Cyber Defense Search Engine

IP
84.231.224.112

Network
84.230.0.0/15

Domain(s)
elisa-mobile.fi

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://84.231.224.112:44783/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
84-231-224-112.elisa-mobile.fi

ASN
AS719

Organization
Elisa Oyj

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
4d9bde92d0bdd86d1bff7d84ccb2dfd0

HTTP Header MD5
f68c678d6519015fafa1bc28a94a5f66

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: LinnaNAS
Date: Thu, 21 Nov 2024 10:30:22 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:30:22.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "f68c678d6519015fafa1bc28a94a5f66",
         "headermmh3" : -1595631645,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 396
   },
   "asn" : "AS719",
   "city" : "Helsinki",
   "country" : "FI",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: LinnaNAS\r\nDate: Thu, 21 Nov 2024 10:30:22 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "4d9bde92d0bdd86d1bff7d84ccb2dfd0",
   "datammh3" : 1000369363,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "elisa-mobile.fi"
   ],
   "host" : [
      "84-231-224-112"
   ],
   "hostname" : [
      "84-231-224-112.elisa-mobile.fi"
   ],
   "ip" : "84.231.224.112",
   "ipv6" : "false",
   "latitude" : "60.1797",
   "location" : "60.1797,24.9344",
   "longitude" : "24.9344",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Elisa Oyj",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 44783,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "84-231-224-112.elisa-mobile.fi"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "84.230.0.0/15",
   "tld" : [
      "fi"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
103.56.17.68

Network
103.56.16.0/22

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://103.56.17.68:44783/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS132883

Organization
TOPWAY GLOBAL LIMITED

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
F5 Nginx 1.17.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
023c8c5e51d9ce9369af8e1f921f5e3f

HTTP Header MD5
f4eaba8998b0e515f84d95c1ad5ea5c7

HTTP Body MD5
a2b4897849c71fbcb21dd632d3506361

HTTP/1.1 400 Bad Request
Server: nginx/1.17.6
Date: Thu, 21 Nov 2024 10:12:34 GMT
Content-Type: text/html
Content-Length: 255
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.17.6</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:13:30.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "a2b4897849c71fbcb21dd632d3506361",
         "bodymmh3" : -2063426561,
         "headermd5" : "f4eaba8998b0e515f84d95c1ad5ea5c7",
         "headermmh3" : 1881915707,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 407
   },
   "asn" : "AS132883",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.17.6\r\nDate: Thu, 21 Nov 2024 10:12:34 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.17.6</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "023c8c5e51d9ce9369af8e1f921f5e3f",
   "datammh3" : 457427036,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS132883",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnaaa.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "cnaaa",
      "organization" : "Jiangsu Sanai network science and technology co ,LTD",
      "subnet" : "103.56.16.0/22"
   },
   "ip" : "103.56.17.68",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TOPWAY GLOBAL LIMITED",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 44783,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.17.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "103.56.16.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
81.250.152.169

Network
81.250.0.0/16

Domain(s)
wanadoo.fr

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://81.250.152.169:44783/ 400

HTTP Title
400 Bad Request

Reverse DNS
laubervilliers-658-1-156-169.w81-250.abo.wanadoo.fr

ASN
AS3215

Organization
Orange

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Apache HTTP Server 2.4.41

HTTP Component(s)
Apache mod_jk 1.2.40 OpenSSL OpenSSL 1.0.2s

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e82df2dae8af632f12e6dae0d1933b17

HTTP Header MD5
71e290629a1805caf77018c6db180c34

HTTP Body MD5
6efda5878ab25f4f28a89bbb3f9fa41c

HTTP/1.1 400 Bad Request
Date: Thu, 21 Nov 2024 10:12:14 GMT
Server: Apache/2.4.41 (Win32) OpenSSL/1.0.2s mod_jk/1.2.40
Content-Length: 362
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
 Instead use the HTTPS scheme to access this URL, please.<br />
</p>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:12:15.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "6efda5878ab25f4f28a89bbb3f9fa41c",
         "bodymmh3" : -645452522,
         "component" : [
            {
               "product" : "OpenSSL",
               "productvendor" : "OpenSSL",
               "productversion" : "1.0.2s"
            },
            {
               "productversion" : "1.2.40",
               "productvendor" : "Apache",
               "product" : "mod_jk"
            }
         ],
         "headermd5" : "71e290629a1805caf77018c6db180c34",
         "headermmh3" : 513134109,
         "title" : "400 Bad Request"
      },
      "length" : 572
   },
   "asn" : "AS3215",
   "city" : "Paris",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 21 Nov 2024 10:12:14 GMT\r\nServer: Apache/2.4.41 (Win32) OpenSSL/1.0.2s mod_jk/1.2.40\r\nContent-Length: 362\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\nReason: You're speaking plain HTTP to an SSL-enabled server port.<br />\n Instead use the HTTPS scheme to access this URL, please.<br />\n</p>\n</body></html>\n",
   "datamd5" : "e82df2dae8af632f12e6dae0d1933b17",
   "datammh3" : -1054116402,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "wanadoo.fr"
   ],
   "geolocus" : {
      "asn" : "AS3215",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "orange.com",
         "orange.fr",
         "wanadoo.fr"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "IP2000-ADSL-BAS",
      "organization" : "France Telecom",
      "subnet" : "81.250.0.0/15"
   },
   "host" : [
      "laubervilliers-658-1-156-169"
   ],
   "hostname" : [
      "laubervilliers-658-1-156-169.w81-250.abo.wanadoo.fr"
   ],
   "ip" : "81.250.152.169",
   "ipv6" : "false",
   "latitude" : "48.8323",
   "location" : "48.8323,2.4075",
   "longitude" : "2.4075",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Orange",
   "os" : "Windows",
   "osbits" : 32,
   "osvendor" : "Microsoft",
   "port" : 44783,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.41",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "laubervilliers-658-1-156-169.w81-250.abo.wanadoo.fr"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "abo.wanadoo.fr",
      "w81-250.abo.wanadoo.fr"
   ],
   "subnet" : "81.250.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "fr"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
178.156.60.133

Network
178.156.60.0/22

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://178.156.60.133:44783/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS29119

Organization
Aire Networks Del Mediterraneo Sl Unipersonal

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.23.4

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b994dc6d6a64fb449a796bf9a6b58f33

HTTP Header MD5
8c84de8062e678e74f0f677fe70eafb9

HTTP Body MD5
95866bc3b7a5c145369e009cde89a729

HTTP/1.1 400 Bad Request
Server: nginx/1.23.4
Date: Thu, 21 Nov 2024 10:07:08 GMT
Content-Type: text/html
Content-Length: 255
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.23.4</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:07:09.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "95866bc3b7a5c145369e009cde89a729",
         "bodymmh3" : 1299881359,
         "headermd5" : "8c84de8062e678e74f0f677fe70eafb9",
         "headermmh3" : 771908017,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 407
   },
   "asn" : "AS29119",
   "city" : "S\u00faria",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.23.4\r\nDate: Thu, 21 Nov 2024 10:07:08 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.23.4</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "b994dc6d6a64fb449a796bf9a6b58f33",
   "datammh3" : -1729068722,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "178.156.60.133",
   "ipv6" : "false",
   "latitude" : "41.8335",
   "location" : "41.8335,1.7502",
   "longitude" : "1.7502",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Aire Networks Del Mediterraneo Sl Unipersonal",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 44783,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.23.4",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "178.156.60.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
124.233.2.74

Alternative IP(s)
75.2.105.157 99.83.230.219

Network
124.233.0.0/16

Domain(s)
mfstech.com.cn

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://124.233.2.74:44783/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
mfstech.com.cn

ASN
AS4809

Organization
China Telecom Next Generation Carrier Network

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
bb728e65c51a1ed77c3918e08b82decf

HTTP Header MD5
91db95492a522dd21f3a047cfaf11a8f

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 09:31:33 GMT
Content-Type: text/html
Content-Length: 248
Connection: close
Content-Security-Policy: script-src 'self' https://cloud.peopleone.cn/ https://g.alicdn.com/ https://res.wx.qq.com/ http://cdn.bootcss.com http://code.jquery.com 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:31:33.000Z",
   "alternativeip" : [
      "75.2.105.157",
      "99.83.230.219"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "alicdn.com",
            "jquery.com",
            "qq.com",
            "bootcss.com",
            "peopleone.cn"
         ],
         "hostname" : [
            "cdn.bootcss.com",
            "cloud.peopleone.cn",
            "code.jquery.com",
            "g.alicdn.com",
            "res.wx.qq.com"
         ],
         "url" : [
            "http://cdn.bootcss.com",
            "http://code.jquery.com",
            "https://cloud.peopleone.cn/",
            "https://g.alicdn.com/",
            "https://res.wx.qq.com/"
         ]
      },
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "91db95492a522dd21f3a047cfaf11a8f",
         "headermmh3" : 57471672,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 873
   },
   "asn" : "AS4809",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 09:31:33 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\nContent-Security-Policy: script-src 'self' https://cloud.peopleone.cn/ https://g.alicdn.com/ https://res.wx.qq.com/ http://cdn.bootcss.com http://code.jquery.com 'unsafe-inline' 'unsafe-eval'\r\nReferrer-Policy: same-origin\r\nStrict-Transport-Security: max-age=63072000; includeSubdomains; preload\r\nX-Content-Type-Options: nosniff\r\nX-Download-Options: noopen\r\nX-Frame-Options: sameorigin\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-Robots-Tag: none\r\nX-XSS-Protection: 1; mode=block\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "bb728e65c51a1ed77c3918e08b82decf",
   "datammh3" : -1823877550,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "mfstech.com.cn"
   ],
   "geolocus" : {
      "asn" : "AS4809",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "189.cn",
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-HN",
      "organization" : "CHINANET HUNAN PROVINCE NETWORK",
      "subnet" : "124.233.0.0/16"
   },
   "hostname" : [
      "mfstech.com.cn"
   ],
   "ip" : "124.233.2.74",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Next Generation Carrier Network",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 44783,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "mfstech.com.cn"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "124.233.0.0/16",
   "tld" : [
      "com.cn"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
109.161.175.47

Network
109.161.128.0/17

Domain(s)
zain.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://109.161.175.47:44783/ 400

HTTP Title
webserver

Reverse DNS
109-161-175-47.rev.bb.zain.com

ASN
AS31452

Organization
Zain Bahrain B.s.c.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
377d227d1e9ca51ee0199cd722e1bdda

HTTP Header MD5
4a45280debce16cee620c25087ea1f0a

HTTP Body MD5
96564455af9c7d18b6e410f275259f72

HTTP/1.1 400 Bad Request
Server:  
Date: Thu, 21 Nov 2024 09:21:07 GMT
Content-Type: text/html
Content-Length: 193
Connection: close

<html>
<head><meta charset="utf-8">
<title>webserver</title></head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<body>
<h1>400 Bad Request</h1>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:21:10.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "96564455af9c7d18b6e410f275259f72",
         "bodymmh3" : -194942224,
         "headermd5" : "4a45280debce16cee620c25087ea1f0a",
         "headermmh3" : -1242403483,
         "title" : "webserver"
      },
      "length" : 334
   },
   "asn" : "AS31452",
   "city" : "Manama",
   "country" : "BH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer:  \r\nDate: Thu, 21 Nov 2024 09:21:07 GMT\r\nContent-Type: text/html\r\nContent-Length: 193\r\nConnection: close\r\n\r\n<html>\r\n<head><meta charset=\"utf-8\">\r\n<title>webserver</title></head>\r\n<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\r\n<body>\r\n<h1>400 Bad Request</h1>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "377d227d1e9ca51ee0199cd722e1bdda",
   "datammh3" : 1749165337,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "zain.com"
   ],
   "geolocus" : {
      "asn" : "AS31452",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "BH",
      "countryname" : "Bahrain",
      "domain" : [
         "zain.com"
      ],
      "isineu" : "false",
      "latitude" : "25.930414",
      "location" : "25.930414,50.637772",
      "longitude" : "50.637772",
      "netname" : "BH-MTC",
      "organization" : "Zain Bahrain Route Object",
      "subnet" : "109.161.128.0/18"
   },
   "host" : [
      "109-161-175-47"
   ],
   "hostname" : [
      "109-161-175-47.rev.bb.zain.com"
   ],
   "ip" : "109.161.175.47",
   "ipv6" : "false",
   "latitude" : "26.2410",
   "location" : "26.2410,50.5779",
   "longitude" : "50.5779",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Zain Bahrain B.s.c.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 44783,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "109-161-175-47.rev.bb.zain.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "bb.zain.com",
      "rev.bb.zain.com"
   ],
   "subnet" : "109.161.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
217.64.96.207

Network
217.64.96.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://217.64.96.207:44783/ 400

ASN
AS21271

Organization
SOTELMABGP

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
54ae69b91d04957050d982f54a92a601

HTTP Header MD5
50b14444800e6cbc220a6e6a9357469b

HTTP Body MD5
00bd1919cd6e866a50f1172fcabdddd0

HTTP/1.1 400 
Content-Type: text/plain;charset=ISO-8859-1
Connection: close

Bad Request
This combination of host and port requires TLS.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:58:54.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "00bd1919cd6e866a50f1172fcabdddd0",
         "bodymmh3" : -360672119,
         "headermd5" : "50b14444800e6cbc220a6e6a9357469b",
         "headermmh3" : -1774634674
      },
      "length" : 143
   },
   "asn" : "AS21271",
   "country" : "ML",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 \r\nContent-Type: text/plain;charset=ISO-8859-1\r\nConnection: close\r\n\r\nBad Request\r\nThis combination of host and port requires TLS.\r\n",
   "datamd5" : "54ae69b91d04957050d982f54a92a601",
   "datammh3" : 1739185676,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "217.64.96.207",
   "ipv6" : "false",
   "latitude" : "18.0000",
   "location" : "18.0000,-2.0000",
   "longitude" : "-2.0000",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SOTELMABGP",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 44783,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "217.64.96.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
31.201.228.150

Network
31.201.0.0/16

Domain(s)
glasoperator.nl

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://31.201.228.150:44783/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
150-228-201-31.ftth.glasoperator.nl

ASN
AS50266

Organization
Odido Netherlands B.V.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 08:58:06 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:58:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 1519073073,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS50266",
   "city" : "Leeuwarden",
   "country" : "NL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:58:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "glasoperator.nl"
   ],
   "host" : [
      "150-228-201-31"
   ],
   "hostname" : [
      "150-228-201-31.ftth.glasoperator.nl"
   ],
   "ip" : "31.201.228.150",
   "ipv6" : "false",
   "latitude" : "53.2048",
   "location" : "53.2048,5.8055",
   "longitude" : "5.8055",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Odido Netherlands B.V.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 44783,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "150-228-201-31.ftth.glasoperator.nl"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ftth.glasoperator.nl"
   ],
   "subnet" : "31.201.0.0/16",
   "tld" : [
      "nl"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
187.174.134.212

Network
187.174.128.0/17

Domain(s)
sespnay.gob.mx

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://187.174.134.212:44783/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
mail.sespnay.gob.mx

ASN
AS8151

Organization
UNINET

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
c1544517de65d9fe2899fddd78cb7c80

HTTP Header MD5
dc680f052fb6dfed79e30eb9f2291b11

HTTP Body MD5
b918f8b3770dc1158b467b0dd192e59e

HTTP/1.1 400 Bad Request
Server: openresty
Date: Thu, 21 Nov 2024 08:58:05 GMT
Content-Type: text/html
Content-Length: 252
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>openresty</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:58:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b918f8b3770dc1158b467b0dd192e59e",
         "bodymmh3" : 1280153115,
         "headermd5" : "dc680f052fb6dfed79e30eb9f2291b11",
         "headermmh3" : 705117916,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 401
   },
   "asn" : "AS8151",
   "city" : "Guadalajara",
   "country" : "MX",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: openresty\r\nDate: Thu, 21 Nov 2024 08:58:05 GMT\r\nContent-Type: text/html\r\nContent-Length: 252\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "c1544517de65d9fe2899fddd78cb7c80",
   "datammh3" : 1098694201,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "sespnay.gob.mx"
   ],
   "geolocus" : {
      "asn" : "AS8151",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "MX",
      "countryname" : "Mexico",
      "domain" : [
         "reduno.com.mx",
         "uninet-ide.com.mx",
         "uninet.com.mx",
         "uninet.net.mx"
      ],
      "isineu" : "false",
      "latitude" : "23.634501",
      "location" : "23.634501,-102.552784",
      "longitude" : "-102.552784",
      "netname" : "MX-USCV4-LACNIC",
      "organization" : "UNINET",
      "subnet" : "187.174.128.0/17"
   },
   "host" : [
      "mail"
   ],
   "hostname" : [
      "mail.sespnay.gob.mx"
   ],
   "ip" : "187.174.134.212",
   "ipv6" : "false",
   "latitude" : "20.6381",
   "location" : "20.6381,-103.3480",
   "longitude" : "-103.3480",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UNINET",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 44783,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "mail.sespnay.gob.mx"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "187.174.128.0/17",
   "tld" : [
      "gob.mx"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
120.236.73.36

Alternative IP(s)
120.197.144.252

Network
120.236.64.0/20

Domain(s)
dongguanbank.cn

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://120.236.73.36:44783/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
mail.dongguanbank.cn

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b8ebce562f9cb717b3d558c4e832bfb9

HTTP Header MD5
2846e878199bfc090168dde82ba8ff31

HTTP Body MD5
02c8633c9623d6e8be0f9dfa0ccaeee3

HTTP/1.1 400 Bad Request
Server: nullnull
Date: Thu, 21 Nov 2024 08:49:49 GMT
Content-Type: text/html
Content-Length: 251
Connection: close
X-Frame-Options: DENY
X-Content-Type-Options: nosniff

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nullnull</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:49:52.000Z",
   "alternativeip" : [
      "120.197.144.252"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "02c8633c9623d6e8be0f9dfa0ccaeee3",
         "bodymmh3" : 1900568918,
         "headermd5" : "2846e878199bfc090168dde82ba8ff31",
         "headermmh3" : 1837821319,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 455
   },
   "asn" : "AS9808",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nullnull\r\nDate: Thu, 21 Nov 2024 08:49:49 GMT\r\nContent-Type: text/html\r\nContent-Length: 251\r\nConnection: close\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nullnull</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "b8ebce562f9cb717b3d558c4e832bfb9",
   "datammh3" : 818428335,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "dongguanbank.cn"
   ],
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "120.236.64.0/20"
   },
   "host" : [
      "mail"
   ],
   "hostname" : [
      "mail.dongguanbank.cn"
   ],
   "ip" : "120.236.73.36",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 44783,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "mail.dongguanbank.cn"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "120.236.64.0/20",
   "tld" : [
      "cn"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 1,190 in 0.102 second(s)

84.231.224.112:44783 (tcp/http) - last seen on 2024-11-21 at 10:30:22 UTC

103.56.17.68:44783 (tcp/http) - last seen on 2024-11-21 at 10:13:30 UTC

81.250.152.169:44783 (tcp/http) - last seen on 2024-11-21 at 10:12:15 UTC

178.156.60.133:44783 (tcp/http) - last seen on 2024-11-21 at 10:07:09 UTC

124.233.2.74:44783 (tcp/http) - last seen on 2024-11-21 at 09:31:33 UTC

109.161.175.47:44783 (tcp/http) - last seen on 2024-11-21 at 09:21:10 UTC

217.64.96.207:44783 (tcp/http) - last seen on 2024-11-21 at 08:58:54 UTC

31.201.228.150:44783 (tcp/http) - last seen on 2024-11-21 at 08:58:05 UTC

187.174.134.212:44783 (tcp/http) - last seen on 2024-11-21 at 08:58:05 UTC

120.236.73.36:44783 (tcp/http) - last seen on 2024-11-21 at 08:49:52 UTC