ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 450,294 in 0.169 second(s)

  • 223.109.44.31:8009 (tcp/http) - last seen on 2024-11-07 at 05:29:54 UTC

    • IP
      223.109.44.31
      Network
      223.108.0.0/15
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      HTTP Title
      400 Bad Request
      ASN
      AS56046
      Organization
      China Mobile communications corporation
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d26832cef2d6b065c9f383b6f61afa28
      HTTP Header MD5
      aab3c0b3de3f950af5447050a944485f
      HTTP Body MD5
      9a3644c72636f3713846bb373be3b89a 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:29:53 GMT
Content-Type: text/html
Content-Length: 2371
Connection: close
x-ws-request-id: 672c5051_PS-000-01axR31_24131-32052

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 05:29:53 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-000-01axR31
				<br>URL: 
				<br>Request-Id: 672c5051_PS-000-01axR31_24131-32052
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G"></pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:29:54.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "9a3644c72636f3713846bb373be3b89a",
         "bodymmh3" : 1927679435,
         "headermd5" : "aab3c0b3de3f950af5447050a944485f",
         "headermmh3" : -1636999311,
         "title" : "400 Bad Request"
      },
      "length" : 2565
   },
   "asn" : "AS56046",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:29:53 GMT\r\nContent-Type: text/html\r\nContent-Length: 2371\r\nConnection: close\r\nx-ws-request-id: 672c5051_PS-000-01axR31_24131-32052\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 05:29:53 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-000-01axR31\n\t\t\t\t<br>URL: \n\t\t\t\t<br>Request-Id: 672c5051_PS-000-01axR31_24131-32052\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\"></pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "d26832cef2d6b065c9f383b6f61afa28",
   "datammh3" : -220584892,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS56046",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "223.108.0.0/15"
   },
   "ip" : "223.109.44.31",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile communications corporation",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8009,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "223.108.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

  • 67.218.246.132:8009 (tcp/http) - last seen on 2024-11-07 at 05:29:30 UTC

    • IP
      67.218.246.132
      Network
      67.218.224.0/19
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      HTTP Title
      Bad Request
      ASN
      AS15704
      Organization
      Xtra Telecom S.A.
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      Microsoft HTTPAPI 2.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      ab7ec59c257a6ef4d994483c583b818c
      HTTP Header MD5
      5f8987fc4ee9770a3292cd04557b2dbf
      HTTP Body MD5
      779df2c90c98bc5e3cb4127ecf04909e 
    • HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 05:29:28 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:29:30.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 170063020,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS15704",
   "city" : "Barcelona",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 05:29:28 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS15704",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "ES",
      "countryname" : "Spain",
      "domain" : [
         "masmovil.com"
      ],
      "isineu" : "true",
      "latitude" : "40.463667",
      "location" : "40.463667,-3.74922",
      "longitude" : "-3.74922",
      "netname" : "ES-MUNDITELECOM-20071203",
      "organization" : "XTRA TELECOM S.A.",
      "subnet" : "67.218.224.0/19"
   },
   "ip" : "67.218.246.132",
   "ipv6" : "false",
   "latitude" : "41.4162",
   "location" : "41.4162,2.1543",
   "longitude" : "2.1543",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Xtra Telecom S.A.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 8009,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "67.218.224.0/19",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

  • 223.111.18.129:8009 (tcp/http) - last seen on 2024-11-07 at 05:29:04 UTC

    • IP
      223.111.18.129
      Network
      223.111.0.0/16
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      HTTP Title
      400 Bad Request
      ASN
      AS56046
      Organization
      China Mobile communications corporation
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      6871183cd10bcd160625c6fc3a370412
      HTTP Header MD5
      ceb330bb9e3fa3d46061a324590a1139
      HTTP Body MD5
      585cc998bc73e8ba881c03180f57fb87 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:29:02 GMT
Content-Type: text/html
Content-Length: 2371
Connection: close
x-ws-request-id: 672c501e_PS-NKG-01P4251_25941-15947

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 05:29:02 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-NKG-01P4251
				<br>URL: 
				<br>Request-Id: 672c501e_PS-NKG-01P4251_25941-15947
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G"></pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:29:04.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "585cc998bc73e8ba881c03180f57fb87",
         "bodymmh3" : -1774547922,
         "headermd5" : "ceb330bb9e3fa3d46061a324590a1139",
         "headermmh3" : -623733049,
         "title" : "400 Bad Request"
      },
      "length" : 2565
   },
   "asn" : "AS56046",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:29:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 2371\r\nConnection: close\r\nx-ws-request-id: 672c501e_PS-NKG-01P4251_25941-15947\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 05:29:02 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-NKG-01P4251\n\t\t\t\t<br>URL: \n\t\t\t\t<br>Request-Id: 672c501e_PS-NKG-01P4251_25941-15947\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\"></pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "6871183cd10bcd160625c6fc3a370412",
   "datammh3" : -112837768,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS56046",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "223.111.0.0/16"
   },
   "ip" : "223.111.18.129",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile communications corporation",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8009,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "223.111.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

  • 120.39.213.169:8009 (tcp/http) - last seen on 2024-11-07 at 05:29:04 UTC

    • IP
      120.39.213.169
      Network
      120.39.192.0/19
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      HTTP Title
      400 Bad Request
      ASN
      AS133774
      Organization
      Fuzhou
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      7b122a007fc37428f9a30563b1193bf6
      HTTP Header MD5
      4326354b0b52689564059e0702ebb5a1
      HTTP Body MD5
      c6774c98ca58b8dc6e2063ff1aada5ef 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:29:02 GMT
Content-Type: text/html
Content-Length: 2371
Connection: close
x-ws-request-id: 672c501e_PS-FOC-01kI727_31070-59085

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 07 Nov 2024 05:29:02 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: PS-FOC-01kI727
				<br>URL: 
				<br>Request-Id: 672c501e_PS-FOC-01kI727_31070-59085
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G"></pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:29:04.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "c6774c98ca58b8dc6e2063ff1aada5ef",
         "bodymmh3" : -458382134,
         "headermd5" : "4326354b0b52689564059e0702ebb5a1",
         "headermmh3" : -1283449026,
         "title" : "400 Bad Request"
      },
      "length" : 2565
   },
   "asn" : "AS133774",
   "city" : "Hangzhou",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:29:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 2371\r\nConnection: close\r\nx-ws-request-id: 672c501e_PS-FOC-01kI727_31070-59085\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 07 Nov 2024 05:29:02 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: PS-FOC-01kI727\n\t\t\t\t<br>URL: \n\t\t\t\t<br>Request-Id: 672c501e_PS-FOC-01kI727_31070-59085\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\"></pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "7b122a007fc37428f9a30563b1193bf6",
   "datammh3" : 1402685425,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS133774",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn",
         "fz.fj.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-FJ",
      "organization" : "CHINANET FUJIAN PROVINCE NETWORK",
      "subnet" : "120.39.192.0/19"
   },
   "ip" : "120.39.213.169",
   "ipv6" : "false",
   "latitude" : "30.2994",
   "location" : "30.2994,120.1612",
   "longitude" : "120.1612",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Fuzhou",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8009,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "120.39.192.0/19",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

  • 34.124.173.213:8009 (tcp/http) - last seen on 2024-11-07 at 05:29:03 UTC

    • IP
      34.124.173.213
      Network
      34.120.0.0/13
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      HTTP Title
      400 Bad Request
      ASN
      AS396982
      Organization
      GOOGLE-CLOUD-PLATFORM
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      28715c6ec3fd38b6ed232e3e37959e9c
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      16444d0bf46608253d591db62f41e7c3 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Nov 2024 05:29:01 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:29:03.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "16444d0bf46608253d591db62f41e7c3",
         "bodymmh3" : -534304446,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 251012252,
         "title" : "400 Bad Request"
      },
      "length" : 295
   },
   "asn" : "AS396982",
   "city" : "Singapore",
   "country" : "SG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:29:01 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "28715c6ec3fd38b6ed232e3e37959e9c",
   "datammh3" : -1512152686,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS396982",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "google.com",
         "googleusercontent.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "GOOGL-2",
      "organization" : "Google LLC",
      "subnet" : "34.124.128.0/17"
   },
   "ip" : "34.124.173.213",
   "ipv6" : "false",
   "latitude" : "1.2868",
   "location" : "1.2868,103.8503",
   "longitude" : "103.8503",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GOOGLE-CLOUD-PLATFORM",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8009,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "34.120.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

  • 122.176.21.146:8009 (tcp/ajp13) - last seen on 2024-11-07 at 05:29:00 UTC

    • IP
      122.176.21.146
      Network
      122.176.0.0/17
      Domain(s)
      airtelbroadband.in
      Operating System
      Linux Linux Kernel
      Reverse DNS
      abts-north-static-146.21.176.122.airtelbroadband.in
      ASN
      AS24560
      Organization
      Bharti Airtel Ltd., Telemedia Services
      Protocol
      ajp13
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      fcfe969b48a6d6068a43b11c96f84796 
    • AB\x00\x0b\x04\x01\xf4\x00\x03500\x00\x00\x00AB\x00\x02\x05\x00
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:29:00.000Z",
   "app" : {
      "length" : 21
   },
   "asn" : "AS24560",
   "city" : "Kolkata",
   "country" : "IN",
   "data" : "AB\\x00\\x0b\\x04\\x01\\xf4\\x00\\x03500\\x00\\x00\\x00AB\\x00\\x02\\x05\\x00",
   "datamd5" : "fcfe969b48a6d6068a43b11c96f84796",
   "datammh3" : 1761144255,
   "domain" : [
      "airtelbroadband.in"
   ],
   "geolocus" : {
      "asn" : "AS24560",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IN",
      "countryname" : "India",
      "domain" : [
         "airtel.com",
         "airtelbroadband.in"
      ],
      "isineu" : "false",
      "latitude" : "20.593684",
      "location" : "20.593684,78.96288",
      "longitude" : "78.96288",
      "netname" : "BNLD-209392-NewDelhi",
      "organization" : "ABTS-DSl-DEL",
      "subnet" : "122.176.0.0/16"
   },
   "host" : [
      "abts-north-static-146"
   ],
   "hostname" : [
      "abts-north-static-146.21.176.122.airtelbroadband.in"
   ],
   "ip" : "122.176.21.146",
   "ipv6" : "false",
   "latitude" : "22.5180",
   "location" : "22.5180,88.3832",
   "longitude" : "88.3832",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Bharti Airtel Ltd., Telemedia Services",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8009,
   "protocol" : "ajp13",
   "reverse" : [
      "abts-north-static-146.21.176.122.airtelbroadband.in"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "21.176.122.airtelbroadband.in",
      "122.airtelbroadband.in",
      "176.122.airtelbroadband.in"
   ],
   "subnet" : "122.176.0.0/17",
   "tld" : [
      "in"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

  • <access denied by policy>:<access denied by policy> (<access denied by policy>/<access denied by policy>) - last seen on 2024-11-07 at 05:28:59 UTC

    • IP

      <access denied by policy>

      Network

      <access denied by policy>

      Domain(s)
      Operating System

      <access denied by policy> <access denied by policy>

      Reverse DNS

      <access denied by policy>

      ASN

      <access denied by policy>

      Organization

      <access denied by policy>

      Protocol

      <access denied by policy>

      Source

      <access denied by policy>

    • Operating System

      <access denied by policy> <access denied by policy>

      Product

      <access denied by policy> <access denied by policy>

      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5

      <access denied by policy>

    • <access denied by policy>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:28:59.000Z",
   "app" : "<enterprise field>: app",
   "asn" : "<access denied by policy>",
   "city" : "<access denied by policy>",
   "country" : "<access denied by policy>",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<access denied by policy>",
   "datamd5" : "<access denied by policy>",
   "datammh3" : "<access denied by policy>",
   "device" : "<enterprise field>: device",
   "domain" : "<access denied by policy>",
   "geolocus" : "<enterprise field>: geolocus",
   "host" : "<access denied by policy>",
   "hostname" : "<access denied by policy>",
   "ip" : "<access denied by policy>",
   "ipv6" : "<access denied by policy>",
   "latitude" : "<access denied by policy>",
   "location" : "<access denied by policy>",
   "longitude" : "<access denied by policy>",
   "node" : "<enterprise field>: node",
   "organization" : "<access denied by policy>",
   "os" : "<access denied by policy>",
   "osvendor" : "<access denied by policy>",
   "port" : "<access denied by policy>",
   "product" : "<access denied by policy>",
   "productvendor" : "<access denied by policy>",
   "protocol" : "<access denied by policy>",
   "protocolversion" : "<access denied by policy>",
   "reverse" : "<access denied by policy>",
   "seen_date" : "<access denied by policy>",
   "source" : "<access denied by policy>",
   "subdomains" : "<access denied by policy>",
   "subnet" : "<access denied by policy>",
   "tag" : "<enterprise field>: tag",
   "tld" : "<access denied by policy>",
   "tls" : "<access denied by policy>",
   "transport" : "<access denied by policy>"
}

  • 118.195.248.186:8009 (tcp/ajp13) - last seen on 2024-11-07 at 05:28:51 UTC

    • IP
      118.195.248.186
      Network
      118.195.128.0/17
      Operating System
      Linux Linux Kernel
      ASN
      AS45090
      Organization
      Shenzhen Tencent Computer Systems Company Limited
      Protocol
      ajp13
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Apache Tomcat 8.5.42
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      9de358f33c154a282f63089c7f63e634 
    • AB\x007\x04\x01\xf4\x00\x03500\x00\x00\x03\xa0\x01\x00\x17text/html;charset=utf-8\x00\xa0\x02\x00\x02en\x00\xa0\x03\x00\x042289\x00AB\x08\xf5\x03\x08\xf1<!doctype html><html lang="en"><head><title>HTTP Status 500 \xe2\x80\x93 Internal Server Error</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 \xe2\x80\x93 Internal Server Error</h1><hr class="line" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Requested read of bytes at position [67] which is beyond the end of the AJP message</p><p><b>Description</b> The server encountered an unexpected condition that prevented it from fulfilling the request.</p><p><b>Exception</b></p><pre>java.lang.ArrayIndexOutOfBoundsException: Requested read of bytes at position [67] which is beyond the end of the AJP message
	org.apache.coyote.ajp.AjpMessage.validatePos(AjpMessage.java:389)
	org.apache.coyote.ajp.AjpMessage.getByte(AjpMessage.java:295)
	org.apache.coyote.ajp.AjpProcessor.prepareRequest(AjpProcessor.java:782)
	org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:455)
	org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:808)
	org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
	org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	java.lang.Thread.run(Thread.java:750)
</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class="line" /><h3>Apache Tomcat/8.5.42</h3></body></html>\x00AB\x00\x02\x05\x00
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:28:51.000Z",
   "app" : {
      "length" : 2362
   },
   "asn" : "AS45090",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "AB\\x007\\x04\\x01\\xf4\\x00\\x03500\\x00\\x00\\x03\\xa0\\x01\\x00\\x17text/html;charset=utf-8\\x00\\xa0\\x02\\x00\\x02en\\x00\\xa0\\x03\\x00\\x042289\\x00AB\\x08\\xf5\\x03\\x08\\xf1<!doctype html><html lang=\"en\"><head><title>HTTP Status 500 \\xe2\\x80\\x93 Internal Server Error</title><style type=\"text/css\">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 \\xe2\\x80\\x93 Internal Server Error</h1><hr class=\"line\" /><p><b>Type</b> Exception Report</p><p><b>Message</b> Requested read of bytes at position [67] which is beyond the end of the AJP message</p><p><b>Description</b> The server encountered an unexpected condition that prevented it from fulfilling the request.</p><p><b>Exception</b></p><pre>java.lang.ArrayIndexOutOfBoundsException: Requested read of bytes at position [67] which is beyond the end of the AJP message\n\torg.apache.coyote.ajp.AjpMessage.validatePos(AjpMessage.java:389)\n\torg.apache.coyote.ajp.AjpMessage.getByte(AjpMessage.java:295)\n\torg.apache.coyote.ajp.AjpProcessor.prepareRequest(AjpProcessor.java:782)\n\torg.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:455)\n\torg.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)\n\torg.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:808)\n\torg.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)\n\torg.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)\n\tjava.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)\n\tjava.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)\n\torg.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\n\tjava.lang.Thread.run(Thread.java:750)\n</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class=\"line\" /><h3>Apache Tomcat/8.5.42</h3></body></html>\\x00AB\\x00\\x02\\x05\\x00",
   "datamd5" : "9de358f33c154a282f63089c7f63e634",
   "datammh3" : -1190828344,
   "geolocus" : {
      "asn" : "AS45090",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "qq.com",
         "szgwbn.net.cn",
         "tencent.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "SeeHuNET",
      "organization" : "Tencent Cloud Computing (Beijing) Co., Ltd",
      "subnet" : "118.195.128.0/17"
   },
   "ip" : "118.195.248.186",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Shenzhen Tencent Computer Systems Company Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8009,
   "product" : "Tomcat",
   "productvendor" : "Apache",
   "productversion" : "8.5.42",
   "protocol" : "ajp13",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "118.195.128.0/17",
   "tls" : "false",
   "transport" : "tcp"
}

  • 139.224.244.212:8009 (tcp/http) - last seen on 2024-11-07 at 05:28:50 UTC

    • IP
      139.224.244.212
      Network
      139.224.0.0/16
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      HTTP Title
      400 Bad Request
      ASN
      AS37963
      Organization
      Hangzhou Alibaba Advertising Co.,Ltd.
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx 1.21.6
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e00466f1183588d95234e9816c5771c8
      HTTP Header MD5
      ba3e2a8bcc1796b7f2e65dd148a036da
      HTTP Body MD5
      6d23532b92633bfc5d5c637eff75e043 
    • HTTP/1.1 400 Bad Request
Server: nginx/1.21.6
Date: Thu, 07 Nov 2024 05:28:49 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.21.6</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:28:50.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "6d23532b92633bfc5d5c637eff75e043",
         "bodymmh3" : 1618263867,
         "headermd5" : "ba3e2a8bcc1796b7f2e65dd148a036da",
         "headermmh3" : -1505605230,
         "title" : "400 Bad Request"
      },
      "length" : 309
   },
   "asn" : "AS37963",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.21.6\r\nDate: Thu, 07 Nov 2024 05:28:49 GMT\r\nContent-Type: text/html\r\nContent-Length: 157\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>nginx/1.21.6</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "e00466f1183588d95234e9816c5771c8",
   "datammh3" : 679605060,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS37963",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "alibaba-inc.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "ALISOFT",
      "organization" : "China Internet Network Information Center",
      "subnet" : "139.224.0.0/16"
   },
   "ip" : "139.224.244.212",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8009,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.21.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "139.224.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

  • 118.193.93.204:8009 (tcp/http) - last seen on 2024-11-07 at 05:28:50 UTC

    • IP
      118.193.93.204
      Network
      118.193.80.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      HTTP Title
      400 Bad Request
      ASN
      AS63199
      Organization
      CDSC-AS1
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      OpenResty OpenResty 1.21.4.1
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      cdf505c7b21d607988356c653a9f319a
      HTTP Header MD5
      4183fe0e1513be7c32d98f57bd0b1453
      HTTP Body MD5
      3a52a5aa8c6c7ed954f5f04d53af8c3f 
    • HTTP/1.1 400 Bad Request
Server: openresty/1.21.4.1
Date: Thu, 07 Nov 2024 05:28:49 GMT
Content-Type: text/html
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>openresty/1.21.4.1</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:28:50.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "1.21.4.1"
         ]
      },
      "http" : {
         "bodymd5" : "3a52a5aa8c6c7ed954f5f04d53af8c3f",
         "bodymmh3" : -1429326166,
         "headermd5" : "4183fe0e1513be7c32d98f57bd0b1453",
         "headermmh3" : 1621671812,
         "title" : "400 Bad Request"
      },
      "length" : 300
   },
   "asn" : "AS63199",
   "city" : "Hong Kong",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: openresty/1.21.4.1\r\nDate: Thu, 07 Nov 2024 05:28:49 GMT\r\nContent-Type: text/html\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 Bad Request</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<hr><center>openresty/1.21.4.1</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "cdf505c7b21d607988356c653a9f319a",
   "datammh3" : -1869599100,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS63199",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "urbanconnectedcloud.com"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "UCUL-HK",
      "organization" : "UCUL-HK",
      "subnet" : "118.193.93.0/24"
   },
   "ip" : "118.193.93.204",
   "ipv6" : "false",
   "latitude" : "22.2842",
   "location" : "22.2842,114.1759",
   "longitude" : "114.1759",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CDSC-AS1",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8009,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "productversion" : "1.21.4.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "118.193.80.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}