Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
80.210.62.94

Network
80.210.32.0/19

Operating System
Microsoft Windows

ASN
AS58224

Organization
Iran Telecommunication Company PJS

Protocol
undefined Cert not expired undefined

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe
Issuer Common Name
SERVER-PC

Subject Common Name
SERVER-PC

SHA256 Fingerprint
a8693b3237f2ede27ecd381ba02f81508add1172a077d986b627c00a435cae6c

Validity Not Before
2024-10-28T20:30:59Z

Validity Not After
2025-04-29T20:30:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3c768c4828bc7cf16f444a4228eaa0b3
```
<nodata>
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:58.000Z",
   "app" : {
      "length" : 8
   },
   "asn" : "AS58224",
   "ca" : "false",
   "country" : "IR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<nodata>",
   "datamd5" : "3c768c4828bc7cf16f444a4228eaa0b3",
   "datammh3" : -969888823,
   "extkeyusage" : [
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "645e9ea8137b7c3a77cd5f33313ea8c7",
      "sha1" : "24b235490dd5f0224035fd798f89187af6bd4fc4",
      "sha256" : "a8693b3237f2ede27ecd381ba02f81508add1172a077d986b627c00a435cae6c"
   },
   "geolocus" : {
      "asn" : "AS12880",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IR",
      "countryname" : "Iran",
      "domain" : [
         "tci.ir"
      ],
      "isineu" : "false",
      "latitude" : "32.427908",
      "location" : "32.427908,53.688046",
      "longitude" : "53.688046",
      "netname" : "TCITHR",
      "organization" : "Telecommunication Company of Tehran",
      "subnet" : "80.210.32.0/19"
   },
   "ip" : "80.210.62.94",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "SERVER-PC"
   },
   "keyusage" : [
      "keyEncipherment",
      "dataEncipherment"
   ],
   "latitude" : "35.6980",
   "location" : "35.6980,51.4115",
   "longitude" : "51.4115",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Iran Telecommunication Company PJS",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 20000,
   "protocol" : "undefined",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-07",
   "serial" : "1d:86:30:28:7d:a0:d3:b9:47:16:26:49:e4:32:fd:81",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "commonname" : "SERVER-PC"
   },
   "subnet" : "80.210.32.0/19",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-04-29T20:30:59Z",
      "notbefore" : "2024-10-28T20:30:59Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
200.175.178.35

Alternative IP(s)
3.135.119.94

Network
200.175.0.0/16

Domain(s)
comandoap.com.br direcaoonline.com.br kampeao.com.br

Operating System
Microsoft Windows

Reverse DNS
mail.comandoap.com.br

ASN
AS18881

Organization
TELEFONICA BRASIL S.A

Protocol
undefined Cert not expired undefined

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe
Issuer Common Name
TOTVS certificate CA

Issuer Organization
TOTVS

Subject Organization
TOTVS

Subject Email
ricardo.clima@totvs.com.br

Subject Common Name
TOTVS certificate CA - srv-cmd.comandoap.com.br

Subject Alt Name
srv-cmd.comandoap.com.br srv-dir.direcaoonline.com.br srv-kam.kampeao.com.br

SHA256 Fingerprint
e2728d0f00d3eaac75a30c4e76fc1bb58e94aacd10f0b5497a251d7ad9d12c29

Validity Not Before
2024-06-16T00:08:05Z

Validity Not After
2100-08-30T00:08:05Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3c768c4828bc7cf16f444a4228eaa0b3
```
<nodata>
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:58.000Z",
   "alternativeip" : [
      "3.135.119.94"
   ],
   "app" : {
      "length" : 8
   },
   "asn" : "AS18881",
   "ca" : "false",
   "city" : "Bras\u00edlia",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<nodata>",
   "datamd5" : "3c768c4828bc7cf16f444a4228eaa0b3",
   "datammh3" : -969888823,
   "domain" : [
      "comandoap.com.br",
      "direcaoonline.com.br",
      "kampeao.com.br"
   ],
   "fingerprint" : {
      "md5" : "700a09fdf3652e97c00463a63e89a509",
      "sha1" : "d338f20b326066c877729a113a9846bd791e3343",
      "sha256" : "e2728d0f00d3eaac75a30c4e76fc1bb58e94aacd10f0b5497a251d7ad9d12c29"
   },
   "geolocus" : {
      "asn" : "AS18881",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "cert.br",
         "net.br",
         "telefonica.com"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "02.558.157/0001-62",
      "organization" : "TELEFONICA BRASIL S.A",
      "subnet" : "200.175.0.0/16"
   },
   "host" : [
      "mail",
      "srv-cmd",
      "srv-dir",
      "srv-kam",
      "totvs certificate ca - srv-cmd"
   ],
   "hostname" : [
      "TOTVS certificate CA - srv-cmd.comandoap.com.br",
      "mail.comandoap.com.br",
      "srv-cmd.comandoap.com.br",
      "srv-dir.direcaoonline.com.br",
      "srv-kam.kampeao.com.br"
   ],
   "ip" : "200.175.178.35",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sao Paulo",
      "commonname" : "TOTVS certificate CA",
      "country" : "BR",
      "email" : "ricardo.clima@totvs.com.br",
      "organization" : "TOTVS",
      "organizationalunit" : "TOTVS - Tecnologia"
   },
   "keyusage" : [
      "digitalSignature",
      "nonRepudiation",
      "keyEncipherment",
      "dataEncipherment"
   ],
   "latitude" : "-15.7792",
   "location" : "-15.7792,-47.9341",
   "longitude" : "-47.9341",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TELEFONICA BRASIL S.A",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 20000,
   "protocol" : "undefined",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "mail.comandoap.com.br"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "ed:06:7d:9d:10:c6:8c:ad",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "srv-cmd.comandoap.com.br",
         "srv-dir.direcaoonline.com.br",
         "srv-kam.kampeao.com.br"
      ],
      "city" : "Sao Paulo",
      "commonname" : "TOTVS certificate CA - srv-cmd.comandoap.com.br",
      "country" : "BR",
      "email" : "ricardo.clima@totvs.com.br",
      "organization" : "TOTVS",
      "organizationalunit" : "TOTVS - Tecnologia"
   },
   "subnet" : "200.175.0.0/16",
   "tld" : [
      "com.br"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2100-08-30T00:08:05Z",
      "notbefore" : "2024-06-16T00:08:05Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
13.80.183.94

Network
13.64.0.0/11

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
AME Infra CA 02

Subject Common Name
58530069-b7f1-44c3-97d6-e107a970de77.gwt.cloudapp.net

Subject Alt Name
azuregateway-58530069-b7f1-44c3-97d6-e107a970de77-9fb7a134b356.gwt.cloudapp.net

SHA256 Fingerprint
501a21171712051e971fa8277724442623a5e6a66761ff2d3a1ef50f77a9b1e0

Validity Not Before
2024-07-17T18:12:34Z

Validity Not After
2025-07-12T18:12:34Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 03:21:48 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:49.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 819286432,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "ca" : "false",
   "city" : "Amsterdam",
   "country" : "NL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:21:48 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "74bf27abe2d24c3bdb1d04172c8847c6",
      "sha1" : "1e2e56e5122a13c2b21881d465cbeb3989ebac3a",
      "sha256" : "501a21171712051e971fa8277724442623a5e6a66761ff2d3a1ef50f77a9b1e0"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "13.80.0.0/15"
   },
   "host" : [
      "58530069-b7f1-44c3-97d6-e107a970de77",
      "azuregateway-58530069-b7f1-44c3-97d6-e107a970de77-9fb7a134b356"
   ],
   "hostname" : [
      "58530069-b7f1-44c3-97d6-e107a970de77.gwt.cloudapp.net",
      "azuregateway-58530069-b7f1-44c3-97d6-e107a970de77-9fb7a134b356.gwt.cloudapp.net"
   ],
   "ip" : "13.80.183.94",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "AME Infra CA 02"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "52.3759",
   "location" : "52.3759,4.8975",
   "longitude" : "4.8975",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 20000,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "serial" : "7f:03:a6:8c:22:f1:fd:d0:9b:24:38:36:a5:00:04:03:a6:8c:22",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "gwt.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "azuregateway-58530069-b7f1-44c3-97d6-e107a970de77-9fb7a134b356.gwt.cloudapp.net"
      ],
      "commonname" : "58530069-b7f1-44c3-97d6-e107a970de77.gwt.cloudapp.net"
   },
   "subnet" : "13.64.0.0/11",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-07-12T18:12:34Z",
      "notbefore" : "2024-07-17T18:12:34Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
107.154.249.243

Alternative IP(s)
103.28.250.68 103.28.251.68 107.154.146.61 107.154.148.61 107.154.152.61 149.126.72.68 160.153.0.53 45.223.154.221 45.223.61.221 45.60.109.225 45.60.150.105 45.60.154.105 45.60.170.105 45.60.73.225 45.60.96.61 72.19.3.67

Network
107.154.248.0/22

Domain(s)
adgartower.co.il archives.govt.nz careydwidefense.com gbsinternationalinc.com hardysmasonchimney.com hubermarionettes.com imperva.com incapdns.net oriononline.com.au straightspouse.org subaru.co.il successfulhomes.com weboutcomes.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
107.154.249.243.ip.incapdns.net

ASN
AS19551

Organization
INCAPSULA

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
GlobalSign Atlas R3 DV TLS CA 2024 Q3

Issuer Organization
GlobalSign nv-sa

Subject Common Name
imperva.com

Subject Alt Name
*.archway.archives.govt.nz www.hardysmasonchimney.com www.straightspouse.org straightspouse.org hubermarionettes.com weboutcomes.com www.oriononline.com.au *.subaru.co.il successfulhomes.com *.weboutcomes.com www.gbsinternationalinc.com www.hubermarionettes.com oriononline.com.au www.careydwidefense.com careydwidefense.com *.adgartower.co.il subaru.co.il hardysmasonchimney.com gbsinternationalinc.com imperva.com www.successfulhomes.com

SHA256 Fingerprint
d393117cfa13c5cc5b3d2bbc95c16c7acc435314dab98c68534aae4bec955d7f

Validity Not Before
2024-08-07T19:13:47Z

Validity Not After
2025-02-03T19:13:37Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a25084d2cbd94a3dd8c46e9e7907aea7

HTTP Header MD5
ba757ab69ae1e9ac37a15fbbdddea96f

HTTP Body MD5
14581c04eb6f37a8964185985044c475

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
Content-Length: 703
X-Iinfo: 17-110627974-0 0NNN RT(1730949709393 124) q(-1 -1 -1 -1) r(0 -1) b1

<html style="height:100%"><head><META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"><meta name="format-detection" content="telephone=no"><meta name="viewport" content="initial-scale=1.0"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"></head><body style="margin:0px;height:100%"><iframe id="main-iframe" src="/_Incapsula_Resource?CWUDNSAI=24&xinfo=17-110627974-0%200NNN%20RT%281730949709393%20124%29%20q%28-1%20-1%20-1%20-1%29%20r%280%20-1%29%20b1&incident_id=0-565672193899693329&edet=3&cinfo=ffffffff&pe=544&rpinfo=0&mth=NA" frameborder=0 width="100%" height="100%" marginheight="0px" marginwidth="0px">Request unsuccessful. Incapsula incident ID: 0-565672193899693329</iframe></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:49.000Z",
   "alternativeip" : [
      "103.28.250.68",
      "103.28.251.68",
      "107.154.146.61",
      "107.154.148.61",
      "107.154.152.61",
      "149.126.72.68",
      "160.153.0.53",
      "45.223.154.221",
      "45.223.61.221",
      "45.60.109.225",
      "45.60.150.105",
      "45.60.154.105",
      "45.60.170.105",
      "45.60.73.225",
      "45.60.96.61",
      "72.19.3.67"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "14581c04eb6f37a8964185985044c475",
         "bodymmh3" : 1722686059,
         "headermd5" : "ba757ab69ae1e9ac37a15fbbdddea96f",
         "headermmh3" : 3834410
      },
      "length" : 909
   },
   "asn" : "AS19551",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html\r\nCache-Control: no-cache, no-store\r\nConnection: close\r\nContent-Length: 703\r\nX-Iinfo: 17-110627974-0 0NNN RT(1730949709393 124) q(-1 -1 -1 -1) r(0 -1) b1\r\n\r\n<html style=\"height:100%\"><head><META NAME=\"ROBOTS\" CONTENT=\"NOINDEX, NOFOLLOW\"><meta name=\"format-detection\" content=\"telephone=no\"><meta name=\"viewport\" content=\"initial-scale=1.0\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\"></head><body style=\"margin:0px;height:100%\"><iframe id=\"main-iframe\" src=\"/_Incapsula_Resource?CWUDNSAI=24&xinfo=17-110627974-0%200NNN%20RT%281730949709393%20124%29%20q%28-1%20-1%20-1%20-1%29%20r%280%20-1%29%20b1&incident_id=0-565672193899693329&edet=3&cinfo=ffffffff&pe=544&rpinfo=0&mth=NA\" frameborder=0 width=\"100%\" height=\"100%\" marginheight=\"0px\" marginwidth=\"0px\">Request unsuccessful. Incapsula incident ID: 0-565672193899693329</iframe></body></html>",
   "datamd5" : "a25084d2cbd94a3dd8c46e9e7907aea7",
   "datammh3" : -1219809324,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "adgartower.co.il",
      "archives.govt.nz",
      "careydwidefense.com",
      "gbsinternationalinc.com",
      "hardysmasonchimney.com",
      "hubermarionettes.com",
      "imperva.com",
      "incapdns.net",
      "oriononline.com.au",
      "straightspouse.org",
      "subaru.co.il",
      "successfulhomes.com",
      "weboutcomes.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "af77fbea53fbb66d05d8e6f440302bfc",
      "sha1" : "9e8b8e1ac7e7c9c79670b4e4b3f9db2370985352",
      "sha256" : "d393117cfa13c5cc5b3d2bbc95c16c7acc435314dab98c68534aae4bec955d7f"
   },
   "geolocus" : {
      "asn" : "AS19551",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "imperva.com",
         "incapdns.net",
         "incapsula.com",
         "thalesgroup.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "INCAPSULA-NETWORK",
      "organization" : "Incapsula Inc",
      "subnet" : "107.154.248.0/23"
   },
   "host" : [
      107,
      "www"
   ],
   "hostname" : [
      "107.154.249.243.ip.incapdns.net",
      "careydwidefense.com",
      "gbsinternationalinc.com",
      "hardysmasonchimney.com",
      "hubermarionettes.com",
      "imperva.com",
      "oriononline.com.au",
      "straightspouse.org",
      "subaru.co.il",
      "successfulhomes.com",
      "weboutcomes.com",
      "www.careydwidefense.com",
      "www.gbsinternationalinc.com",
      "www.hardysmasonchimney.com",
      "www.hubermarionettes.com",
      "www.oriononline.com.au",
      "www.straightspouse.org",
      "www.successfulhomes.com"
   ],
   "ip" : "107.154.249.243",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "GlobalSign Atlas R3 DV TLS CA 2024 Q3",
      "country" : "BE",
      "organization" : "GlobalSign nv-sa"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "INCAPSULA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 20000,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "reverse" : [
      "107.154.249.243.ip.incapdns.net"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "01:53:66:09:59:9d:59:81:49:c3:1a:a0:67:1e:e0:dd",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "154.249.243.ip.incapdns.net",
      "243.ip.incapdns.net",
      "249.243.ip.incapdns.net",
      "archway.archives.govt.nz",
      "ip.incapdns.net"
   ],
   "subject" : {
      "altname" : [
         "*.archway.archives.govt.nz",
         "www.hardysmasonchimney.com",
         "www.straightspouse.org",
         "straightspouse.org",
         "hubermarionettes.com",
         "weboutcomes.com",
         "www.oriononline.com.au",
         "*.subaru.co.il",
         "successfulhomes.com",
         "*.weboutcomes.com",
         "www.gbsinternationalinc.com",
         "www.hubermarionettes.com",
         "oriononline.com.au",
         "www.careydwidefense.com",
         "careydwidefense.com",
         "*.adgartower.co.il",
         "subaru.co.il",
         "hardysmasonchimney.com",
         "gbsinternationalinc.com",
         "imperva.com",
         "www.successfulhomes.com"
      ],
      "commonname" : "imperva.com"
   },
   "subnet" : "107.154.248.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "co.il",
      "com",
      "com.au",
      "govt.nz",
      "net",
      "org"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-02-03T19:13:37Z",
      "notbefore" : "2024-08-07T19:13:47Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
168.63.248.163

Network
168.62.0.0/15

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
AME Infra CA 06

Subject Common Name
8af20062-d3fa-4eda-b37f-c87fe1fba3a4.gwt.cloudapp.net

Subject Alt Name
azuregateway-8af20062-d3fa-4eda-b37f-c87fe1fba3a4-bf1ec40c7035.gwt.cloudapp.net

SHA256 Fingerprint
569571b15e1ea91acb8d5bedf057285f779df78ecbecef03f3cf5d5f05d3b33e

Validity Not Before
2024-08-19T06:09:22Z

Validity Not After
2025-08-14T06:09:22Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 03:21:49 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:49.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : -646586481,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "ca" : "false",
   "city" : "Singapore",
   "country" : "SG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:21:49 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "ac5e0f90cea0f8be7e55545292ada785",
      "sha1" : "1464aea2267f2de9947903d846d14ec9ea2135e3",
      "sha256" : "569571b15e1ea91acb8d5bedf057285f779df78ecbecef03f3cf5d5f05d3b33e"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MICROSOFT",
      "organization" : "Microsoft Corp",
      "subnet" : "168.63.224.0/19"
   },
   "host" : [
      "8af20062-d3fa-4eda-b37f-c87fe1fba3a4",
      "azuregateway-8af20062-d3fa-4eda-b37f-c87fe1fba3a4-bf1ec40c7035"
   ],
   "hostname" : [
      "8af20062-d3fa-4eda-b37f-c87fe1fba3a4.gwt.cloudapp.net",
      "azuregateway-8af20062-d3fa-4eda-b37f-c87fe1fba3a4-bf1ec40c7035.gwt.cloudapp.net"
   ],
   "ip" : "168.63.248.163",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "AME Infra CA 06"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "1.2868",
   "location" : "1.2868,103.8503",
   "longitude" : "103.8503",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 20000,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "serial" : "1e:05:33:66:f2:c2:00:ce:7b:3f:58:a2:c1:00:00:05:33:66:f2",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "gwt.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "azuregateway-8af20062-d3fa-4eda-b37f-c87fe1fba3a4-bf1ec40c7035.gwt.cloudapp.net"
      ],
      "commonname" : "8af20062-d3fa-4eda-b37f-c87fe1fba3a4.gwt.cloudapp.net"
   },
   "subnet" : "168.62.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-08-14T06:09:22Z",
      "notbefore" : "2024-08-19T06:09:22Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
20.165.24.113

Network
20.160.0.0/12

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
AME Infra CA 05

Subject Common Name
591f0030-0570-4df1-bc57-1f794814a51c.gwt.cloudapp.net

Subject Alt Name
azuregateway-591f0030-0570-4df1-bc57-1f794814a51c-30ef98e04d54.gwt.cloudapp.net

SHA256 Fingerprint
35a56307cc66e99136bd079d0018c9321b178e281e7e645723b813c1ae51f8ae

Validity Not Before
2024-07-05T07:18:54Z

Validity Not After
2025-06-30T07:18:54Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 03:21:47 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:48.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : -216579379,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "ca" : "false",
   "city" : "San Antonio",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:21:47 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "a2c7eca8d62ff1be9546c3affd6ebd9f",
      "sha1" : "84e1408a5d43f15fdb32eb4167a546517a37ba05",
      "sha256" : "35a56307cc66e99136bd079d0018c9321b178e281e7e645723b813c1ae51f8ae"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "20.165.0.0/16"
   },
   "host" : [
      "591f0030-0570-4df1-bc57-1f794814a51c",
      "azuregateway-591f0030-0570-4df1-bc57-1f794814a51c-30ef98e04d54"
   ],
   "hostname" : [
      "591f0030-0570-4df1-bc57-1f794814a51c.gwt.cloudapp.net",
      "azuregateway-591f0030-0570-4df1-bc57-1f794814a51c-30ef98e04d54.gwt.cloudapp.net"
   ],
   "ip" : "20.165.24.113",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "AME Infra CA 05"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "29.4227",
   "location" : "29.4227,-98.4927",
   "longitude" : "-98.4927",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 20000,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "serial" : "7c:05:19:2a:1f:fd:2e:ba:c5:c0:c1:fd:85:00:00:05:19:2a:1f",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "gwt.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "azuregateway-591f0030-0570-4df1-bc57-1f794814a51c-30ef98e04d54.gwt.cloudapp.net"
      ],
      "commonname" : "591f0030-0570-4df1-bc57-1f794814a51c.gwt.cloudapp.net"
   },
   "subnet" : "20.160.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-06-30T07:18:54Z",
      "notbefore" : "2024-07-05T07:18:54Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
57.153.170.107

Network
57.152.0.0/13

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
AME Infra CA 05

Subject Common Name
93240069-7b1e-4572-89ec-3f92ff5b6c4a.gwt.cloudapp.net

Subject Alt Name
azuregateway-93240069-7b1e-4572-89ec-3f92ff5b6c4a-bcdc6eb35d60.gwt.cloudapp.net

SHA256 Fingerprint
8b8d09894e47eeb7518d5e5624b06d6a157583f4c965b8d5f3c020f155e59a4c

Validity Not Before
2024-09-04T11:20:14Z

Validity Not After
2025-08-30T11:20:14Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 03:21:48 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:48.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 819286432,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "ca" : "false",
   "city" : "Amsterdam",
   "country" : "NL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:21:48 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "33379bd2cab6d3e75bea2f2575209997",
      "sha1" : "20a5bf74b829be6d1ac9000f60968695158058f1",
      "sha256" : "8b8d09894e47eeb7518d5e5624b06d6a157583f4c965b8d5f3c020f155e59a4c"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "GB",
      "countryname" : "United Kingdom",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "55.378051",
      "location" : "55.378051,-3.435973",
      "longitude" : "-3.435973",
      "netname" : "GB-MICROSOFT",
      "organization" : "Microsoft Limited",
      "subnet" : "57.152.0.0/13"
   },
   "host" : [
      "93240069-7b1e-4572-89ec-3f92ff5b6c4a",
      "azuregateway-93240069-7b1e-4572-89ec-3f92ff5b6c4a-bcdc6eb35d60"
   ],
   "hostname" : [
      "93240069-7b1e-4572-89ec-3f92ff5b6c4a.gwt.cloudapp.net",
      "azuregateway-93240069-7b1e-4572-89ec-3f92ff5b6c4a-bcdc6eb35d60.gwt.cloudapp.net"
   ],
   "ip" : "57.153.170.107",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "AME Infra CA 05"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "52.3759",
   "location" : "52.3759,4.8975",
   "longitude" : "4.8975",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 20000,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "serial" : "7c:05:6b:a4:d2:0b:b2:c6:31:93:1e:b1:43:00:00:05:6b:a4:d2",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "gwt.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "azuregateway-93240069-7b1e-4572-89ec-3f92ff5b6c4a-bcdc6eb35d60.gwt.cloudapp.net"
      ],
      "commonname" : "93240069-7b1e-4572-89ec-3f92ff5b6c4a.gwt.cloudapp.net"
   },
   "subnet" : "57.152.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-08-30T11:20:14Z",
      "notbefore" : "2024-09-04T11:20:14Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
20.123.99.24

Network
20.64.0.0/10

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
AME INFRA CA 01

Subject Common Name
7c030068-ec0a-406f-9bfa-b04ed8f62b2c.gwt.cloudapp.net

Subject Alt Name
azuregateway-7c030068-ec0a-406f-9bfa-b04ed8f62b2c-8e47bd65d5b1.gwt.cloudapp.net

SHA256 Fingerprint
01be0af93a1b57594afbe64cec1ba95411cfcca0bc38914eba9b9831748457fd

Validity Not Before
2024-07-16T18:46:45Z

Validity Not After
2025-07-11T18:46:45Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 03:21:47 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:48.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : -216579379,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "ca" : "false",
   "city" : "Dublin",
   "country" : "IE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:21:47 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "0e1f4e9de94fa2932cc65eafdd0b7b14",
      "sha1" : "5a183f5532d7973edb72df2764b802e9939bbf82",
      "sha256" : "01be0af93a1b57594afbe64cec1ba95411cfcca0bc38914eba9b9831748457fd"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "20.123.0.0/17"
   },
   "host" : [
      "7c030068-ec0a-406f-9bfa-b04ed8f62b2c",
      "azuregateway-7c030068-ec0a-406f-9bfa-b04ed8f62b2c-8e47bd65d5b1"
   ],
   "hostname" : [
      "7c030068-ec0a-406f-9bfa-b04ed8f62b2c.gwt.cloudapp.net",
      "azuregateway-7c030068-ec0a-406f-9bfa-b04ed8f62b2c-8e47bd65d5b1.gwt.cloudapp.net"
   ],
   "ip" : "20.123.99.24",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "AME INFRA CA 01"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "53.3379",
   "location" : "53.3379,-6.2591",
   "longitude" : "-6.2591",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 20000,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "serial" : "3a:03:54:73:cd:21:a4:cf:2f:6a:db:d6:76:00:04:03:54:73:cd",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "gwt.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "azuregateway-7c030068-ec0a-406f-9bfa-b04ed8f62b2c-8e47bd65d5b1.gwt.cloudapp.net"
      ],
      "commonname" : "7c030068-ec0a-406f-9bfa-b04ed8f62b2c.gwt.cloudapp.net"
   },
   "subnet" : "20.64.0.0/10",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-07-11T18:46:45Z",
      "notbefore" : "2024-07-16T18:46:45Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
20.212.144.214

Network
20.192.0.0/10

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
AME INFRA CA 01

Subject Common Name
48d90062-fa75-4522-b6e6-d1f0b89e0e02.gwt.cloudapp.net

Subject Alt Name
azuregateway-48d90062-fa75-4522-b6e6-d1f0b89e0e02-a45243296e70.gwt.cloudapp.net

SHA256 Fingerprint
d394cecfb5d1a72532ca0e7944f37e269d8a7950c49991d1080aaf4cfa55d38b

Validity Not Before
2024-08-19T02:33:00Z

Validity Not After
2025-08-14T02:33:00Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 03:21:48 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:48.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 819286432,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "ca" : "false",
   "city" : "Singapore",
   "country" : "SG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:21:48 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "0d5185a1fa420106df6798e06992fd33",
      "sha1" : "eaf6587e73440a5bb37e0528a55a79bb34afb275",
      "sha256" : "d394cecfb5d1a72532ca0e7944f37e269d8a7950c49991d1080aaf4cfa55d38b"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "20.212.0.0/16"
   },
   "host" : [
      "48d90062-fa75-4522-b6e6-d1f0b89e0e02",
      "azuregateway-48d90062-fa75-4522-b6e6-d1f0b89e0e02-a45243296e70"
   ],
   "hostname" : [
      "48d90062-fa75-4522-b6e6-d1f0b89e0e02.gwt.cloudapp.net",
      "azuregateway-48d90062-fa75-4522-b6e6-d1f0b89e0e02-a45243296e70.gwt.cloudapp.net"
   ],
   "ip" : "20.212.144.214",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "AME INFRA CA 01"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "1.2868",
   "location" : "1.2868,103.8503",
   "longitude" : "103.8503",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 20000,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "serial" : "3a:03:7f:7b:7b:44:bc:19:68:a1:64:9a:0e:00:04:03:7f:7b:7b",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "gwt.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "azuregateway-48d90062-fa75-4522-b6e6-d1f0b89e0e02-a45243296e70.gwt.cloudapp.net"
      ],
      "commonname" : "48d90062-fa75-4522-b6e6-d1f0b89e0e02.gwt.cloudapp.net"
   },
   "subnet" : "20.192.0.0/10",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-08-14T02:33:00Z",
      "notbefore" : "2024-08-19T02:33:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
23.97.222.230

Network
23.96.0.0/14

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
AME INFRA CA 01

Subject Common Name
907d0069-9787-4c80-a40c-d2fd6539720c.gwt.cloudapp.net

Subject Alt Name
azuregateway-907d0069-9787-4c80-a40c-d2fd6539720c-0b5468b67fc0.gwt.cloudapp.net

SHA256 Fingerprint
8885fce4b31d9e51050fe34054f84ef9ade80780845733b60f1693009a3003b3

Validity Not Before
2024-07-21T19:27:28Z

Validity Not After
2025-07-16T19:27:28Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 03:21:48 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:48.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 819286432,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "ca" : "false",
   "city" : "Amsterdam",
   "country" : "NL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:21:48 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "157d363524e63dcfbaa0770133117be0",
      "sha1" : "3f8431f446fc7f999804a1dc8a0099439f574e98",
      "sha256" : "8885fce4b31d9e51050fe34054f84ef9ade80780845733b60f1693009a3003b3"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "23.97.128.0/17"
   },
   "host" : [
      "907d0069-9787-4c80-a40c-d2fd6539720c",
      "azuregateway-907d0069-9787-4c80-a40c-d2fd6539720c-0b5468b67fc0"
   ],
   "hostname" : [
      "907d0069-9787-4c80-a40c-d2fd6539720c.gwt.cloudapp.net",
      "azuregateway-907d0069-9787-4c80-a40c-d2fd6539720c-0b5468b67fc0.gwt.cloudapp.net"
   ],
   "ip" : "23.97.222.230",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "AME INFRA CA 01"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "52.3759",
   "location" : "52.3759,4.8975",
   "longitude" : "4.8975",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 20000,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "serial" : "3a:03:59:85:ac:59:9b:85:78:01:e9:13:8e:00:04:03:59:85:ac",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "gwt.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "azuregateway-907d0069-9787-4c80-a40c-d2fd6539720c-0b5468b67fc0.gwt.cloudapp.net"
      ],
      "commonname" : "907d0069-9787-4c80-a40c-d2fd6539720c.gwt.cloudapp.net"
   },
   "subnet" : "23.96.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-07-16T19:27:28Z",
      "notbefore" : "2024-07-21T19:27:28Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

Returning 10 result(s) out of 1,342,871 in 0.073 second(s)

80.210.62.94:20000 (tcp/undefined/tls) - last seen on 2024-11-07 at 03:21:58 UTC

200.175.178.35:20000 (tcp/undefined/tls) - last seen on 2024-11-07 at 03:21:58 UTC

13.80.183.94:20000 (tcp/http/tls) - last seen on 2024-11-07 at 03:21:49 UTC

107.154.249.243:20000 (tcp/http/tls) - last seen on 2024-11-07 at 03:21:49 UTC

168.63.248.163:20000 (tcp/http/tls) - last seen on 2024-11-07 at 03:21:49 UTC

20.165.24.113:20000 (tcp/http/tls) - last seen on 2024-11-07 at 03:21:48 UTC

57.153.170.107:20000 (tcp/http/tls) - last seen on 2024-11-07 at 03:21:48 UTC

20.123.99.24:20000 (tcp/http/tls) - last seen on 2024-11-07 at 03:21:48 UTC

20.212.144.214:20000 (tcp/http/tls) - last seen on 2024-11-07 at 03:21:48 UTC

23.97.222.230:20000 (tcp/http/tls) - last seen on 2024-11-07 at 03:21:48 UTC