79d2172c96eac255b3d421504df23

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 04:50:51 GMT
Content-Type: text/html
Content-Length: 2428
Connection: close
x-ws-request-id: 672c472b_PS-SHA-0160F143_12384-22210

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 04:50:51 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-SHA-0160F143
				<br>URL: http://<ip>:18080/
				<br>Request-Id: 672c472b_PS-SHA-0160F143_12384-22210
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G">http://<ip>:18080/</pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:50:51.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "11d79d2172c96eac255b3d421504df23",
         "bodymmh3" : -93652311,
         "headermd5" : "2f17c4a7ef5dbda2cb4f83db0e5421de",
         "headermmh3" : -1975834143,
         "title" : "400 Bad Request"
      },
      "length" : 2604
   },
   "asn" : "AS4812",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 04:50:51 GMT\r\nContent-Type: text/html\r\nContent-Length: 2428\r\nConnection: close\r\nx-ws-request-id: 672c472b_PS-SHA-0160F143_12384-22210\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 04:50:51 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-SHA-0160F143\n\t\t\t\t<br>URL: http://<ip>:18080/\n\t\t\t\t<br>Request-Id: 672c472b_PS-SHA-0160F143_12384-22210\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\">http://<ip>:18080/</pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "f804a1514faf4ef6497de2a327fdb9a8",
   "datammh3" : -629722211,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET SHANGHAI PROVINCE NETWORK",
      "subnet" : "180.160.0.0/13"
   },
   "ip" : "180.163.116.72",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 18080,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "180.160.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}