Cyber Defense Search Engine

IP
60.205.174.139

Network
60.205.0.0/16

Device

<enterprise field>: device.class

HTTP Title
400 Bad Request

ASN
AS37963

Organization
Hangzhou Alibaba Advertising Co.,Ltd.

Protocol
http

Source
datascan
Product
Taobao Tengine

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2c930b41d3a1799ac1eb01e3825a55c8

HTTP Header MD5
21eee2fc4259e3c5998052d3c83cd900

HTTP Body MD5
c7a3a0283d7eab90dd22b23e12868d29

HTTP/1.1 400 Bad Request
Server: Tengine
Date: Thu, 21 Nov 2024 10:30:35 GMT
Content-Type: text/html
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr/>Powered by Tengine<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:30:35.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "c7a3a0283d7eab90dd22b23e12868d29",
         "bodymmh3" : -106954995,
         "headermd5" : "21eee2fc4259e3c5998052d3c83cd900",
         "headermmh3" : -158923053,
         "title" : "400 Bad Request"
      },
      "length" : 351
   },
   "asn" : "AS37963",
   "city" : "Beijing",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: Tengine\r\nDate: Thu, 21 Nov 2024 10:30:35 GMT\r\nContent-Type: text/html\r\nConnection: close\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr/>Powered by Tengine<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "2c930b41d3a1799ac1eb01e3825a55c8",
   "datammh3" : -1896149615,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS37963",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "alibaba-inc.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "ALISOFT",
      "organization" : "China Internet Network Information Center",
      "subnet" : "60.205.0.0/16"
   },
   "ip" : "60.205.174.139",
   "ipv6" : "false",
   "latitude" : "39.9110",
   "location" : "39.9110,116.3950",
   "longitude" : "116.3950",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
   "port" : 3391,
   "product" : "Tengine",
   "productvendor" : "Taobao",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "60.205.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
217.70.253.117

Network
217.70.252.0/23

Domain(s)
dragonet.es

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

Reverse DNS
217-70-253-117.dragonet.es

ASN
AS29337

Organization
Dragonet Comunicaciones SL

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 10:25:31 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:25:30.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : -535124110,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS29337",
   "city" : "Benidorm",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 10:25:31 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "dragonet.es"
   ],
   "host" : [
      "217-70-253-117"
   ],
   "hostname" : [
      "217-70-253-117.dragonet.es"
   ],
   "ip" : "217.70.253.117",
   "ipv6" : "false",
   "latitude" : "38.5306",
   "location" : "38.5306,-0.1148",
   "longitude" : "-0.1148",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Dragonet Comunicaciones SL",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3391,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "217-70-253-117.dragonet.es"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "217.70.252.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "es"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
95.71.120.93

Network
95.71.112.0/20

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS12389

Organization
Rostelecom

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 10:22:23 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:22:24.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 819027909,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS12389",
   "city" : "Belgorod",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 10:22:23 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS29456",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "RU",
      "countryname" : "Russia",
      "domain" : [
         "rt.ru"
      ],
      "isineu" : "false",
      "latitude" : "61.52401",
      "location" : "61.52401,105.318756",
      "longitude" : "105.318756",
      "netname" : "MACROREGIONAL_CENTER",
      "organization" : "OJSC Rostelecom, Belgorod branch",
      "subnet" : "95.71.120.0/21"
   },
   "ip" : "95.71.120.93",
   "ipv6" : "false",
   "latitude" : "50.6165",
   "location" : "50.6165,36.5758",
   "longitude" : "36.5758",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Rostelecom",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3391,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "95.71.112.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
66.232.9.10

Network
66.232.0.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

HTTP Title
400 Bad Request

ASN
AS59371

Organization
Dimension Network & Communication Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.17.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
55cf5de3b3a32a0ee5313aa230307980

HTTP Header MD5
f4eaba8998b0e515f84d95c1ad5ea5c7

HTTP Body MD5
2565895531633a7521636ee7375b43ca

HTTP/1.1 400 Bad Request
Server: nginx/1.17.6
Date: Thu, 21 Nov 2024 10:21:32 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.17.6</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:21:32.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2565895531633a7521636ee7375b43ca",
         "bodymmh3" : -1057385949,
         "headermd5" : "f4eaba8998b0e515f84d95c1ad5ea5c7",
         "headermmh3" : -98626051,
         "title" : "400 Bad Request"
      },
      "length" : 309
   },
   "asn" : "AS59371",
   "city" : "Hong Kong",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.17.6\r\nDate: Thu, 21 Nov 2024 10:21:32 GMT\r\nContent-Type: text/html\r\nContent-Length: 157\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx/1.17.6</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "55cf5de3b3a32a0ee5313aa230307980",
   "datammh3" : -1227591593,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "66.232.9.10",
   "ipv6" : "false",
   "latitude" : "22.2842",
   "location" : "22.2842,114.1759",
   "longitude" : "114.1759",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Dimension Network & Communication Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3391,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.17.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "66.232.0.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
43.198.248.32

Network
43.198.0.0/15

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

HTTP Title
400 Bad Request

Reverse DNS
ec2-43-198-248-32.ap-east-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
18dcc244bea7b52c75df23832c8ed8e9

HTTP Header MD5
359f504b676348d734fe89a2d15d8ebd

HTTP Body MD5
fe7bef4d04e5d3f79d908d8447cc621a

HTTP/1.1 400 Bad Request
Server: openresty
Date: Thu, 21 Nov 2024 10:20:32 GMT
Content-Type: text/html
Content-Length: 154
Connection: close
BLCS: 687d8d9c0d2e46bb8350a3f4e36ecd84

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>openresty</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:20:33.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "fe7bef4d04e5d3f79d908d8447cc621a",
         "bodymmh3" : 232769354,
         "headermd5" : "359f504b676348d734fe89a2d15d8ebd",
         "headermmh3" : 1340430827,
         "title" : "400 Bad Request"
      },
      "length" : 343
   },
   "asn" : "AS16509",
   "city" : "Hong Kong",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: openresty\r\nDate: Thu, 21 Nov 2024 10:20:32 GMT\r\nContent-Type: text/html\r\nContent-Length: 154\r\nConnection: close\r\nBLCS: 687d8d9c0d2e46bb8350a3f4e36ecd84\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "18dcc244bea7b52c75df23832c8ed8e9",
   "datammh3" : 1575933712,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AMAZON-AS-AP",
      "organization" : "Amazon.com, Inc.",
      "subnet" : "43.198.0.0/15"
   },
   "host" : [
      "ec2-43-198-248-32"
   ],
   "hostname" : [
      "ec2-43-198-248-32.ap-east-1.compute.amazonaws.com"
   ],
   "ip" : "43.198.248.32",
   "ipv6" : "false",
   "latitude" : "22.2842",
   "location" : "22.2842,114.1759",
   "longitude" : "114.1759",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3391,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "ec2-43-198-248-32.ap-east-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ap-east-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "43.198.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
103.140.108.156

Network
103.140.108.0/23

Domain(s)
fiber.net.id

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

HTTP Title
400 Bad Request

Reverse DNS
pta-bandung-156-108.fiber.net.id

ASN
AS58369

Organization
PT. Fiber Networks Indonesia

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.25.4

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
8937f862168878ff1b074e8783cb30c3

HTTP Header MD5
d94f5d85cd2ae243c0cf49eb36b27670

HTTP Body MD5
9953c6e5ff39cf1536333af60544d084

HTTP/1.1 400 Bad Request
Server: nginx/1.25.4
Date: Thu, 21 Nov 2024 10:15:54 GMT
Content-Type: text/html
Content-Length: 157
Connection: close
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.25.4</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:15:55.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "9953c6e5ff39cf1536333af60544d084",
         "bodymmh3" : 228160143,
         "headermd5" : "d94f5d85cd2ae243c0cf49eb36b27670",
         "headermmh3" : 1070893673,
         "title" : "400 Bad Request"
      },
      "length" : 382
   },
   "asn" : "AS58369",
   "city" : "Jakarta",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.25.4\r\nDate: Thu, 21 Nov 2024 10:15:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 157\r\nConnection: close\r\nStrict-Transport-Security: max-age=15552000; includeSubDomains; preload\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx/1.25.4</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "8937f862168878ff1b074e8783cb30c3",
   "datammh3" : -1315018141,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "fiber.net.id"
   ],
   "geolocus" : {
      "asn" : "AS58369",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "dragoncapitaldevelopment.com",
         "fiber.net.id"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "IDNIC-DRAGON-ID",
      "organization" : "103.140.108.0/24",
      "subnet" : "103.140.108.0/23"
   },
   "host" : [
      "pta-bandung-156-108"
   ],
   "hostname" : [
      "pta-bandung-156-108.fiber.net.id"
   ],
   "ip" : "103.140.108.156",
   "ipv6" : "false",
   "latitude" : "-6.2114",
   "location" : "-6.2114,106.8446",
   "longitude" : "106.8446",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PT. Fiber Networks Indonesia",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3391,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.25.4",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "pta-bandung-156-108.fiber.net.id"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "103.140.108.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net.id"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
173.76.115.42

Network
173.76.0.0/15

Domain(s)
verizon.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
pool-173-76-115-42.bstnma.fios.verizon.net

ASN
AS701

Organization
UUNET

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
cf0b50031d89e296d8e3ac09f0b674e2

HTTP Header MD5
c59b55af161ca7c441e62a0c9108a4c9

HTTP Body MD5
d2aca73998602efc2aa60e03e9f834eb

HTTP/1.0 400 Bad Request
Content-Type: text/plain; charset=utf-8
Content-Length: 66
Date: Thu, 21 Nov 2024 10:12:32 GMT
Server: Python/3.11 aiohttp/3.8.5

Bad status line "Invalid method encountered:\n\n  b'\\x03'\n    ^"

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:12:32.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d2aca73998602efc2aa60e03e9f834eb",
         "bodymmh3" : 299774035,
         "headermd5" : "c59b55af161ca7c441e62a0c9108a4c9",
         "headermmh3" : -1820897850
      },
      "length" : 227
   },
   "asn" : "AS701",
   "city" : "Framingham",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 400 Bad Request\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 66\r\nDate: Thu, 21 Nov 2024 10:12:32 GMT\r\nServer: Python/3.11 aiohttp/3.8.5\r\n\r\nBad status line \"Invalid method encountered:\\n\\n  b'\\\\x03'\\n    ^\"",
   "datamd5" : "cf0b50031d89e296d8e3ac09f0b674e2",
   "datammh3" : 1441093842,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "verizon.net"
   ],
   "geolocus" : {
      "asn" : "AS701",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "verizon-gni.net",
         "verizon.com",
         "verizon.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "VIS-BLOCK",
      "organization" : "Verizon Business",
      "subnet" : "173.76.0.0/15"
   },
   "host" : [
      "pool-173-76-115-42"
   ],
   "hostname" : [
      "pool-173-76-115-42.bstnma.fios.verizon.net"
   ],
   "ip" : "173.76.115.42",
   "ipv6" : "false",
   "latitude" : "42.2832",
   "location" : "42.2832,-71.4296",
   "longitude" : "-71.4296",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UUNET",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3391,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Bad Request",
   "reverse" : [
      "pool-173-76-115-42.bstnma.fios.verizon.net"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "bstnma.fios.verizon.net",
      "fios.verizon.net"
   ],
   "subnet" : "173.76.0.0/15",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
46.100.90.64

Network
46.100.80.0/20

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS58224

Organization
Iran Telecommunication Company PJS

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 10:12:40 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:12:09.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 1577697661,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS58224",
   "country" : "IR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 10:12:40 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS58224",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IR",
      "countryname" : "Iran",
      "domain" : [
         "tci.ir"
      ],
      "isineu" : "false",
      "latitude" : "32.427908",
      "location" : "32.427908,53.688046",
      "longitude" : "53.688046",
      "netname" : "TCIAZS",
      "organization" : "Telecommunication Company of Azarbayejan Sharghi",
      "subnet" : "46.100.88.0/21"
   },
   "ip" : "46.100.90.64",
   "ipv6" : "false",
   "latitude" : "35.6980",
   "location" : "35.6980,51.4115",
   "longitude" : "51.4115",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Iran Telecommunication Company PJS",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3391,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "46.100.80.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
185.209.223.19

Network
185.209.223.0/24

Domain(s)
contaboserver.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
vmi930688.contaboserver.net

ASN
AS51167

Organization
Contabo GmbH

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1dafc1f061d065ae901038473ae33902

HTTP Header MD5
571b5ea6a2d05102b1dfe0a212263b89

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 400 Bad Request
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:10:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "571b5ea6a2d05102b1dfe0a212263b89",
         "headermmh3" : -521918475
      },
      "length" : 47
   },
   "asn" : "AS51167",
   "city" : "D\u00fcsseldorf",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nConnection: close\r\n\r\n",
   "datamd5" : "1dafc1f061d065ae901038473ae33902",
   "datammh3" : -1150732002,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "contaboserver.net"
   ],
   "geolocus" : {
      "asn" : "AS51167",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "DE",
      "countryname" : "Germany",
      "domain" : [
         "contabo.de",
         "contabo.net"
      ],
      "isineu" : "true",
      "latitude" : "51.165691",
      "location" : "51.165691,10.451526",
      "longitude" : "10.451526",
      "netname" : "TT-2022030205",
      "organization" : "Contabo GmbH",
      "subnet" : "185.209.223.0/24"
   },
   "host" : [
      "vmi930688"
   ],
   "hostname" : [
      "vmi930688.contaboserver.net"
   ],
   "ip" : "185.209.223.19",
   "ipv6" : "false",
   "latitude" : "51.1878",
   "location" : "51.1878,6.8607",
   "longitude" : "6.8607",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Contabo GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3391,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "vmi930688.contaboserver.net"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "185.209.223.0/24",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
109.198.191.121

Network
109.198.160.0/19

Domain(s)
ttel.ru

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

HTTP Title
400 Bad Request

Reverse DNS
pppoe-109.198.191.121.ttel.ru

ASN
AS30881

Organization
MTS PJSC

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c806e115eae2d5c7f323868aa913c2c

HTTP Header MD5
fbfc9d8079d4b06aefb13e1f3508f91b

HTTP Body MD5
16444d0bf46608253d591db62f41e7c3

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 10:09:20 GMT
Content-Type: text/html
Content-Length: 150
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:09:22.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "fbfc9d8079d4b06aefb13e1f3508f91b",
         "headermmh3" : 518968117,
         "title" : "400 Bad Request"
      },
      "length" : 359
   },
   "asn" : "AS30881",
   "city" : "Yaroslavl",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 10:09:20 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c806e115eae2d5c7f323868aa913c2c",
   "datammh3" : -331296468,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ttel.ru"
   ],
   "geolocus" : {
      "asn" : "AS30881",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "RU",
      "countryname" : "Russia",
      "domain" : [
         "mtu.ru",
         "ttel.ru"
      ],
      "isineu" : "false",
      "latitude" : "61.52401",
      "location" : "61.52401,105.318756",
      "longitude" : "105.318756",
      "netname" : "TENSORTELECOM-PPPOE-NET",
      "organization" : "MTS Yaroslavl'",
      "subnet" : "109.198.160.0/19"
   },
   "host" : [
      "pppoe-109"
   ],
   "hostname" : [
      "pppoe-109.198.191.121.ttel.ru"
   ],
   "ip" : "109.198.191.121",
   "ipv6" : "false",
   "latitude" : "57.6366",
   "location" : "57.6366,39.8982",
   "longitude" : "39.8982",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MTS PJSC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3391,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "pppoe-109.198.191.121.ttel.ru"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "121.ttel.ru",
      "191.121.ttel.ru",
      "198.191.121.ttel.ru"
   ],
   "subnet" : "109.198.160.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ru"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

Returning 10 result(s) out of 8,365 in 0.152 second(s)

60.205.174.139:3391 (tcp/http) - last seen on 2024-11-21 at 10:30:35 UTC

217.70.253.117:3391 (tcp/http) - last seen on 2024-11-21 at 10:25:30 UTC

95.71.120.93:3391 (tcp/http) - last seen on 2024-11-21 at 10:22:24 UTC

66.232.9.10:3391 (tcp/http) - last seen on 2024-11-21 at 10:21:32 UTC

43.198.248.32:3391 (tcp/http) - last seen on 2024-11-21 at 10:20:33 UTC

103.140.108.156:3391 (tcp/http) - last seen on 2024-11-21 at 10:15:55 UTC

173.76.115.42:3391 (tcp/http) - last seen on 2024-11-21 at 10:12:32 UTC

46.100.90.64:3391 (tcp/http) - last seen on 2024-11-21 at 10:12:09 UTC

185.209.223.19:3391 (tcp/http) - last seen on 2024-11-21 at 10:10:06 UTC

109.198.191.121:3391 (tcp/http) - last seen on 2024-11-21 at 10:09:22 UTC