Cyber Defense Search Engine

IP
218.24.82.139

Network
218.24.64.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

HTTP Title
400 Bad Request

ASN
AS4837

Organization
CHINA UNICOM China169 Backbone

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
Server Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e52dabeb1c6a087849f38698d5a84021

HTTP Header MD5
f86cc985ecde38fa6c654c6d843421bb

HTTP Body MD5
fa9a8acb2708be4a10ee7f3090414629

HTTP/1.1 400 Bad Request
Server: Server
Date: Thu, 07 Nov 2024 03:28:13 GMT
Content-Type: text/html
Content-Length: 145
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center></center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:28:13.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "fa9a8acb2708be4a10ee7f3090414629",
         "bodymmh3" : 1147286280,
         "headermd5" : "f86cc985ecde38fa6c654c6d843421bb",
         "headermmh3" : 458237788,
         "title" : "400 Bad Request"
      },
      "length" : 291
   },
   "asn" : "AS4837",
   "city" : "Shenyang",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: Server\r\nDate: Thu, 07 Nov 2024 03:28:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 145\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center></center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "e52dabeb1c6a087849f38698d5a84021",
   "datammh3" : -1320027916,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4837",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinaunicom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "UNICOM-LN",
      "organization" : "CNC Group CHINA169 Liaoning Province Network",
      "subnet" : "218.24.64.0/19"
   },
   "ip" : "218.24.82.139",
   "ipv6" : "false",
   "latitude" : "41.7806",
   "location" : "41.7806,123.4314",
   "longitude" : "123.4314",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CHINA UNICOM China169 Backbone",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1911,
   "product" : "Server",
   "productvendor" : "Server",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "218.24.64.0/18",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
123.6.91.71

Network
123.4.0.0/14

Domain(s)
ny.adsl

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

HTTP Title
400 Bad Request

Reverse DNS
hn.kd.ny.adsl

ASN
AS4837

Organization
CHINA UNICOM China169 Backbone

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
Server Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e52dabeb1c6a087849f38698d5a84021

HTTP Header MD5
f86cc985ecde38fa6c654c6d843421bb

HTTP Body MD5
fa9a8acb2708be4a10ee7f3090414629

HTTP/1.1 400 Bad Request
Server: Server
Date: Thu, 07 Nov 2024 03:28:11 GMT
Content-Type: text/html
Content-Length: 145
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center></center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:28:11.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "fa9a8acb2708be4a10ee7f3090414629",
         "bodymmh3" : 1147286280,
         "headermd5" : "f86cc985ecde38fa6c654c6d843421bb",
         "headermmh3" : 717298934,
         "title" : "400 Bad Request"
      },
      "length" : 291
   },
   "asn" : "AS4837",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: Server\r\nDate: Thu, 07 Nov 2024 03:28:11 GMT\r\nContent-Type: text/html\r\nContent-Length: 145\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center></center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "e52dabeb1c6a087849f38698d5a84021",
   "datammh3" : -1320027916,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ny.adsl"
   ],
   "geolocus" : {
      "asn" : "AS4837",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinaunicom.cn",
         "ny.adsl",
         "zz.ha.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "UNICOM-HA",
      "organization" : "CNC Group CHINA169 Henan Province Network",
      "subnet" : "123.6.0.0/15"
   },
   "host" : [
      "hn"
   ],
   "hostname" : [
      "hn.kd.ny.adsl"
   ],
   "ip" : "123.6.91.71",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CHINA UNICOM China169 Backbone",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1911,
   "product" : "Server",
   "productvendor" : "Server",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "hn.kd.ny.adsl"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "kd.ny.adsl"
   ],
   "subnet" : "123.4.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "adsl"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP

<access denied by policy>

Network

<access denied by policy>

Domain(s)

Operating System

<access denied by policy> <access denied by policy>

Reverse DNS

<access denied by policy>

ASN

<access denied by policy>

Organization

<access denied by policy>

Protocol

<access denied by policy>

Source

<access denied by policy>
Operating System

<access denied by policy> <access denied by policy>

Product

<access denied by policy> <access denied by policy> <access denied by policy>

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5

<access denied by policy>
```
<access denied by policy>
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:52.000Z",
   "app" : "<enterprise field>: app",
   "asn" : "<access denied by policy>",
   "country" : "<access denied by policy>",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<access denied by policy>",
   "datamd5" : "<access denied by policy>",
   "datammh3" : "<access denied by policy>",
   "device" : "<enterprise field>: device",
   "domain" : "<access denied by policy>",
   "geolocus" : "<enterprise field>: geolocus",
   "host" : "<access denied by policy>",
   "hostname" : "<access denied by policy>",
   "ip" : "<access denied by policy>",
   "ipv6" : "<access denied by policy>",
   "latitude" : "<access denied by policy>",
   "location" : "<access denied by policy>",
   "longitude" : "<access denied by policy>",
   "node" : "<enterprise field>: node",
   "organization" : "<access denied by policy>",
   "os" : "<access denied by policy>",
   "osvendor" : "<access denied by policy>",
   "port" : "<access denied by policy>",
   "product" : "<access denied by policy>",
   "productvendor" : "<access denied by policy>",
   "productversion" : "<access denied by policy>",
   "protocol" : "<access denied by policy>",
   "protocolversion" : "<access denied by policy>",
   "reverse" : "<access denied by policy>",
   "seen_date" : "<access denied by policy>",
   "source" : "<access denied by policy>",
   "subnet" : "<access denied by policy>",
   "tag" : "<enterprise field>: tag",
   "tld" : "<access denied by policy>",
   "tls" : "<access denied by policy>",
   "transport" : "<access denied by policy>"
}

IP
71.78.72.130

Network
71.78.0.0/17

Domain(s)
spectrum.com

Device

<enterprise field>: device.class

Operating System
BlackBerry QNX 6.5.0

Reverse DNS
syn-071-078-072-130.biz.spectrum.com

ASN
AS11427

Organization
TWC-11427-TEXAS

Protocol
fox

Source
datascan
Operating System
BlackBerry QNX 6.5.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
cd2175841665efa0216c45c089012208

fox a 0 -1 fox hello
{
fox.version=s:1.0.1
id=i:686
n4Id=s:c89aff261764d658cb1b730eb7b7a13837cbfae1f8a27e15ff
n4SuperId=s:d7a201b0cc750cbece528d0a70cbad4b3ef2250d0e2fd127a5
hostName=s:
hostAddress=s:192.168.1.10
app.name=s:Station
app.version=s:4.3.58.18
vm.name=s:Java HotSpot(TM) Embedded Client VM
vm.version=s:25.91-b04
os.name=s:QNX
os.version=s:6.5.0
station.name=s:NotreDameSchool
lang=s:en
timeZone=s:America/Chicago;-21600000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined
hostId=s:Qnx-TITAN-FEEC-2A48-AC6F-7CD8
vmUuid=s:a32e2bab-fafe-41f2-954c-9fe99887dfb8
brandId=s:distech
sysInfo=o:bog 61[<bog version="1.0">
<p m="b=baja" t="b:Facets" v=""/>
</bog>
]
};;
fox a 1 -1 fox challenge
{
method=s:digest
keyExchangeMethods=s:null.1
};;

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:26.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.1.10",
            "4.3.58.18"
         ]
      },
      "length" : 818
   },
   "asn" : "AS11427",
   "city" : "Dallas",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "fox a 0 -1 fox hello\n{\nfox.version=s:1.0.1\nid=i:686\nn4Id=s:c89aff261764d658cb1b730eb7b7a13837cbfae1f8a27e15ff\nn4SuperId=s:d7a201b0cc750cbece528d0a70cbad4b3ef2250d0e2fd127a5\nhostName=s:\nhostAddress=s:192.168.1.10\napp.name=s:Station\napp.version=s:4.3.58.18\nvm.name=s:Java HotSpot(TM) Embedded Client VM\nvm.version=s:25.91-b04\nos.name=s:QNX\nos.version=s:6.5.0\nstation.name=s:NotreDameSchool\nlang=s:en\ntimeZone=s:America/Chicago;-21600000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined\nhostId=s:Qnx-TITAN-FEEC-2A48-AC6F-7CD8\nvmUuid=s:a32e2bab-fafe-41f2-954c-9fe99887dfb8\nbrandId=s:distech\nsysInfo=o:bog 61[<bog version=\"1.0\">\n<p m=\"b=baja\" t=\"b:Facets\" v=\"\"/>\n</bog>\n]\n};;\nfox a 1 -1 fox challenge\n{\nmethod=s:digest\nkeyExchangeMethods=s:null.1\n};;\n",
   "datamd5" : "cd2175841665efa0216c45c089012208",
   "datammh3" : 1392022444,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "spectrum.com"
   ],
   "geolocus" : {
      "asn" : "AS11427",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "charter.com",
         "charter.net",
         "spectrum.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NET-71-78-0-0-1",
      "organization" : "Charter Communications Inc",
      "subnet" : "71.78.0.0/17"
   },
   "host" : [
      "syn-071-078-072-130"
   ],
   "hostname" : [
      "syn-071-078-072-130.biz.spectrum.com"
   ],
   "ip" : "71.78.72.130",
   "ipv6" : "false",
   "latitude" : "32.7572",
   "location" : "32.7572,-96.7611",
   "longitude" : "-96.7611",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TWC-11427-TEXAS",
   "os" : "QNX",
   "osvendor" : "BlackBerry",
   "osversion" : "6.5.0",
   "port" : 1911,
   "protocol" : "fox",
   "protocolversion" : "1.0.1",
   "reverse" : [
      "syn-071-078-072-130.biz.spectrum.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "biz.spectrum.com"
   ],
   "subnet" : "71.78.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
166.167.181.127

Network
166.164.0.0/14

Domain(s)
myvzw.com

Device

<enterprise field>: device.class

Operating System
BlackBerry QNX 6.5.0

Reverse DNS
127.sub-166-167-181.myvzw.com

ASN
AS6167

Organization
CELLCO-PART

Protocol
fox

Source
datascan
Operating System
BlackBerry QNX 6.5.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
739af1346eb1545f479e9fa188c71b55

fox a 0 -1 fox hello
{
fox.version=s:1.0.1
id=i:17839
hostName=s:192.168.1.123
hostAddress=s:192.168.1.123
app.name=s:Station
app.version=s:3.8.401
vm.name=s:Java HotSpot(TM) Embedded Client VM
vm.version=s:25.161-b01
os.name=s:QNX
os.version=s:6.5.0
station.name=s:Ross2179_LosBanosCA
lang=s:en
timeZone=s:PST8PDT;-28800000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined
hostId=s:Qnx-NPM6E-0000-1917-64FD
vmUuid=s:11ef8265-04a7-5b16-0000-000000008939
brandId=s:Freedom
sysInfo=o:bog 61[<bog version="1.0">
<p m="b=baja" t="b:Facets" v=""/>
</bog>
]
authAgentTypeSpecs=s:fox:FoxUsernamePasswordAuthAgent
};;
fox a 1 -1 fox rejected
{
};;

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:26:16.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.1.123"
         ]
      },
      "length" : 712
   },
   "asn" : "AS6167",
   "city" : "Newport Beach",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "fox a 0 -1 fox hello\n{\nfox.version=s:1.0.1\nid=i:17839\nhostName=s:192.168.1.123\nhostAddress=s:192.168.1.123\napp.name=s:Station\napp.version=s:3.8.401\nvm.name=s:Java HotSpot(TM) Embedded Client VM\nvm.version=s:25.161-b01\nos.name=s:QNX\nos.version=s:6.5.0\nstation.name=s:Ross2179_LosBanosCA\nlang=s:en\ntimeZone=s:PST8PDT;-28800000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined\nhostId=s:Qnx-NPM6E-0000-1917-64FD\nvmUuid=s:11ef8265-04a7-5b16-0000-000000008939\nbrandId=s:Freedom\nsysInfo=o:bog 61[<bog version=\"1.0\">\n<p m=\"b=baja\" t=\"b:Facets\" v=\"\"/>\n</bog>\n]\nauthAgentTypeSpecs=s:fox:FoxUsernamePasswordAuthAgent\n};;\nfox a 1 -1 fox rejected\n{\n};;\n",
   "datamd5" : "739af1346eb1545f479e9fa188c71b55",
   "datammh3" : 1826042299,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "myvzw.com"
   ],
   "geolocus" : {
      "asn" : "AS6167",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "myvzw.com",
         "wirelessdataspco.org"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETBLK-CDPD-B",
      "organization" : "Wireless Data Service Provider Corporation",
      "subnet" : "166.164.0.0/14"
   },
   "host" : [
      127
   ],
   "hostname" : [
      "127.sub-166-167-181.myvzw.com"
   ],
   "ip" : "166.167.181.127",
   "ipv6" : "false",
   "latitude" : "33.6205",
   "location" : "33.6205,-117.9321",
   "longitude" : "-117.9321",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CELLCO-PART",
   "os" : "QNX",
   "osvendor" : "BlackBerry",
   "osversion" : "6.5.0",
   "port" : 1911,
   "protocol" : "fox",
   "protocolversion" : "1.0.1",
   "reverse" : [
      "127.sub-166-167-181.myvzw.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "sub-166-167-181.myvzw.com"
   ],
   "subnet" : "166.164.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
47.207.55.8

Network
47.192.0.0/12

Device

<enterprise field>: device.class

Operating System
NetBSD NetBSD

ASN
AS5650

Organization
FRONTIER-FRTR

Protocol
fox

Source
datascan
Operating System
NetBSD NetBSD

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
db15f387f4969e4d9bb50f6ff6286004

fox a 0 -1 fox hello
{
fox.version=s:1.0.2
id=i:1268
n4Id=s:e6badf6bf0b24aa271e99dfe3f69de2fee864860c935efc8c9
n4SuperId=s:4d684555101f5f162a7d649e43e4f66e22cd150fa02b245dd6
hostName=s:
hostAddress=s:192.168.254.250
app.name=s:Station
};;
fox a 1 -1 fox challenge
{
method=s:digest
keyExchangeMethods=s:null.1
};;

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:26:02.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.254.250"
         ]
      },
      "length" : 314
   },
   "asn" : "AS5650",
   "city" : "Tampa",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "fox a 0 -1 fox hello\n{\nfox.version=s:1.0.2\nid=i:1268\nn4Id=s:e6badf6bf0b24aa271e99dfe3f69de2fee864860c935efc8c9\nn4SuperId=s:4d684555101f5f162a7d649e43e4f66e22cd150fa02b245dd6\nhostName=s:\nhostAddress=s:192.168.254.250\napp.name=s:Station\n};;\nfox a 1 -1 fox challenge\n{\nmethod=s:digest\nkeyExchangeMethods=s:null.1\n};;\n",
   "datamd5" : "db15f387f4969e4d9bb50f6ff6286004",
   "datammh3" : -133613495,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS5650",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "frontiernet.net",
         "ftr.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "FCC-210",
      "organization" : "Frontier Communications Corporation",
      "subnet" : "47.192.0.0/12"
   },
   "ip" : "47.207.55.8",
   "ipv6" : "false",
   "latitude" : "27.9350",
   "location" : "27.9350,-82.3772",
   "longitude" : "-82.3772",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "FRONTIER-FRTR",
   "os" : "NetBSD",
   "osvendor" : "NetBSD",
   "port" : 1911,
   "protocol" : "fox",
   "protocolversion" : "1.0.2",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "47.192.0.0/12",
   "tls" : "false",
   "transport" : "tcp"
}

IP
176.186.49.61

Network
176.176.0.0/12

Domain(s)
bbox.fr

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

HTTP Title
HTTP Status 400 – Bad Request

Reverse DNS
i19-les01-ntr-176-186-49-61.sfr.lns.abo.bbox.fr

ASN
AS5410

Organization
Bouygues Telecom SA

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a98148332bf260a4f33766b961432f1c

HTTP Header MD5
2b5c86ce14b90af3aacccc8878708f52

HTTP Body MD5
2d206e89f9f77a4e448806e3f512cb85

HTTP/1.1 400 
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 1790
Date: Thu, 07 Nov 2024 03:25:54 GMT
Connection: close

<!doctype html><html lang="en"><head><title>HTTP Status 400 – Bad Request</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 – Bad Request</h1><hr class="line" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Invalid URI</p><p><b>Description</b> The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).</p><p><b>Exception</b></p><pre>java.lang.IllegalArgumentException: Invalid character found in the HTTP protocol
	org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:547)
	org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:502)
	org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)
	org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1623)
	org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	java.lang.Thread.run(Thread.java:748)
</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class="line" /><h3>Apache Tomcat/8.5.51</h3></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:25:54.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2d206e89f9f77a4e448806e3f512cb85",
         "bodymmh3" : 821935916,
         "headermd5" : "2b5c86ce14b90af3aacccc8878708f52",
         "headermmh3" : 190221099,
         "title" : "HTTP Status 400 \u2013 Bad Request"
      },
      "length" : 1946
   },
   "asn" : "AS5410",
   "city" : "Saint-Gratien",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 \r\nContent-Type: text/html;charset=utf-8\r\nContent-Language: en\r\nContent-Length: 1790\r\nDate: Thu, 07 Nov 2024 03:25:54 GMT\r\nConnection: close\r\n\r\n<!doctype html><html lang=\"en\"><head><title>HTTP Status 400 \u2013 Bad Request</title><style type=\"text/css\">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 \u2013 Bad Request</h1><hr class=\"line\" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Invalid URI</p><p><b>Description</b> The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).</p><p><b>Exception</b></p><pre>java.lang.IllegalArgumentException: Invalid character found in the HTTP protocol\n\torg.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:547)\n\torg.apache.coyote.http11.Http11Processor.service(Http11Processor.java:502)\n\torg.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)\n\torg.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)\n\torg.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1623)\n\torg.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)\n\tjava.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)\n\tjava.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)\n\torg.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\n\tjava.lang.Thread.run(Thread.java:748)\n</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class=\"line\" /><h3>Apache Tomcat/8.5.51</h3></body></html>",
   "datamd5" : "a98148332bf260a4f33766b961432f1c",
   "datammh3" : 1025963067,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "bbox.fr"
   ],
   "geolocus" : {
      "asn" : "AS5410",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "bbox.fr",
         "bouyguestelecom.fr"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "BOUYGTEL-ISP-WIRELINE",
      "organization" : "Pool for Broadband DSL customers",
      "subnet" : "176.186.0.0/15"
   },
   "host" : [
      "i19-les01-ntr-176-186-49-61"
   ],
   "hostname" : [
      "i19-les01-ntr-176-186-49-61.sfr.lns.abo.bbox.fr"
   ],
   "ip" : "176.186.49.61",
   "ipv6" : "false",
   "latitude" : "48.9707",
   "location" : "48.9707,2.2949",
   "longitude" : "2.2949",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Bouygues Telecom SA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1911,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reverse" : [
      "i19-les01-ntr-176-186-49-61.sfr.lns.abo.bbox.fr"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "abo.bbox.fr",
      "lns.abo.bbox.fr",
      "sfr.lns.abo.bbox.fr"
   ],
   "subnet" : "176.176.0.0/12",
   "tld" : [
      "fr"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
98.98.248.177

Network
98.98.240.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

HTTP Title
400 Bad Request

ASN
AS21859

Organization
ZEN-ECN

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
Server Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e52dabeb1c6a087849f38698d5a84021

HTTP Header MD5
f86cc985ecde38fa6c654c6d843421bb

HTTP Body MD5
fa9a8acb2708be4a10ee7f3090414629

HTTP/1.1 400 Bad Request
Server: Server
Date: Thu, 07 Nov 2024 03:25:53 GMT
Content-Type: text/html
Content-Length: 145
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center></center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:25:53.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "fa9a8acb2708be4a10ee7f3090414629",
         "bodymmh3" : 1147286280,
         "headermd5" : "f86cc985ecde38fa6c654c6d843421bb",
         "headermmh3" : -1501428713,
         "title" : "400 Bad Request"
      },
      "length" : 291
   },
   "asn" : "AS21859",
   "city" : "Jeddah",
   "country" : "SA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: Server\r\nDate: Thu, 07 Nov 2024 03:25:53 GMT\r\nContent-Type: text/html\r\nContent-Length: 145\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center></center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "e52dabeb1c6a087849f38698d5a84021",
   "datammh3" : -1320027916,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS21859",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "zenlayer.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ZENLA-7",
      "organization" : "Zenlayer Inc",
      "subnet" : "98.98.248.0/24"
   },
   "ip" : "98.98.248.177",
   "ipv6" : "false",
   "latitude" : "21.4849",
   "location" : "21.4849,39.1920",
   "longitude" : "39.1920",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ZEN-ECN",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1911,
   "product" : "Server",
   "productvendor" : "Server",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "98.98.240.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
68.115.52.99

Network
68.115.0.0/17

Domain(s)
spectrum.com

Device

<enterprise field>: device.class

Operating System
NetBSD NetBSD

Reverse DNS
syn-068-115-052-099.biz.spectrum.com

ASN
AS20115

Organization
CHARTER-20115

Protocol
fox

Source
datascan
Operating System
NetBSD NetBSD

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ca547fa9d8453e33511865cdeb639f01

fox a 0 -1 fox hello
{
fox.version=s:1.0.2
id=i:43144
n4Id=s:e8bf3d9e3df917c9e899988d4765bbae19f641cd1f2e2818e8
n4SuperId=s:bd4f2f428bfe8f68396eef8a6acc374beeeaada1647e0c52c0
hostName=s:WESTWOODFX70-01
hostAddress=s:<ip>
app.name=s:Station
};;
fox a 1 -1 fox challenge
{
method=s:digest
keyExchangeMethods=s:null.1
};;

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:25:37.000Z",
   "app" : {
      "length" : 319
   },
   "asn" : "AS20115",
   "city" : "Wausau",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "fox a 0 -1 fox hello\n{\nfox.version=s:1.0.2\nid=i:43144\nn4Id=s:e8bf3d9e3df917c9e899988d4765bbae19f641cd1f2e2818e8\nn4SuperId=s:bd4f2f428bfe8f68396eef8a6acc374beeeaada1647e0c52c0\nhostName=s:WESTWOODFX70-01\nhostAddress=s:<ip>\napp.name=s:Station\n};;\nfox a 1 -1 fox challenge\n{\nmethod=s:digest\nkeyExchangeMethods=s:null.1\n};;\n",
   "datamd5" : "ca547fa9d8453e33511865cdeb639f01",
   "datammh3" : 618238991,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "spectrum.com"
   ],
   "geolocus" : {
      "asn" : "AS20115",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "charter.com",
         "charter.net",
         "spectrum.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MAZO-WI-68-115-32",
      "organization" : "Charter Communications",
      "subnet" : "68.115.32.0/19"
   },
   "host" : [
      "syn-068-115-052-099"
   ],
   "hostname" : [
      "syn-068-115-052-099.biz.spectrum.com"
   ],
   "ip" : "68.115.52.99",
   "ipv6" : "false",
   "latitude" : "44.9656",
   "location" : "44.9656,-89.7066",
   "longitude" : "-89.7066",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CHARTER-20115",
   "os" : "NetBSD",
   "osvendor" : "NetBSD",
   "port" : 1911,
   "protocol" : "fox",
   "protocolversion" : "1.0.2",
   "reverse" : [
      "syn-068-115-052-099.biz.spectrum.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "biz.spectrum.com"
   ],
   "subnet" : "68.115.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
166.156.214.165

Network
166.156.0.0/15

Domain(s)
myvzw.com

Device

<enterprise field>: device.class

Operating System
BlackBerry QNX 6.5.0

Reverse DNS
165.sub-166-156-214.myvzw.com

ASN
AS6167

Organization
CELLCO-PART

Protocol
fox

Source
datascan
Operating System
BlackBerry QNX 6.5.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2ae69d715aa1a89042bee0c65e477487

fox a 0 -1 fox hello
{
fox.version=s:1.0.1
id=i:106
n4Id=s:7f6c7f74f31c75346503aaabfa2807963a04d88d4cd1ce668e
n4SuperId=s:85dde591688326a05c09620c3d03611322baaf73c32d692d92
hostName=s:
hostAddress=s:192.168.0.51
app.name=s:Station
app.version=s:4.7.109.20.1
vm.name=s:Java HotSpot(TM) Embedded Client VM
vm.version=s:25.161-b01
os.name=s:QNX
os.version=s:6.5.0
station.name=s:New_Beginnings_JACE
lang=s:en
timeZone=s:America/Chicago;-21600000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined
hostId=s:Qnx-TITAN-EC85-2AD7-ABAC-7D16
vmUuid=s:5d7abc5c-672b-4c34-beb3-a9b86e41106d
brandId=s:vykon
sysInfo=o:bog 61[<bog version="1.0">
<p m="b=baja" t="b:Facets" v=""/>
</bog>
]
};;
fox a 1 -1 fox challenge
{
method=s:digest
keyExchangeMethods=s:null.1
};;

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:25:15.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "4.7.109.20",
            "192.168.0.51"
         ]
      },
      "length" : 824
   },
   "asn" : "AS6167",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "fox a 0 -1 fox hello\n{\nfox.version=s:1.0.1\nid=i:106\nn4Id=s:7f6c7f74f31c75346503aaabfa2807963a04d88d4cd1ce668e\nn4SuperId=s:85dde591688326a05c09620c3d03611322baaf73c32d692d92\nhostName=s:\nhostAddress=s:192.168.0.51\napp.name=s:Station\napp.version=s:4.7.109.20.1\nvm.name=s:Java HotSpot(TM) Embedded Client VM\nvm.version=s:25.161-b01\nos.name=s:QNX\nos.version=s:6.5.0\nstation.name=s:New_Beginnings_JACE\nlang=s:en\ntimeZone=s:America/Chicago;-21600000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined\nhostId=s:Qnx-TITAN-EC85-2AD7-ABAC-7D16\nvmUuid=s:5d7abc5c-672b-4c34-beb3-a9b86e41106d\nbrandId=s:vykon\nsysInfo=o:bog 61[<bog version=\"1.0\">\n<p m=\"b=baja\" t=\"b:Facets\" v=\"\"/>\n</bog>\n]\n};;\nfox a 1 -1 fox challenge\n{\nmethod=s:digest\nkeyExchangeMethods=s:null.1\n};;\n",
   "datamd5" : "2ae69d715aa1a89042bee0c65e477487",
   "datammh3" : -1727435029,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "myvzw.com"
   ],
   "geolocus" : {
      "asn" : "AS6167",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "myvzw.com",
         "wirelessdataspco.org"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETBLK-CDPD-B",
      "organization" : "Wireless Data Service Provider Corporation",
      "subnet" : "166.156.0.0/15"
   },
   "host" : [
      165
   ],
   "hostname" : [
      "165.sub-166-156-214.myvzw.com"
   ],
   "ip" : "166.156.214.165",
   "ipv6" : "false",
   "latitude" : "41.8764",
   "location" : "41.8764,-87.6133",
   "longitude" : "-87.6133",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CELLCO-PART",
   "os" : "QNX",
   "osvendor" : "BlackBerry",
   "osversion" : "6.5.0",
   "port" : 1911,
   "protocol" : "fox",
   "protocolversion" : "1.0.1",
   "reverse" : [
      "165.sub-166-156-214.myvzw.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "sub-166-156-214.myvzw.com"
   ],
   "subnet" : "166.156.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

Returning 10 result(s) out of 101,974 in 0.022 second(s)

218.24.82.139:1911 (tcp/http) - last seen on 2024-11-07 at 03:28:13 UTC

123.6.91.71:1911 (tcp/http) - last seen on 2024-11-07 at 03:28:11 UTC

<access denied by policy>:<access denied by policy> (<access denied by policy>/<access denied by policy>) - last seen on 2024-11-07 at 03:27:52 UTC

71.78.72.130:1911 (tcp/fox) - last seen on 2024-11-07 at 03:27:26 UTC

166.167.181.127:1911 (tcp/fox) - last seen on 2024-11-07 at 03:26:16 UTC

47.207.55.8:1911 (tcp/fox) - last seen on 2024-11-07 at 03:26:02 UTC

176.186.49.61:1911 (tcp/http) - last seen on 2024-11-07 at 03:25:54 UTC

98.98.248.177:1911 (tcp/http) - last seen on 2024-11-07 at 03:25:53 UTC

68.115.52.99:1911 (tcp/fox) - last seen on 2024-11-07 at 03:25:37 UTC

166.156.214.165:1911 (tcp/fox) - last seen on 2024-11-07 at 03:25:15 UTC