ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 16 in 0.076 second(s)

  • 80.241.139.38:513 (tcp/http/tls) - last seen on 2024-11-07 at 03:28:11 UTC

    • IP
      80.241.139.38
      Network
      80.241.136.0/22
      Device

      <enterprise field>: device.class

      HTTP Title
      400 Bad Request
      ASN
      AS202132
      Organization
      Sysman Progetti & Servizi srl
      Protocol
      http Cert expired http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      pfSense-620a764d05b9b
      Issuer Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Common Name
      pfSense-620a764d05b9b
      Subject Alt Name
      pfSense-620a764d05b9b
      SHA256 Fingerprint
      7a0673f7c08df28680ddfe8af262d2f81362c7c906034d027a5b1be8e68d71b5
      Validity Not Before
      2023-08-16T08:11:16Z
      Validity Not After
      2024-09-17T08:11:16Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 03:28:11 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:28:11.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 1234720749,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS202132",
   "ca" : "false",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:28:11 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "7383715b74ae758afbb1db634b8ead00",
      "sha1" : "4a66ba2f5914a1b6e07c057a1fb4f02a8a70f085",
      "sha256" : "7a0673f7c08df28680ddfe8af262d2f81362c7c906034d027a5b1be8e68d71b5"
   },
   "ip" : "80.241.139.38",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "pfSense-620a764d05b9b",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "43.1479",
   "location" : "43.1479,12.1097",
   "longitude" : "12.1097",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Sysman Progetti & Servizi srl",
   "port" : 513,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "serial" : "27:a1:bd:61:35:a0:a6:de",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subject" : {
      "altname" : [
         "pfSense-620a764d05b9b"
      ],
      "commonname" : "pfSense-620a764d05b9b",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "subnet" : "80.241.136.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2024-09-17T08:11:16Z",
      "notbefore" : "2023-08-16T08:11:16Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 171.97.217.113:513 (tcp/http/tls) - last seen on 2024-11-06 at 18:26:48 UTC

    • IP
      171.97.217.113
      Network
      171.96.0.0/15
      Domain(s)
      asianet.co.th
      Device

      <enterprise field>: device.class

      HTTP Title
      400 Bad Request
      Reverse DNS
      ppp-171-97-217-113.revip8.asianet.co.th
      ASN
      AS17552
      Organization
      True Online
      Protocol
      http Cert not expired http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      pfSense-5971e1284144e
      Issuer Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Email
      admin@pfSense.localdomain
      Subject Common Name
      pfSense-5971e1284144e
      Subject Alt Name
      pfSense-5971e1284144e
      SHA256 Fingerprint
      5e53f8037b3da7f68a4fabac0a821f3ff70592772413addda3e5023a9d2a9052
      Validity Not Before
      2022-12-16T06:36:01Z
      Validity Not After
      2028-06-07T06:36:01Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Wed, 06 Nov 2024 18:26:48 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T18:26:48.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 92978546,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS17552",
   "ca" : "false",
   "city" : "Bangkok",
   "country" : "TH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Wed, 06 Nov 2024 18:26:48 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "asianet.co.th"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "e230defef8153dd503e7ecb0675164ad",
      "sha1" : "475bd89dfe44f40f031fef4144544b7d1feb65a0",
      "sha256" : "5e53f8037b3da7f68a4fabac0a821f3ff70592772413addda3e5023a9d2a9052"
   },
   "geolocus" : {
      "asn" : "AS17552",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "TH",
      "countryname" : "Thailand",
      "domain" : [
         "asianet.co.th",
         "trueinternet.co.th"
      ],
      "isineu" : "false",
      "latitude" : "15.870032",
      "location" : "15.870032,100.992541",
      "longitude" : "100.992541",
      "netname" : "TRUENET-HISP",
      "organization" : "TRUE BROADBAND",
      "subnet" : "171.97.128.0/17"
   },
   "host" : [
      "ppp-171-97-217-113"
   ],
   "hostname" : [
      "ppp-171-97-217-113.revip8.asianet.co.th"
   ],
   "ip" : "171.97.217.113",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Locality",
      "commonname" : "pfSense-5971e1284144e",
      "country" : "US",
      "email" : "admin@pfSense.localdomain",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "13.7618",
   "location" : "13.7618,100.5324",
   "longitude" : "100.5324",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "True Online",
   "port" : 513,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "reverse" : [
      "ppp-171-97-217-113.revip8.asianet.co.th"
   ],
   "seen_date" : "2024-11-06",
   "serial" : "5b:b6:ca:a9:53:d6:33:cd",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "revip8.asianet.co.th"
   ],
   "subject" : {
      "altname" : [
         "pfSense-5971e1284144e"
      ],
      "city" : "Locality",
      "commonname" : "pfSense-5971e1284144e",
      "country" : "US",
      "email" : "admin@pfSense.localdomain",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "subnet" : "171.96.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "co.th"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2028-06-07T06:36:01Z",
      "notbefore" : "2022-12-16T06:36:01Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 102.50.251.104:513 (tcp/http/tls) - last seen on 2024-11-05 at 05:55:54 UTC

    • IP
      102.50.251.104
      Network
      102.50.0.0/16
      Device

      <enterprise field>: device.class

      HTTP Title
      400 Bad Request
      ASN
      AS6713
      Organization
      Itissalat Al-MAGHRIB
      Protocol
      http Cert not expired http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      pfSense-641ec9702c1fb
      Issuer Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Common Name
      pfSense-641ec9702c1fb
      Subject Alt Name
      pfSense-641ec9702c1fb
      SHA256 Fingerprint
      7bb6b6b3b68c4236e2042120d21ed1627fb01bde2a8c1248dcf3e5eb0e9f185e
      Validity Not Before
      2024-02-08T23:00:20Z
      Validity Not After
      2025-03-12T23:00:20Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Tue, 05 Nov 2024 05:55:54 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T05:55:54.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 60565001,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS6713",
   "ca" : "false",
   "city" : "Tangier",
   "country" : "MA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Tue, 05 Nov 2024 05:55:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "23c07579da844fc1e51b240591968f35",
      "sha1" : "45428e9bba4b84ef2847b5cb1b6d4649a705628e",
      "sha256" : "7bb6b6b3b68c4236e2042120d21ed1627fb01bde2a8c1248dcf3e5eb0e9f185e"
   },
   "geolocus" : {
      "asn" : "AS6713",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "MA",
      "countryname" : "Morocco",
      "isineu" : "false",
      "latitude" : "31.791702",
      "location" : "31.791702,-7.09262",
      "longitude" : "-7.09262",
      "netname" : "Rabat_4G_MarocTelecom",
      "organization" : "route object",
      "subnet" : "102.50.0.0/16"
   },
   "ip" : "102.50.251.104",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "pfSense-641ec9702c1fb",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.7758",
   "location" : "35.7758,-5.7909",
   "longitude" : "-5.7909",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Itissalat Al-MAGHRIB",
   "port" : 513,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-05",
   "serial" : "6f:51:55:55:08:b4:5a:c6",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subject" : {
      "altname" : [
         "pfSense-641ec9702c1fb"
      ],
      "commonname" : "pfSense-641ec9702c1fb",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "subnet" : "102.50.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-03-12T23:00:20Z",
      "notbefore" : "2024-02-08T23:00:20Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 175.140.31.95:513 (tcp/http/tls) - last seen on 2024-11-05 at 05:43:26 UTC

    • IP
      175.140.31.95
      Network
      175.136.0.0/13
      Device

      <enterprise field>: device.class

      HTTP Title
      400 Bad Request
      ASN
      AS4788
      Organization
      TM TECHNOLOGY SERVICES SDN. BHD.
      Protocol
      http Cert not expired http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      ESONBP-A-663b005bcc88c
      Issuer Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Common Name
      ESONBP-A-663b005bcc88c
      Subject Alt Name
      ESONBP-A-663b005bcc88c
      SHA256 Fingerprint
      15f05757984ec3a60bd68ba5d777a3721982a38a671c9be8767bfecc285a9d29
      Validity Not Before
      2024-05-08T04:32:28Z
      Validity Not After
      2025-06-10T04:32:28Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Tue, 05 Nov 2024 05:43:25 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T05:43:26.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : -1742300449,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS4788",
   "ca" : "false",
   "city" : "Shah Alam",
   "country" : "MY",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Tue, 05 Nov 2024 05:43:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "224e65861183ff322b1ba589dc9ee855",
      "sha1" : "11ad5415dd3d92ccaa9845f11074e5b2ba4de417",
      "sha256" : "15f05757984ec3a60bd68ba5d777a3721982a38a671c9be8767bfecc285a9d29"
   },
   "geolocus" : {
      "asn" : "AS4788",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "MY",
      "countryname" : "Malaysia",
      "domain" : [
         "tm.com.my",
         "tm.net.my"
      ],
      "isineu" : "false",
      "latitude" : "4.210484",
      "location" : "4.210484,101.975766",
      "longitude" : "101.975766",
      "netname" : "ADSL-STREAMYX",
      "organization" : "TM TECHNOLOGY SERVICES SDN BHD",
      "subnet" : "175.140.30.0/23"
   },
   "ip" : "175.140.31.95",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "ESONBP-A-663b005bcc88c",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "3.0838",
   "location" : "3.0838,101.5326",
   "longitude" : "101.5326",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TM TECHNOLOGY SERVICES SDN. BHD.",
   "port" : 513,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-05",
   "serial" : "0e:d8:6a:10:8b:4b:57:34",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subject" : {
      "altname" : [
         "ESONBP-A-663b005bcc88c"
      ],
      "commonname" : "ESONBP-A-663b005bcc88c",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "subnet" : "175.136.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-06-10T04:32:28Z",
      "notbefore" : "2024-05-08T04:32:28Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 80.241.139.38:513 (tcp/http/tls) - last seen on 2024-11-03 at 00:02:25 UTC

    • IP
      80.241.139.38
      Network
      80.241.136.0/22
      Device

      <enterprise field>: device.class

      HTTP Title
      400 Bad Request
      ASN
      AS202132
      Organization
      Sysman Progetti & Servizi srl
      Protocol
      http Cert expired http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      pfSense-620a764d05b9b
      Issuer Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Common Name
      pfSense-620a764d05b9b
      Subject Alt Name
      pfSense-620a764d05b9b
      SHA256 Fingerprint
      7a0673f7c08df28680ddfe8af262d2f81362c7c906034d027a5b1be8e68d71b5
      Validity Not Before
      2023-08-16T08:11:16Z
      Validity Not After
      2024-09-17T08:11:16Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Sun, 03 Nov 2024 00:02:24 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-03T00:02:25.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 1963327381,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS202132",
   "ca" : "false",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Sun, 03 Nov 2024 00:02:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "7383715b74ae758afbb1db634b8ead00",
      "sha1" : "4a66ba2f5914a1b6e07c057a1fb4f02a8a70f085",
      "sha256" : "7a0673f7c08df28680ddfe8af262d2f81362c7c906034d027a5b1be8e68d71b5"
   },
   "ip" : "80.241.139.38",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "pfSense-620a764d05b9b",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "43.1479",
   "location" : "43.1479,12.1097",
   "longitude" : "12.1097",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Sysman Progetti & Servizi srl",
   "port" : 513,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-03",
   "serial" : "27:a1:bd:61:35:a0:a6:de",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subject" : {
      "altname" : [
         "pfSense-620a764d05b9b"
      ],
      "commonname" : "pfSense-620a764d05b9b",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "subnet" : "80.241.136.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2024-09-17T08:11:16Z",
      "notbefore" : "2023-08-16T08:11:16Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 187.170.126.55:513 (tcp/http/tls) - last seen on 2024-10-25 at 10:20:17 UTC

    • IP
      187.170.126.55
      Network
      187.168.0.0/14
      Domain(s)
      prod-infinitum.com.mx
      Device

      <enterprise field>: device.class

      HTTP Title
      400 Bad Request
      Reverse DNS
      dsl-187-170-126-55-dyn.prod-infinitum.com.mx
      ASN
      AS8151
      Organization
      UNINET
      Protocol
      http Cert not expired http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      pfSense-60f6d98287504
      Issuer Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Common Name
      pfSense-60f6d98287504
      Subject Alt Name
      pfSense-60f6d98287504
      SHA256 Fingerprint
      9f8b582444a3809045b9c481fa5f71107709620eac67ba04640b59c50e6ef4c4
      Validity Not Before
      2024-10-01T20:13:06Z
      Validity Not After
      2025-11-03T20:13:06Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Fri, 25 Oct 2024 10:20:17 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-25T10:20:17.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : -1825165871,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS8151",
   "ca" : "false",
   "city" : "Cuauht\u00e9moc",
   "country" : "MX",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Fri, 25 Oct 2024 10:20:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "prod-infinitum.com.mx"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6f316be465fea252fc5eade2c7f671a5",
      "sha1" : "991e40aca01f572ea0df9f143342e2738912f85f",
      "sha256" : "9f8b582444a3809045b9c481fa5f71107709620eac67ba04640b59c50e6ef4c4"
   },
   "geolocus" : {
      "asn" : "AS8151",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "MX",
      "countryname" : "Mexico",
      "domain" : [
         "prod-infinitum.com.mx",
         "reduno.com.mx",
         "uninet.com.mx",
         "uninet.net.mx"
      ],
      "isineu" : "false",
      "latitude" : "23.634501",
      "location" : "23.634501,-102.552784",
      "longitude" : "-102.552784",
      "netname" : "MX-USCV4-LACNIC",
      "organization" : "UNINET",
      "subnet" : "187.170.0.0/15"
   },
   "host" : [
      "dsl-187-170-126-55-dyn"
   ],
   "hostname" : [
      "dsl-187-170-126-55-dyn.prod-infinitum.com.mx"
   ],
   "ip" : "187.170.126.55",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "pfSense-60f6d98287504",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "19.4361",
   "location" : "19.4361,-99.1541",
   "longitude" : "-99.1541",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UNINET",
   "port" : 513,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "reverse" : [
      "dsl-187-170-126-55-dyn.prod-infinitum.com.mx"
   ],
   "seen_date" : "2024-10-25",
   "serial" : "4a:1c:aa:d6:16:d0:22:eb",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subject" : {
      "altname" : [
         "pfSense-60f6d98287504"
      ],
      "commonname" : "pfSense-60f6d98287504",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "subnet" : "187.168.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com.mx"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-11-03T20:13:06Z",
      "notbefore" : "2024-10-01T20:13:06Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 62.165.235.175:513 (tcp/http/tls) - last seen on 2024-10-24 at 15:36:25 UTC

    • IP
      62.165.235.175
      Network
      62.165.192.0/18
      Domain(s)
      digikabel.hu
      Device

      <enterprise field>: device.class

      HTTP Title
      400 Bad Request
      Reverse DNS
      62-165-235-175.pool.digikabel.hu
      ASN
      AS20845
      Organization
      DIGI Tavkozlesi es Szolgaltato Kft.
      Protocol
      http Cert not expired http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      pfSense-5f2df1c04b2ff
      Issuer Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Email
      admin@pfSense.localdomain
      Subject Common Name
      pfSense-5f2df1c04b2ff
      Subject Alt Name
      pfSense-5f2df1c04b2ff
      SHA256 Fingerprint
      4fd5b03bac5e734c834b08c6494d5777f1056c202f0cf518b11f7f3fe962a3a5
      Validity Not Before
      2020-08-08T00:28:56Z
      Validity Not After
      2026-01-29T00:28:56Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 24 Oct 2024 15:36:25 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-24T15:36:25.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 1994235661,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS20845",
   "ca" : "false",
   "city" : "P\u00fcsp\u00f6kszil\u00e1gy",
   "country" : "HU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 24 Oct 2024 15:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "digikabel.hu"
   ],
   "extkeyusage" : [
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "a71d41b3d4cc8e2c7da7c905ffd1eda6",
      "sha1" : "78caca07b7558d42218441edfa9f054b16d5f73e",
      "sha256" : "4fd5b03bac5e734c834b08c6494d5777f1056c202f0cf518b11f7f3fe962a3a5"
   },
   "host" : [
      "62-165-235-175"
   ],
   "hostname" : [
      "62-165-235-175.pool.digikabel.hu"
   ],
   "ip" : "62.165.235.175",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Locality",
      "commonname" : "pfSense-5f2df1c04b2ff",
      "country" : "US",
      "email" : "admin@pfSense.localdomain",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "47.7436",
   "location" : "47.7436,19.3150",
   "longitude" : "19.3150",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "DIGI Tavkozlesi es Szolgaltato Kft.",
   "port" : 513,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "reverse" : [
      "62-165-235-175.pool.digikabel.hu"
   ],
   "seen_date" : "2024-10-24",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "pool.digikabel.hu"
   ],
   "subject" : {
      "altname" : [
         "pfSense-5f2df1c04b2ff"
      ],
      "city" : "Locality",
      "commonname" : "pfSense-5f2df1c04b2ff",
      "country" : "US",
      "email" : "admin@pfSense.localdomain",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "subnet" : "62.165.192.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "hu"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2026-01-29T00:28:56Z",
      "notbefore" : "2020-08-08T00:28:56Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 103.174.212.155:513 (tcp/http/tls) - last seen on 2024-10-20 at 17:51:02 UTC

    • IP
      103.174.212.155
      Network
      103.174.212.0/23
      Device

      <enterprise field>: device.class

      HTTP Title
      400 Bad Request
      ASN
      AS140766
      Organization
      FPT Smart Cloud Company Limited
      Protocol
      http Cert expired http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      pfSense-6305d34dada0d
      Issuer Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Common Name
      pfSense-6305d34dada0d
      Subject Alt Name
      pfSense-6305d34dada0d
      SHA256 Fingerprint
      79f00b08256bb8ced4a6f6717e39f720488de7b429c61fee92d33743bc6bb02c
      Validity Not Before
      2022-08-24T07:29:17Z
      Validity Not After
      2023-09-26T07:29:17Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Sun, 20 Oct 2024 17:51:00 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-20T17:51:02.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : -516945081,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS140766",
   "ca" : "false",
   "country" : "VN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Sun, 20 Oct 2024 17:51:00 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "9ffc5afaf1c75e28e8bec3d03e130967",
      "sha1" : "1783f5b5e677d335c38bca981827c704ba360483",
      "sha256" : "79f00b08256bb8ced4a6f6717e39f720488de7b429c61fee92d33743bc6bb02c"
   },
   "geolocus" : {
      "asn" : "AS140766",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "VN",
      "countryname" : "Vietnam",
      "domain" : [
         "fis.com.vn",
         "fpt.com.vn",
         "fptcloud.com",
         "vnnic.vn"
      ],
      "isineu" : "false",
      "latitude" : "14.058324",
      "location" : "14.058324,108.277199",
      "longitude" : "108.277199",
      "netname" : "FIS-VN",
      "organization" : "FIS-VN",
      "subnet" : "103.174.212.0/23"
   },
   "ip" : "103.174.212.155",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "pfSense-6305d34dada0d",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "16.1667",
   "location" : "16.1667,107.8333",
   "longitude" : "107.8333",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "FPT Smart Cloud Company Limited",
   "port" : 513,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-10-20",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subject" : {
      "altname" : [
         "pfSense-6305d34dada0d"
      ],
      "commonname" : "pfSense-6305d34dada0d",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "subnet" : "103.174.212.0/23",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2023-09-26T07:29:17Z",
      "notbefore" : "2022-08-24T07:29:17Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 201.40.228.97:513 (tcp/http/tls) - last seen on 2024-10-19 at 19:10:12 UTC

    • IP
      201.40.228.97
      Network
      201.40.0.0/15
      Domain(s)
      net.br
      Device

      <enterprise field>: device.class

      HTTP Title
      400 Bad Request
      Reverse DNS
      201-40-228-97.user3p.v-tal.net.br
      ASN
      AS8167
      Organization
      V tal
      Protocol
      http Cert expired http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      pfSense-63becee1d73c2
      Issuer Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Common Name
      pfSense-63becee1d73c2
      Subject Alt Name
      pfSense-63becee1d73c2
      SHA256 Fingerprint
      0a92e58fc2467c3b4f6614087c204e1eceee9573c400d35236dbcb310b8822d3
      Validity Not Before
      2023-01-11T14:59:46Z
      Validity Not After
      2024-02-13T14:59:46Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Sat, 19 Oct 2024 19:09:51 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-19T19:10:12.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : -23647036,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS8167",
   "ca" : "false",
   "city" : "S\u00e3o Jos\u00e9 dos Pinhais",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Sat, 19 Oct 2024 19:09:51 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "net.br"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "d1fe09e47060b90d46628ef9088ae633",
      "sha1" : "096353d22c4302d1265a653997cbf87988a6e50d",
      "sha256" : "0a92e58fc2467c3b4f6614087c204e1eceee9573c400d35236dbcb310b8822d3"
   },
   "geolocus" : {
      "asn" : "AS8167",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "cert.br",
         "net.br",
         "vtal.com"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "02.041.460/0001-93",
      "organization" : "V tal",
      "subnet" : "201.40.0.0/15"
   },
   "host" : [
      "201-40-228-97"
   ],
   "hostname" : [
      "201-40-228-97.user3p.v-tal.net.br"
   ],
   "ip" : "201.40.228.97",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "pfSense-63becee1d73c2",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "-25.5283",
   "location" : "-25.5283,-49.2161",
   "longitude" : "-49.2161",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "V tal",
   "port" : 513,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "reverse" : [
      "201-40-228-97.user3p.v-tal.net.br"
   ],
   "seen_date" : "2024-10-19",
   "serial" : "80:63:1b:4b:c4:27:9c",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "user3p.v-tal.net.br",
      "v-tal.net.br"
   ],
   "subject" : {
      "altname" : [
         "pfSense-63becee1d73c2"
      ],
      "commonname" : "pfSense-63becee1d73c2",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "subnet" : "201.40.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "br"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2024-02-13T14:59:46Z",
      "notbefore" : "2023-01-11T14:59:46Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 80.241.139.30:513 (tcp/http/tls) - last seen on 2024-10-19 at 02:23:02 UTC

    • IP
      80.241.139.30
      Network
      80.241.136.0/22
      Device

      <enterprise field>: device.class

      HTTP Title
      400 Bad Request
      ASN
      AS202132
      Organization
      Sysman Progetti & Servizi srl
      Protocol
      http Cert not expired http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      pfSense-620a764d05b9b
      Issuer Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Organization
      pfSense webConfigurator Self-Signed Certificate
      Subject Common Name
      pfSense-620a764d05b9b
      Subject Alt Name
      pfSense-620a764d05b9b
      SHA256 Fingerprint
      551a63902071b325847ce5d8772e8bb2647d62e6adea801c8210bbcd99a94e1a
      Validity Not Before
      2024-08-09T08:58:43Z
      Validity Not After
      2025-09-11T08:58:43Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Sat, 19 Oct 2024 02:23:01 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-19T02:23:02.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 601319103,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS202132",
   "ca" : "false",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Sat, 19 Oct 2024 02:23:01 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "d8bc830a0974b340cff04ff62a040555",
      "sha1" : "34d6befa19e137a322ad5133a414e5359de6e0f1",
      "sha256" : "551a63902071b325847ce5d8772e8bb2647d62e6adea801c8210bbcd99a94e1a"
   },
   "ip" : "80.241.139.30",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "pfSense-620a764d05b9b",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "43.1479",
   "location" : "43.1479,12.1097",
   "longitude" : "12.1097",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Sysman Progetti & Servizi srl",
   "port" : 513,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-10-19",
   "serial" : "7c:af:8f:a1:26:7c:62:c5",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subject" : {
      "altname" : [
         "pfSense-620a764d05b9b"
      ],
      "commonname" : "pfSense-620a764d05b9b",
      "organization" : "pfSense webConfigurator Self-Signed Certificate"
   },
   "subnet" : "80.241.136.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-09-11T08:58:43Z",
      "notbefore" : "2024-08-09T08:58:43Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}