Returning 10 result(s) out of 101,974 in 0.022 second(s)

  • 218.24.82.139:1911 (tcp/http) - last seen on 2024-11-07 at 03:28:13 UTC

    • IP
      218.24.82.139
      Network
      218.24.64.0/18
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      HTTP Title
      400 Bad Request
      ASN
      AS4837
      Organization
      CHINA UNICOM China169 Backbone
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Server Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e52dabeb1c6a087849f38698d5a84021
      HTTP Header MD5
      f86cc985ecde38fa6c654c6d843421bb
      HTTP Body MD5
      fa9a8acb2708be4a10ee7f3090414629
    • HTTP/1.1 400 Bad Request
      Server: Server
      Date: Thu, 07 Nov 2024 03:28:13 GMT
      Content-Type: text/html
      Content-Length: 145
      Connection: close
      
      <html>
      <head><title>400 Bad Request</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <hr><center></center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:28:13.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "fa9a8acb2708be4a10ee7f3090414629",
               "bodymmh3" : 1147286280,
               "headermd5" : "f86cc985ecde38fa6c654c6d843421bb",
               "headermmh3" : 458237788,
               "title" : "400 Bad Request"
            },
            "length" : 291
         },
         "asn" : "AS4837",
         "city" : "Shenyang",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: Server\r\nDate: Thu, 07 Nov 2024 03:28:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 145\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center></center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "e52dabeb1c6a087849f38698d5a84021",
         "datammh3" : -1320027916,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS4837",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "chinaunicom.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "UNICOM-LN",
            "organization" : "CNC Group CHINA169 Liaoning Province Network",
            "subnet" : "218.24.64.0/19"
         },
         "ip" : "218.24.82.139",
         "ipv6" : "false",
         "latitude" : "41.7806",
         "location" : "41.7806,123.4314",
         "longitude" : "123.4314",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "CHINA UNICOM China169 Backbone",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 1911,
         "product" : "Server",
         "productvendor" : "Server",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "218.24.64.0/18",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp"
      }
      
  • 123.6.91.71:1911 (tcp/http) - last seen on 2024-11-07 at 03:28:11 UTC

    • IP
      123.6.91.71
      Network
      123.4.0.0/14
      Domain(s)
      ny.adsl
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      HTTP Title
      400 Bad Request
      Reverse DNS
      hn.kd.ny.adsl
      ASN
      AS4837
      Organization
      CHINA UNICOM China169 Backbone
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Server Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e52dabeb1c6a087849f38698d5a84021
      HTTP Header MD5
      f86cc985ecde38fa6c654c6d843421bb
      HTTP Body MD5
      fa9a8acb2708be4a10ee7f3090414629
    • HTTP/1.1 400 Bad Request
      Server: Server
      Date: Thu, 07 Nov 2024 03:28:11 GMT
      Content-Type: text/html
      Content-Length: 145
      Connection: close
      
      <html>
      <head><title>400 Bad Request</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <hr><center></center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:28:11.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "fa9a8acb2708be4a10ee7f3090414629",
               "bodymmh3" : 1147286280,
               "headermd5" : "f86cc985ecde38fa6c654c6d843421bb",
               "headermmh3" : 717298934,
               "title" : "400 Bad Request"
            },
            "length" : 291
         },
         "asn" : "AS4837",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: Server\r\nDate: Thu, 07 Nov 2024 03:28:11 GMT\r\nContent-Type: text/html\r\nContent-Length: 145\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center></center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "e52dabeb1c6a087849f38698d5a84021",
         "datammh3" : -1320027916,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "ny.adsl"
         ],
         "geolocus" : {
            "asn" : "AS4837",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "chinaunicom.cn",
               "ny.adsl",
               "zz.ha.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "UNICOM-HA",
            "organization" : "CNC Group CHINA169 Henan Province Network",
            "subnet" : "123.6.0.0/15"
         },
         "host" : [
            "hn"
         ],
         "hostname" : [
            "hn.kd.ny.adsl"
         ],
         "ip" : "123.6.91.71",
         "ipv6" : "false",
         "latitude" : "34.7732",
         "location" : "34.7732,113.7220",
         "longitude" : "113.7220",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "CHINA UNICOM China169 Backbone",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 1911,
         "product" : "Server",
         "productvendor" : "Server",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "reverse" : [
            "hn.kd.ny.adsl"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subdomains" : [
            "kd.ny.adsl"
         ],
         "subnet" : "123.4.0.0/14",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "adsl"
         ],
         "tls" : "false",
         "transport" : "tcp"
      }
      
  • <access denied by policy>:<access denied by policy> (<access denied by policy>/<access denied by policy>) - last seen on 2024-11-07 at 03:27:52 UTC

    • IP

      <access denied by policy>

      Network

      <access denied by policy>

      Domain(s)
      Operating System

      <access denied by policy> <access denied by policy>

      Reverse DNS

      <access denied by policy>

      ASN

      <access denied by policy>

      Organization

      <access denied by policy>

      Protocol

      <access denied by policy>

      Source

      <access denied by policy>

    • Operating System

      <access denied by policy> <access denied by policy>

      Product

      <access denied by policy> <access denied by policy> <access denied by policy>

      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5

      <access denied by policy>

    • <access denied by policy>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:27:52.000Z",
         "app" : "<enterprise field>: app",
         "asn" : "<access denied by policy>",
         "country" : "<access denied by policy>",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "<access denied by policy>",
         "datamd5" : "<access denied by policy>",
         "datammh3" : "<access denied by policy>",
         "device" : "<enterprise field>: device",
         "domain" : "<access denied by policy>",
         "geolocus" : "<enterprise field>: geolocus",
         "host" : "<access denied by policy>",
         "hostname" : "<access denied by policy>",
         "ip" : "<access denied by policy>",
         "ipv6" : "<access denied by policy>",
         "latitude" : "<access denied by policy>",
         "location" : "<access denied by policy>",
         "longitude" : "<access denied by policy>",
         "node" : "<enterprise field>: node",
         "organization" : "<access denied by policy>",
         "os" : "<access denied by policy>",
         "osvendor" : "<access denied by policy>",
         "port" : "<access denied by policy>",
         "product" : "<access denied by policy>",
         "productvendor" : "<access denied by policy>",
         "productversion" : "<access denied by policy>",
         "protocol" : "<access denied by policy>",
         "protocolversion" : "<access denied by policy>",
         "reverse" : "<access denied by policy>",
         "seen_date" : "<access denied by policy>",
         "source" : "<access denied by policy>",
         "subnet" : "<access denied by policy>",
         "tag" : "<enterprise field>: tag",
         "tld" : "<access denied by policy>",
         "tls" : "<access denied by policy>",
         "transport" : "<access denied by policy>"
      }
      
  • 71.78.72.130:1911 (tcp/fox) - last seen on 2024-11-07 at 03:27:26 UTC

    • IP
      71.78.72.130
      Network
      71.78.0.0/17
      Domain(s)
      spectrum.com
      Device

      <enterprise field>: device.class

      Operating System
      BlackBerry QNX 6.5.0
      Reverse DNS
      syn-071-078-072-130.biz.spectrum.com
      ASN
      AS11427
      Organization
      TWC-11427-TEXAS
      Protocol
      fox
      Source
      datascan
    • Operating System
      BlackBerry QNX 6.5.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      cd2175841665efa0216c45c089012208
    • fox a 0 -1 fox hello
      {
      fox.version=s:1.0.1
      id=i:686
      n4Id=s:c89aff261764d658cb1b730eb7b7a13837cbfae1f8a27e15ff
      n4SuperId=s:d7a201b0cc750cbece528d0a70cbad4b3ef2250d0e2fd127a5
      hostName=s:
      hostAddress=s:192.168.1.10
      app.name=s:Station
      app.version=s:4.3.58.18
      vm.name=s:Java HotSpot(TM) Embedded Client VM
      vm.version=s:25.91-b04
      os.name=s:QNX
      os.version=s:6.5.0
      station.name=s:NotreDameSchool
      lang=s:en
      timeZone=s:America/Chicago;-21600000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined
      hostId=s:Qnx-TITAN-FEEC-2A48-AC6F-7CD8
      vmUuid=s:a32e2bab-fafe-41f2-954c-9fe99887dfb8
      brandId=s:distech
      sysInfo=o:bog 61[<bog version="1.0">
      <p m="b=baja" t="b:Facets" v=""/>
      </bog>
      ]
      };;
      fox a 1 -1 fox challenge
      {
      method=s:digest
      keyExchangeMethods=s:null.1
      };;
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:27:26.000Z",
         "app" : {
            "extract" : {
               "ip" : [
                  "192.168.1.10",
                  "4.3.58.18"
               ]
            },
            "length" : 818
         },
         "asn" : "AS11427",
         "city" : "Dallas",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "fox a 0 -1 fox hello\n{\nfox.version=s:1.0.1\nid=i:686\nn4Id=s:c89aff261764d658cb1b730eb7b7a13837cbfae1f8a27e15ff\nn4SuperId=s:d7a201b0cc750cbece528d0a70cbad4b3ef2250d0e2fd127a5\nhostName=s:\nhostAddress=s:192.168.1.10\napp.name=s:Station\napp.version=s:4.3.58.18\nvm.name=s:Java HotSpot(TM) Embedded Client VM\nvm.version=s:25.91-b04\nos.name=s:QNX\nos.version=s:6.5.0\nstation.name=s:NotreDameSchool\nlang=s:en\ntimeZone=s:America/Chicago;-21600000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined\nhostId=s:Qnx-TITAN-FEEC-2A48-AC6F-7CD8\nvmUuid=s:a32e2bab-fafe-41f2-954c-9fe99887dfb8\nbrandId=s:distech\nsysInfo=o:bog 61[<bog version=\"1.0\">\n<p m=\"b=baja\" t=\"b:Facets\" v=\"\"/>\n</bog>\n]\n};;\nfox a 1 -1 fox challenge\n{\nmethod=s:digest\nkeyExchangeMethods=s:null.1\n};;\n",
         "datamd5" : "cd2175841665efa0216c45c089012208",
         "datammh3" : 1392022444,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "spectrum.com"
         ],
         "geolocus" : {
            "asn" : "AS11427",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "charter.com",
               "charter.net",
               "spectrum.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "NET-71-78-0-0-1",
            "organization" : "Charter Communications Inc",
            "subnet" : "71.78.0.0/17"
         },
         "host" : [
            "syn-071-078-072-130"
         ],
         "hostname" : [
            "syn-071-078-072-130.biz.spectrum.com"
         ],
         "ip" : "71.78.72.130",
         "ipv6" : "false",
         "latitude" : "32.7572",
         "location" : "32.7572,-96.7611",
         "longitude" : "-96.7611",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "TWC-11427-TEXAS",
         "os" : "QNX",
         "osvendor" : "BlackBerry",
         "osversion" : "6.5.0",
         "port" : 1911,
         "protocol" : "fox",
         "protocolversion" : "1.0.1",
         "reverse" : [
            "syn-071-078-072-130.biz.spectrum.com"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "subdomains" : [
            "biz.spectrum.com"
         ],
         "subnet" : "71.78.0.0/17",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp"
      }
      
  • 166.167.181.127:1911 (tcp/fox) - last seen on 2024-11-07 at 03:26:16 UTC

    • IP
      166.167.181.127
      Network
      166.164.0.0/14
      Domain(s)
      myvzw.com
      Device

      <enterprise field>: device.class

      Operating System
      BlackBerry QNX 6.5.0
      Reverse DNS
      127.sub-166-167-181.myvzw.com
      ASN
      AS6167
      Organization
      CELLCO-PART
      Protocol
      fox
      Source
      datascan
    • Operating System
      BlackBerry QNX 6.5.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      739af1346eb1545f479e9fa188c71b55
    • fox a 0 -1 fox hello
      {
      fox.version=s:1.0.1
      id=i:17839
      hostName=s:192.168.1.123
      hostAddress=s:192.168.1.123
      app.name=s:Station
      app.version=s:3.8.401
      vm.name=s:Java HotSpot(TM) Embedded Client VM
      vm.version=s:25.161-b01
      os.name=s:QNX
      os.version=s:6.5.0
      station.name=s:Ross2179_LosBanosCA
      lang=s:en
      timeZone=s:PST8PDT;-28800000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined
      hostId=s:Qnx-NPM6E-0000-1917-64FD
      vmUuid=s:11ef8265-04a7-5b16-0000-000000008939
      brandId=s:Freedom
      sysInfo=o:bog 61[<bog version="1.0">
      <p m="b=baja" t="b:Facets" v=""/>
      </bog>
      ]
      authAgentTypeSpecs=s:fox:FoxUsernamePasswordAuthAgent
      };;
      fox a 1 -1 fox rejected
      {
      };;
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:26:16.000Z",
         "app" : {
            "extract" : {
               "ip" : [
                  "192.168.1.123"
               ]
            },
            "length" : 712
         },
         "asn" : "AS6167",
         "city" : "Newport Beach",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "fox a 0 -1 fox hello\n{\nfox.version=s:1.0.1\nid=i:17839\nhostName=s:192.168.1.123\nhostAddress=s:192.168.1.123\napp.name=s:Station\napp.version=s:3.8.401\nvm.name=s:Java HotSpot(TM) Embedded Client VM\nvm.version=s:25.161-b01\nos.name=s:QNX\nos.version=s:6.5.0\nstation.name=s:Ross2179_LosBanosCA\nlang=s:en\ntimeZone=s:PST8PDT;-28800000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined\nhostId=s:Qnx-NPM6E-0000-1917-64FD\nvmUuid=s:11ef8265-04a7-5b16-0000-000000008939\nbrandId=s:Freedom\nsysInfo=o:bog 61[<bog version=\"1.0\">\n<p m=\"b=baja\" t=\"b:Facets\" v=\"\"/>\n</bog>\n]\nauthAgentTypeSpecs=s:fox:FoxUsernamePasswordAuthAgent\n};;\nfox a 1 -1 fox rejected\n{\n};;\n",
         "datamd5" : "739af1346eb1545f479e9fa188c71b55",
         "datammh3" : 1826042299,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "myvzw.com"
         ],
         "geolocus" : {
            "asn" : "AS6167",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "myvzw.com",
               "wirelessdataspco.org"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "NETBLK-CDPD-B",
            "organization" : "Wireless Data Service Provider Corporation",
            "subnet" : "166.164.0.0/14"
         },
         "host" : [
            127
         ],
         "hostname" : [
            "127.sub-166-167-181.myvzw.com"
         ],
         "ip" : "166.167.181.127",
         "ipv6" : "false",
         "latitude" : "33.6205",
         "location" : "33.6205,-117.9321",
         "longitude" : "-117.9321",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "CELLCO-PART",
         "os" : "QNX",
         "osvendor" : "BlackBerry",
         "osversion" : "6.5.0",
         "port" : 1911,
         "protocol" : "fox",
         "protocolversion" : "1.0.1",
         "reverse" : [
            "127.sub-166-167-181.myvzw.com"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "subdomains" : [
            "sub-166-167-181.myvzw.com"
         ],
         "subnet" : "166.164.0.0/14",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp"
      }
      
  • 47.207.55.8:1911 (tcp/fox) - last seen on 2024-11-07 at 03:26:02 UTC

    • IP
      47.207.55.8
      Network
      47.192.0.0/12
      Device

      <enterprise field>: device.class

      Operating System
      NetBSD NetBSD
      ASN
      AS5650
      Organization
      FRONTIER-FRTR
      Protocol
      fox
      Source
      datascan
    • Operating System
      NetBSD NetBSD
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      db15f387f4969e4d9bb50f6ff6286004
    • fox a 0 -1 fox hello
      {
      fox.version=s:1.0.2
      id=i:1268
      n4Id=s:e6badf6bf0b24aa271e99dfe3f69de2fee864860c935efc8c9
      n4SuperId=s:4d684555101f5f162a7d649e43e4f66e22cd150fa02b245dd6
      hostName=s:
      hostAddress=s:192.168.254.250
      app.name=s:Station
      };;
      fox a 1 -1 fox challenge
      {
      method=s:digest
      keyExchangeMethods=s:null.1
      };;
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:26:02.000Z",
         "app" : {
            "extract" : {
               "ip" : [
                  "192.168.254.250"
               ]
            },
            "length" : 314
         },
         "asn" : "AS5650",
         "city" : "Tampa",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "fox a 0 -1 fox hello\n{\nfox.version=s:1.0.2\nid=i:1268\nn4Id=s:e6badf6bf0b24aa271e99dfe3f69de2fee864860c935efc8c9\nn4SuperId=s:4d684555101f5f162a7d649e43e4f66e22cd150fa02b245dd6\nhostName=s:\nhostAddress=s:192.168.254.250\napp.name=s:Station\n};;\nfox a 1 -1 fox challenge\n{\nmethod=s:digest\nkeyExchangeMethods=s:null.1\n};;\n",
         "datamd5" : "db15f387f4969e4d9bb50f6ff6286004",
         "datammh3" : -133613495,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS5650",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "frontiernet.net",
               "ftr.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "FCC-210",
            "organization" : "Frontier Communications Corporation",
            "subnet" : "47.192.0.0/12"
         },
         "ip" : "47.207.55.8",
         "ipv6" : "false",
         "latitude" : "27.9350",
         "location" : "27.9350,-82.3772",
         "longitude" : "-82.3772",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "FRONTIER-FRTR",
         "os" : "NetBSD",
         "osvendor" : "NetBSD",
         "port" : 1911,
         "protocol" : "fox",
         "protocolversion" : "1.0.2",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "subnet" : "47.192.0.0/12",
         "tls" : "false",
         "transport" : "tcp"
      }
      
  • 176.186.49.61:1911 (tcp/http) - last seen on 2024-11-07 at 03:25:54 UTC

    • IP
      176.186.49.61
      Network
      176.176.0.0/12
      Domain(s)
      bbox.fr
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      HTTP Title
      HTTP Status 400 – Bad Request
      Reverse DNS
      i19-les01-ntr-176-186-49-61.sfr.lns.abo.bbox.fr
      ASN
      AS5410
      Organization
      Bouygues Telecom SA
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a98148332bf260a4f33766b961432f1c
      HTTP Header MD5
      2b5c86ce14b90af3aacccc8878708f52
      HTTP Body MD5
      2d206e89f9f77a4e448806e3f512cb85
    • HTTP/1.1 400 
      Content-Type: text/html;charset=utf-8
      Content-Language: en
      Content-Length: 1790
      Date: Thu, 07 Nov 2024 03:25:54 GMT
      Connection: close
      
      <!doctype html><html lang="en"><head><title>HTTP Status 400 – Bad Request</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 – Bad Request</h1><hr class="line" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Invalid URI</p><p><b>Description</b> The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).</p><p><b>Exception</b></p><pre>java.lang.IllegalArgumentException: Invalid character found in the HTTP protocol
      	org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:547)
      	org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:502)
      	org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
      	org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)
      	org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1623)
      	org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
      	java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	java.lang.Thread.run(Thread.java:748)
      </pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class="line" /><h3>Apache Tomcat/8.5.51</h3></body></html>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:25:54.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "2d206e89f9f77a4e448806e3f512cb85",
               "bodymmh3" : 821935916,
               "headermd5" : "2b5c86ce14b90af3aacccc8878708f52",
               "headermmh3" : 190221099,
               "title" : "HTTP Status 400 \u2013 Bad Request"
            },
            "length" : 1946
         },
         "asn" : "AS5410",
         "city" : "Saint-Gratien",
         "country" : "FR",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 \r\nContent-Type: text/html;charset=utf-8\r\nContent-Language: en\r\nContent-Length: 1790\r\nDate: Thu, 07 Nov 2024 03:25:54 GMT\r\nConnection: close\r\n\r\n<!doctype html><html lang=\"en\"><head><title>HTTP Status 400 \u2013 Bad Request</title><style type=\"text/css\">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 \u2013 Bad Request</h1><hr class=\"line\" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Invalid URI</p><p><b>Description</b> The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).</p><p><b>Exception</b></p><pre>java.lang.IllegalArgumentException: Invalid character found in the HTTP protocol\n\torg.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:547)\n\torg.apache.coyote.http11.Http11Processor.service(Http11Processor.java:502)\n\torg.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)\n\torg.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)\n\torg.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1623)\n\torg.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)\n\tjava.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)\n\tjava.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)\n\torg.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\n\tjava.lang.Thread.run(Thread.java:748)\n</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class=\"line\" /><h3>Apache Tomcat/8.5.51</h3></body></html>",
         "datamd5" : "a98148332bf260a4f33766b961432f1c",
         "datammh3" : 1025963067,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "bbox.fr"
         ],
         "geolocus" : {
            "asn" : "AS5410",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "FR",
            "countryname" : "France",
            "domain" : [
               "bbox.fr",
               "bouyguestelecom.fr"
            ],
            "isineu" : "true",
            "latitude" : "46.227638",
            "location" : "46.227638,2.213749",
            "longitude" : "2.213749",
            "netname" : "BOUYGTEL-ISP-WIRELINE",
            "organization" : "Pool for Broadband DSL customers",
            "subnet" : "176.186.0.0/15"
         },
         "host" : [
            "i19-les01-ntr-176-186-49-61"
         ],
         "hostname" : [
            "i19-les01-ntr-176-186-49-61.sfr.lns.abo.bbox.fr"
         ],
         "ip" : "176.186.49.61",
         "ipv6" : "false",
         "latitude" : "48.9707",
         "location" : "48.9707,2.2949",
         "longitude" : "2.2949",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Bouygues Telecom SA",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 1911,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reverse" : [
            "i19-les01-ntr-176-186-49-61.sfr.lns.abo.bbox.fr"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subdomains" : [
            "abo.bbox.fr",
            "lns.abo.bbox.fr",
            "sfr.lns.abo.bbox.fr"
         ],
         "subnet" : "176.176.0.0/12",
         "tld" : [
            "fr"
         ],
         "tls" : "false",
         "transport" : "tcp"
      }
      
  • 98.98.248.177:1911 (tcp/http) - last seen on 2024-11-07 at 03:25:53 UTC

    • IP
      98.98.248.177
      Network
      98.98.240.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      HTTP Title
      400 Bad Request
      ASN
      AS21859
      Organization
      ZEN-ECN
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Server Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e52dabeb1c6a087849f38698d5a84021
      HTTP Header MD5
      f86cc985ecde38fa6c654c6d843421bb
      HTTP Body MD5
      fa9a8acb2708be4a10ee7f3090414629
    • HTTP/1.1 400 Bad Request
      Server: Server
      Date: Thu, 07 Nov 2024 03:25:53 GMT
      Content-Type: text/html
      Content-Length: 145
      Connection: close
      
      <html>
      <head><title>400 Bad Request</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <hr><center></center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:25:53.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "fa9a8acb2708be4a10ee7f3090414629",
               "bodymmh3" : 1147286280,
               "headermd5" : "f86cc985ecde38fa6c654c6d843421bb",
               "headermmh3" : -1501428713,
               "title" : "400 Bad Request"
            },
            "length" : 291
         },
         "asn" : "AS21859",
         "city" : "Jeddah",
         "country" : "SA",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: Server\r\nDate: Thu, 07 Nov 2024 03:25:53 GMT\r\nContent-Type: text/html\r\nContent-Length: 145\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center></center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "e52dabeb1c6a087849f38698d5a84021",
         "datammh3" : -1320027916,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS21859",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "zenlayer.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "ZENLA-7",
            "organization" : "Zenlayer Inc",
            "subnet" : "98.98.248.0/24"
         },
         "ip" : "98.98.248.177",
         "ipv6" : "false",
         "latitude" : "21.4849",
         "location" : "21.4849,39.1920",
         "longitude" : "39.1920",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "ZEN-ECN",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 1911,
         "product" : "Server",
         "productvendor" : "Server",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "98.98.240.0/20",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp"
      }
      
  • 68.115.52.99:1911 (tcp/fox) - last seen on 2024-11-07 at 03:25:37 UTC

    • IP
      68.115.52.99
      Network
      68.115.0.0/17
      Domain(s)
      spectrum.com
      Device

      <enterprise field>: device.class

      Operating System
      NetBSD NetBSD
      Reverse DNS
      syn-068-115-052-099.biz.spectrum.com
      ASN
      AS20115
      Organization
      CHARTER-20115
      Protocol
      fox
      Source
      datascan
    • Operating System
      NetBSD NetBSD
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      ca547fa9d8453e33511865cdeb639f01
    • fox a 0 -1 fox hello
      {
      fox.version=s:1.0.2
      id=i:43144
      n4Id=s:e8bf3d9e3df917c9e899988d4765bbae19f641cd1f2e2818e8
      n4SuperId=s:bd4f2f428bfe8f68396eef8a6acc374beeeaada1647e0c52c0
      hostName=s:WESTWOODFX70-01
      hostAddress=s:<ip>
      app.name=s:Station
      };;
      fox a 1 -1 fox challenge
      {
      method=s:digest
      keyExchangeMethods=s:null.1
      };;
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:25:37.000Z",
         "app" : {
            "length" : 319
         },
         "asn" : "AS20115",
         "city" : "Wausau",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "fox a 0 -1 fox hello\n{\nfox.version=s:1.0.2\nid=i:43144\nn4Id=s:e8bf3d9e3df917c9e899988d4765bbae19f641cd1f2e2818e8\nn4SuperId=s:bd4f2f428bfe8f68396eef8a6acc374beeeaada1647e0c52c0\nhostName=s:WESTWOODFX70-01\nhostAddress=s:<ip>\napp.name=s:Station\n};;\nfox a 1 -1 fox challenge\n{\nmethod=s:digest\nkeyExchangeMethods=s:null.1\n};;\n",
         "datamd5" : "ca547fa9d8453e33511865cdeb639f01",
         "datammh3" : 618238991,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "spectrum.com"
         ],
         "geolocus" : {
            "asn" : "AS20115",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "charter.com",
               "charter.net",
               "spectrum.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "MAZO-WI-68-115-32",
            "organization" : "Charter Communications",
            "subnet" : "68.115.32.0/19"
         },
         "host" : [
            "syn-068-115-052-099"
         ],
         "hostname" : [
            "syn-068-115-052-099.biz.spectrum.com"
         ],
         "ip" : "68.115.52.99",
         "ipv6" : "false",
         "latitude" : "44.9656",
         "location" : "44.9656,-89.7066",
         "longitude" : "-89.7066",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "CHARTER-20115",
         "os" : "NetBSD",
         "osvendor" : "NetBSD",
         "port" : 1911,
         "protocol" : "fox",
         "protocolversion" : "1.0.2",
         "reverse" : [
            "syn-068-115-052-099.biz.spectrum.com"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "subdomains" : [
            "biz.spectrum.com"
         ],
         "subnet" : "68.115.0.0/17",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp"
      }
      
  • 166.156.214.165:1911 (tcp/fox) - last seen on 2024-11-07 at 03:25:15 UTC

    • IP
      166.156.214.165
      Network
      166.156.0.0/15
      Domain(s)
      myvzw.com
      Device

      <enterprise field>: device.class

      Operating System
      BlackBerry QNX 6.5.0
      Reverse DNS
      165.sub-166-156-214.myvzw.com
      ASN
      AS6167
      Organization
      CELLCO-PART
      Protocol
      fox
      Source
      datascan
    • Operating System
      BlackBerry QNX 6.5.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2ae69d715aa1a89042bee0c65e477487
    • fox a 0 -1 fox hello
      {
      fox.version=s:1.0.1
      id=i:106
      n4Id=s:7f6c7f74f31c75346503aaabfa2807963a04d88d4cd1ce668e
      n4SuperId=s:85dde591688326a05c09620c3d03611322baaf73c32d692d92
      hostName=s:
      hostAddress=s:192.168.0.51
      app.name=s:Station
      app.version=s:4.7.109.20.1
      vm.name=s:Java HotSpot(TM) Embedded Client VM
      vm.version=s:25.161-b01
      os.name=s:QNX
      os.version=s:6.5.0
      station.name=s:New_Beginnings_JACE
      lang=s:en
      timeZone=s:America/Chicago;-21600000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined
      hostId=s:Qnx-TITAN-EC85-2AD7-ABAC-7D16
      vmUuid=s:5d7abc5c-672b-4c34-beb3-a9b86e41106d
      brandId=s:vykon
      sysInfo=o:bog 61[<bog version="1.0">
      <p m="b=baja" t="b:Facets" v=""/>
      </bog>
      ]
      };;
      fox a 1 -1 fox challenge
      {
      method=s:digest
      keyExchangeMethods=s:null.1
      };;
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:25:15.000Z",
         "app" : {
            "extract" : {
               "ip" : [
                  "4.7.109.20",
                  "192.168.0.51"
               ]
            },
            "length" : 824
         },
         "asn" : "AS6167",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "fox a 0 -1 fox hello\n{\nfox.version=s:1.0.1\nid=i:106\nn4Id=s:7f6c7f74f31c75346503aaabfa2807963a04d88d4cd1ce668e\nn4SuperId=s:85dde591688326a05c09620c3d03611322baaf73c32d692d92\nhostName=s:\nhostAddress=s:192.168.0.51\napp.name=s:Station\napp.version=s:4.7.109.20.1\nvm.name=s:Java HotSpot(TM) Embedded Client VM\nvm.version=s:25.161-b01\nos.name=s:QNX\nos.version=s:6.5.0\nstation.name=s:New_Beginnings_JACE\nlang=s:en\ntimeZone=s:America/Chicago;-21600000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined\nhostId=s:Qnx-TITAN-EC85-2AD7-ABAC-7D16\nvmUuid=s:5d7abc5c-672b-4c34-beb3-a9b86e41106d\nbrandId=s:vykon\nsysInfo=o:bog 61[<bog version=\"1.0\">\n<p m=\"b=baja\" t=\"b:Facets\" v=\"\"/>\n</bog>\n]\n};;\nfox a 1 -1 fox challenge\n{\nmethod=s:digest\nkeyExchangeMethods=s:null.1\n};;\n",
         "datamd5" : "2ae69d715aa1a89042bee0c65e477487",
         "datammh3" : -1727435029,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "myvzw.com"
         ],
         "geolocus" : {
            "asn" : "AS6167",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "myvzw.com",
               "wirelessdataspco.org"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "NETBLK-CDPD-B",
            "organization" : "Wireless Data Service Provider Corporation",
            "subnet" : "166.156.0.0/15"
         },
         "host" : [
            165
         ],
         "hostname" : [
            "165.sub-166-156-214.myvzw.com"
         ],
         "ip" : "166.156.214.165",
         "ipv6" : "false",
         "latitude" : "41.8764",
         "location" : "41.8764,-87.6133",
         "longitude" : "-87.6133",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "CELLCO-PART",
         "os" : "QNX",
         "osvendor" : "BlackBerry",
         "osversion" : "6.5.0",
         "port" : 1911,
         "protocol" : "fox",
         "protocolversion" : "1.0.1",
         "reverse" : [
            "165.sub-166-156-214.myvzw.com"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "subdomains" : [
            "sub-166-156-214.myvzw.com"
         ],
         "subnet" : "166.156.0.0/15",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp"
      }