Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
20.162.59.133

Network
20.160.0.0/12

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Microsoft Azure RSA TLS Issuing CA 04

Issuer Organization
Microsoft Corporation

Subject Organization
Microsoft Corporation

Subject Common Name
wavnet.prod.cloudapp.net

Subject Alt Name
wavnet.prod.cloudapp.net

SHA256 Fingerprint
6ed1b6949e51930e400c0272eabbea931a4d4a517f64ee8f28be8aed655d6e04

Validity Not Before
2024-08-25T09:23:47Z

Validity Not After
2025-08-20T09:23:47Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 09:00:09 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:00:09.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 2124495194,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Cardiff",
   "country" : "GB",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 09:00:09 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "clientAuth",
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "7243db47c734b7dc4f262526712870c9",
      "sha1" : "5d48e9d1b0caa7d070fb5ae5b0d9990a13cf5eac",
      "sha256" : "6ed1b6949e51930e400c0272eabbea931a4d4a517f64ee8f28be8aed655d6e04"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "20.162.0.0/16"
   },
   "host" : [
      "wavnet"
   ],
   "hostname" : [
      "wavnet.prod.cloudapp.net"
   ],
   "ip" : "20.162.59.133",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Microsoft Azure RSA TLS Issuing CA 04",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "51.4866",
   "location" : "51.4866,-3.1549",
   "longitude" : "-3.1549",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 10001,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "serial" : "33:00:9d:9d:22:e6:5f:82:cd:3b:26:86:02:00:00:00:9d:9d:22",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "prod.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "wavnet.prod.cloudapp.net"
      ],
      "city" : "Redmond",
      "commonname" : "wavnet.prod.cloudapp.net",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "subnet" : "20.160.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-08-20T09:23:47Z",
      "notbefore" : "2024-08-25T09:23:47Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
13.69.216.163

Network
13.64.0.0/11

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Microsoft Azure RSA TLS Issuing CA 07

Issuer Organization
Microsoft Corporation

Subject Organization
Microsoft Corporation

Subject Common Name
wavnet.prod.cloudapp.net

Subject Alt Name
wavnet.prod.cloudapp.net

SHA256 Fingerprint
6c5fc839d82ae7f62c3cd6f0252f1b6a2637b53b41f5011c13754e6e6e1c9abb

Validity Not Before
2024-08-27T11:31:16Z

Validity Not After
2025-08-22T11:31:16Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 09:00:08 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:00:08.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 836399510,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Dublin",
   "country" : "IE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 09:00:08 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "clientAuth",
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "9c636602a46d57cb5c149af5e0073675",
      "sha1" : "d7e6ee2b4db6d285655b68eadf9007d616b46e95",
      "sha256" : "6c5fc839d82ae7f62c3cd6f0252f1b6a2637b53b41f5011c13754e6e6e1c9abb"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "13.69.128.0/17"
   },
   "host" : [
      "wavnet"
   ],
   "hostname" : [
      "wavnet.prod.cloudapp.net"
   ],
   "ip" : "13.69.216.163",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Microsoft Azure RSA TLS Issuing CA 07",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "53.3379",
   "location" : "53.3379,-6.2591",
   "longitude" : "-6.2591",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 10001,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "serial" : "33:00:6d:f3:0e:54:fe:ea:49:91:56:a9:b2:00:00:00:6d:f3:0e",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "prod.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "wavnet.prod.cloudapp.net"
      ],
      "city" : "Redmond",
      "commonname" : "wavnet.prod.cloudapp.net",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "subnet" : "13.64.0.0/11",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-08-22T11:31:16Z",
      "notbefore" : "2024-08-27T11:31:16Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
113.201.242.25

Alternative IP(s)
138.113.149.152 157.185.179.202 163.171.129.134 163.171.129.86 163.171.131.248 163.171.132.236 163.171.135.63 163.171.137.29 163.171.161.11 163.171.162.13 174.35.118.62 174.35.118.63 222.246.138.52 240e:96c:6000:2100:0:0:0:c7 2a01:53c0:ff0a:0:0:0:0:43 43.152.42.140 43.152.42.60 43.152.42.64

Network
113.201.0.0/16

Domain(s)
3304399.net 3839.com 3839app.com 4399.cn 4399.com 4399pk.com 4399youpai.com 5054399.com bldimg.com blued.com cdn20.com chinanetcenter.com chunboimg.com dianping.com dpfile.com heesay.com i3839.com img4399.com ip138.com kugou.com lof3.xyz lxdns.com lxdns.net meituan.net ourdvsss.com ourdvsssvip.com ourhttps.com rax0mai4.xyz walla-app.com wscdns.com wsfdn.com wslivehls.com ziroom.com zservey.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

HTTP Title
400 Bad Request

ASN
AS4837

Organization
CHINA UNICOM China169 Backbone

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe
Issuer Common Name
DigiCert Basic RSA CN CA G2

Issuer Organization
DigiCert Inc

Subject Organization
网宿科技股份有限公司厦门分公司

Subject Common Name
default.chinanetcenter.com

Subject Alt Name
default.chinanetcenter.com *.dianping.com *.dpfile.com *.meituan.net *.zservey.net *.wslivehls.com *.ourhttps.com *.wsfdn.com *.heesay.com *.i3839.com *.ourdvsss.com *.ziroom.com *.blued.com sstatic.chunboimg.com *.ip138.com m.bbs.3839.com nitrome.com.4399.com s3.chunboimg.com jssdk.3304399.net *.lof3.xyz *.rax0mai4.xyz *.4399.cn s0.chunboimg.com *.3839.com www.miniclip.com.4399pk.com ip138.com maangh2.chinanetcenter.com *.4399.com s1.chunboimg.com *.service.kugou.com lvs.lxdns.net *.wscdns.com *.walla-app.com *.bldimg.com *.5054399.com *.4399youpai.com *.3839app.com *.v.cdn20.com hls.vda.v.cdn20.com *.cntv.cdn20.com *.img4399.com s2.chunboimg.com *.cntv.lxdns.com *.ourdvsssvip.com *.v.wscdns.com 4399.cn

SHA256 Fingerprint
57e520eb8ee2a48043aa52c3fea652c2e67cfe2568d6212fa3375c36be2e9b8a

Validity Not Before
2024-11-06T00:00:00Z

Validity Not After
2025-11-16T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b085b6982b341a6a28ccbc9d6f0d9c2c

HTTP Header MD5
9aa7c91025fd0cc7e85484ebd6f71a81

HTTP Body MD5
6a0c923de834721fca2de178e1aae0d3

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 08:59:28 GMT
Content-Type: text/html
Content-Length: 2353
Connection: close
x-ws-request-id: 673ef670_ywt25_21135-61712

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 21 Nov 2024 08:59:28 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: ywt25
				<br>URL: 
				<br>Request-Id: 673ef670_ywt25_21135-61712
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G"></pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:59:28.000Z",
   "alternativeip" : [
      "138.113.149.152",
      "157.185.179.202",
      "163.171.129.134",
      "163.171.129.86",
      "163.171.131.248",
      "163.171.132.236",
      "163.171.135.63",
      "163.171.137.29",
      "163.171.161.11",
      "163.171.162.13",
      "174.35.118.62",
      "174.35.118.63",
      "222.246.138.52",
      "240e:96c:6000:2100:0:0:0:c7",
      "2a01:53c0:ff0a:0:0:0:0:43",
      "43.152.42.140",
      "43.152.42.60",
      "43.152.42.64"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "6a0c923de834721fca2de178e1aae0d3",
         "bodymmh3" : -1069332479,
         "headermd5" : "9aa7c91025fd0cc7e85484ebd6f71a81",
         "headermmh3" : -671068925,
         "title" : "400 Bad Request"
      },
      "length" : 2538
   },
   "asn" : "AS4837",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Xi'an",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:59:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 2353\r\nConnection: close\r\nx-ws-request-id: 673ef670_ywt25_21135-61712\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 21 Nov 2024 08:59:28 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: ywt25\n\t\t\t\t<br>URL: \n\t\t\t\t<br>Request-Id: 673ef670_ywt25_21135-61712\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\"></pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "b085b6982b341a6a28ccbc9d6f0d9c2c",
   "datammh3" : -842843726,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "3304399.net",
      "3839.com",
      "3839app.com",
      "4399.cn",
      "4399.com",
      "4399pk.com",
      "4399youpai.com",
      "5054399.com",
      "bldimg.com",
      "blued.com",
      "cdn20.com",
      "chinanetcenter.com",
      "chunboimg.com",
      "dianping.com",
      "dpfile.com",
      "heesay.com",
      "i3839.com",
      "img4399.com",
      "ip138.com",
      "kugou.com",
      "lof3.xyz",
      "lxdns.com",
      "lxdns.net",
      "meituan.net",
      "ourdvsss.com",
      "ourdvsssvip.com",
      "ourhttps.com",
      "rax0mai4.xyz",
      "walla-app.com",
      "wscdns.com",
      "wsfdn.com",
      "wslivehls.com",
      "ziroom.com",
      "zservey.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "089239ef2c407c178523e0d3bbe19774",
      "sha1" : "6bd364c1d2ad157d479f9b8a3b90a3ceca3112f2",
      "sha256" : "57e520eb8ee2a48043aa52c3fea652c2e67cfe2568d6212fa3375c36be2e9b8a"
   },
   "geolocus" : {
      "asn" : "AS4837",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "china-netcom.com",
         "chinaunicom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CNCGROUP-SN",
      "organization" : "CNC Group CHINA169 Shannxi Province Network",
      "subnet" : "113.201.0.0/16"
   },
   "host" : [
      "default",
      "hls",
      "jssdk",
      "lvs",
      "m",
      "maangh2",
      "nitrome",
      "s0",
      "s1",
      "s2",
      "s3",
      "sstatic",
      "www"
   ],
   "hostname" : [
      "4399.cn",
      "default.chinanetcenter.com",
      "hls.vda.v.cdn20.com",
      "ip138.com",
      "jssdk.3304399.net",
      "lvs.lxdns.net",
      "m.bbs.3839.com",
      "maangh2.chinanetcenter.com",
      "nitrome.com.4399.com",
      "s0.chunboimg.com",
      "s1.chunboimg.com",
      "s2.chunboimg.com",
      "s3.chunboimg.com",
      "sstatic.chunboimg.com",
      "www.miniclip.com.4399pk.com"
   ],
   "ip" : "113.201.242.25",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "DigiCert Basic RSA CN CA G2",
      "country" : "US",
      "organization" : "DigiCert Inc"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "34.3287",
   "location" : "34.3287,109.0337",
   "longitude" : "109.0337",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CHINA UNICOM China169 Backbone",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 10001,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "serial" : "0f:05:44:d9:df:f2:0a:e1:b4:a1:c1:2f:09:82:2a:8c",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "bbs.3839.com",
      "cntv.cdn20.com",
      "cntv.lxdns.com",
      "com.4399.com",
      "com.4399pk.com",
      "miniclip.com.4399pk.com",
      "service.kugou.com",
      "v.cdn20.com",
      "v.wscdns.com",
      "vda.v.cdn20.com"
   ],
   "subject" : {
      "altname" : [
         "default.chinanetcenter.com",
         "*.dianping.com",
         "*.dpfile.com",
         "*.meituan.net",
         "*.zservey.net",
         "*.wslivehls.com",
         "*.ourhttps.com",
         "*.wsfdn.com",
         "*.heesay.com",
         "*.i3839.com",
         "*.ourdvsss.com",
         "*.ziroom.com",
         "*.blued.com",
         "sstatic.chunboimg.com",
         "*.ip138.com",
         "m.bbs.3839.com",
         "nitrome.com.4399.com",
         "s3.chunboimg.com",
         "jssdk.3304399.net",
         "*.lof3.xyz",
         "*.rax0mai4.xyz",
         "*.4399.cn",
         "s0.chunboimg.com",
         "*.3839.com",
         "www.miniclip.com.4399pk.com",
         "ip138.com",
         "maangh2.chinanetcenter.com",
         "*.4399.com",
         "s1.chunboimg.com",
         "*.service.kugou.com",
         "lvs.lxdns.net",
         "*.wscdns.com",
         "*.walla-app.com",
         "*.bldimg.com",
         "*.5054399.com",
         "*.4399youpai.com",
         "*.3839app.com",
         "*.v.cdn20.com",
         "hls.vda.v.cdn20.com",
         "*.cntv.cdn20.com",
         "*.img4399.com",
         "s2.chunboimg.com",
         "*.cntv.lxdns.com",
         "*.ourdvsssvip.com",
         "*.v.wscdns.com",
         "4399.cn"
      ],
      "city" : "\u53a6\u95e8\u5e02",
      "commonname" : "default.chinanetcenter.com",
      "country" : "CN",
      "organization" : "\u7f51\u5bbf\u79d1\u6280\u80a1\u4efd\u6709\u9650\u516c\u53f8\u53a6\u95e8\u5206\u516c\u53f8"
   },
   "subnet" : "113.201.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "cn",
      "com",
      "net",
      "xyz"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-11-16T23:59:59Z",
      "notbefore" : "2024-11-06T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
20.33.46.25

Network
20.33.44.0/22

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8069

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Microsoft Azure RSA TLS Issuing CA 07

Issuer Organization
Microsoft Corporation

Subject Organization
Microsoft Corporation

Subject Common Name
wavnet.prod.cloudapp.net

Subject Alt Name
wavnet.prod.cloudapp.net

SHA256 Fingerprint
c869611c5f0e0de80e5b7c28fbb13d452a5001575cc35f8b0d4c9193b5e6a794

Validity Not Before
2024-08-23T02:28:54Z

Validity Not After
2025-08-18T02:28:54Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 08:59:27 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:59:27.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 1718333224,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8069",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 08:59:27 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "clientAuth",
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "0feca18ca010d947a25b3b867a55c67e",
      "sha1" : "f163a7ee3743f60fde9566fe48e0ac79ca914ced",
      "sha256" : "c869611c5f0e0de80e5b7c28fbb13d452a5001575cc35f8b0d4c9193b5e6a794"
   },
   "geolocus" : {
      "asn" : "AS8069",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "20.33.46.0/24"
   },
   "host" : [
      "wavnet"
   ],
   "hostname" : [
      "wavnet.prod.cloudapp.net"
   ],
   "ip" : "20.33.46.25",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Microsoft Azure RSA TLS Issuing CA 07",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "47.6034",
   "location" : "47.6034,-122.3414",
   "longitude" : "-122.3414",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 10001,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "serial" : "33:00:6c:80:69:7e:1d:45:73:bf:c0:c5:c4:00:00:00:6c:80:69",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "prod.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "wavnet.prod.cloudapp.net"
      ],
      "city" : "Redmond",
      "commonname" : "wavnet.prod.cloudapp.net",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "subnet" : "20.33.44.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-08-18T02:28:54Z",
      "notbefore" : "2024-08-23T02:28:54Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
52.189.236.144

Network
52.160.0.0/11

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Microsoft Azure RSA TLS Issuing CA 03

Issuer Organization
Microsoft Corporation

Subject Organization
Microsoft Corporation

Subject Common Name
wavnet.prod.cloudapp.net

Subject Alt Name
wavnet.prod.cloudapp.net

SHA256 Fingerprint
a34db1dbd94d0a405f0bcc235030e2951d9852bf8f644becb3ca20a73b258484

Validity Not Before
2024-07-08T03:59:38Z

Validity Not After
2025-07-03T03:59:38Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 08:59:27 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:59:27.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 1718333224,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Melbourne",
   "country" : "AU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 08:59:27 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "clientAuth",
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "330ae9d3cc4d10cd4c198756cab87180",
      "sha1" : "f0b5797cfc336dfefab6c41de57961d515da2c44",
      "sha256" : "a34db1dbd94d0a405f0bcc235030e2951d9852bf8f644becb3ca20a73b258484"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "52.189.192.0/18"
   },
   "host" : [
      "wavnet"
   ],
   "hostname" : [
      "wavnet.prod.cloudapp.net"
   ],
   "ip" : "52.189.236.144",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Microsoft Azure RSA TLS Issuing CA 03",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "-37.8159",
   "location" : "-37.8159,144.9669",
   "longitude" : "144.9669",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 10001,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "serial" : "33:00:73:be:a0:6b:24:fd:d8:8f:ef:6e:7d:00:00:00:73:be:a0",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "prod.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "wavnet.prod.cloudapp.net"
      ],
      "city" : "Redmond",
      "commonname" : "wavnet.prod.cloudapp.net",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "subnet" : "52.160.0.0/11",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-07-03T03:59:38Z",
      "notbefore" : "2024-07-08T03:59:38Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
20.92.161.198

Network
20.64.0.0/10

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Microsoft Azure RSA TLS Issuing CA 08

Issuer Organization
Microsoft Corporation

Subject Organization
Microsoft Corporation

Subject Common Name
wavnet.prod.cloudapp.net

Subject Alt Name
wavnet.prod.cloudapp.net

SHA256 Fingerprint
21bf5f61141a4e68f6cc8ad85bc93f244ed1636fcdf79e96efec9c24dd58317c

Validity Not Before
2024-07-18T09:36:43Z

Validity Not After
2025-07-13T09:36:43Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 08:55:25 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:55:25.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 368504125,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Sydney",
   "country" : "AU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 08:55:25 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "clientAuth",
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "b30854b40b517a88e345d96aef02e701",
      "sha1" : "c480ea1600604ae6a630bc6f569c9b0fbd5a52e5",
      "sha256" : "21bf5f61141a4e68f6cc8ad85bc93f244ed1636fcdf79e96efec9c24dd58317c"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "20.92.0.0/16"
   },
   "host" : [
      "wavnet"
   ],
   "hostname" : [
      "wavnet.prod.cloudapp.net"
   ],
   "ip" : "20.92.161.198",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Microsoft Azure RSA TLS Issuing CA 08",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "-33.8715",
   "location" : "-33.8715,151.2006",
   "longitude" : "151.2006",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 10001,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "serial" : "33:00:46:74:12:21:c6:ab:8c:b1:97:4c:ca:00:00:00:46:74:12",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "prod.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "wavnet.prod.cloudapp.net"
      ],
      "city" : "Redmond",
      "commonname" : "wavnet.prod.cloudapp.net",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "subnet" : "20.64.0.0/10",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-07-13T09:36:43Z",
      "notbefore" : "2024-07-18T09:36:43Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
140.150.6.198

Alternative IP(s)
138.113.149.152 157.185.179.202 163.171.129.134 163.171.129.86 163.171.131.248 163.171.132.236 163.171.135.63 163.171.137.29 163.171.161.11 163.171.162.13 174.35.118.62 174.35.118.63 222.246.138.50 240e:968:1000:2:0:0:0:5d 2a01:53c0:ff0a:0:0:0:0:43 43.132.66.200 43.132.66.242 43.132.66.245 43.132.66.251 43.152.186.117 43.152.186.235 43.152.186.92

Network
140.150.4.0/22

Domain(s)
3304399.net 3839.com 3839app.com 4399.cn 4399.com 4399pk.com 4399youpai.com 5054399.com bldimg.com blued.com cdn20.com chinanetcenter.com chunboimg.com dianping.com dpfile.com heesay.com i3839.com img4399.com ip138.com kugou.com lof3.xyz lxdns.com lxdns.net meituan.net ourdvsss.com ourdvsssvip.com ourhttps.com rax0mai4.xyz walla-app.com wscdns.com wsfdn.com wslivehls.com ziroom.com zservey.net

Device

<enterprise field>: device.class

HTTP Title
400 Bad Request

ASN
AS54994

Organization
ML-1432-54994

Protocol
http Cert not expired http

Source
datascan
Product
F5 Nginx

CPE(s)

<enterprise field>: cpe
Issuer Common Name
DigiCert Basic RSA CN CA G2

Issuer Organization
DigiCert Inc

Subject Organization
网宿科技股份有限公司厦门分公司

Subject Common Name
default.chinanetcenter.com

Subject Alt Name
default.chinanetcenter.com *.dianping.com *.dpfile.com *.meituan.net *.zservey.net *.wslivehls.com *.ourhttps.com *.wsfdn.com *.heesay.com *.i3839.com *.ourdvsss.com *.ziroom.com *.blued.com sstatic.chunboimg.com *.ip138.com m.bbs.3839.com nitrome.com.4399.com s3.chunboimg.com jssdk.3304399.net *.lof3.xyz *.rax0mai4.xyz *.4399.cn s0.chunboimg.com *.3839.com www.miniclip.com.4399pk.com ip138.com maangh2.chinanetcenter.com *.4399.com s1.chunboimg.com *.service.kugou.com lvs.lxdns.net *.wscdns.com *.walla-app.com *.bldimg.com *.5054399.com *.4399youpai.com *.3839app.com *.v.cdn20.com hls.vda.v.cdn20.com *.cntv.cdn20.com *.img4399.com s2.chunboimg.com *.cntv.lxdns.com *.ourdvsssvip.com *.v.wscdns.com 4399.cn

SHA256 Fingerprint
57e520eb8ee2a48043aa52c3fea652c2e67cfe2568d6212fa3375c36be2e9b8a

Validity Not Before
2024-11-06T00:00:00Z

Validity Not After
2025-11-16T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f21e690ea21ac0776cb3693f78b55c2b

HTTP Header MD5
3a3a1cd2f6026541fd05c157538e5951

HTTP Body MD5
4b395ae0b42ef9b499c08a2f511e3009

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 08:55:24 GMT
Content-Type: text/html
Content-Length: 2350
Connection: close
x-ws-request-id: 673ef57c_bd71_32329-2237

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta http-equiv="X-UA-Compatible" content="IE=edge">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>400 Bad Request</title>
		<style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>
	</head>
	<body>
		<div id="p" class="P">
			<div class="K">400</div>
			<div class="O I">Bad Request</div>
			<p class="J A L">Error Times: Thu, 21 Nov 2024 08:55:24 GMT
				<br>
				<span class="F">IP: <srcip></span>Node information: bd71
				<br>URL: 
				<br>Request-Id: 673ef57c_bd71_32329-2237
				<br>
				<br>Check:
				<span class="C G" onclick="s(0)">Details</span></p>
		</div>
		<div id="d" class="hide_me P H">
			<div class="K">ERROR</div>
			<p class="O I">"The Requested URL could not be retrieved</p>
			<div class="O">
				<div>While trying to retrieve the URL:</div>
				<pre class="B G"></pre></div>
			<div class="M">
				<span>The following error was encountered:</span>
				<ul class="E">
					<li class="D G">Invalid Request</li></ul>
			</div>
			<div class="M">
				<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>
				<ul class="E G">
					<li class="D">Missing or unknown request method</li>
					<li class="D">Missing URL</li>
					<li class="D">Missing HTTP Identifier (HTTP/1.0)</li>
					<li class="D">Request is too large</li>
					<li class="D">Content-Length missing for POST or PUT requests</li>
					<li class="D">Illegal character in hostname;underscores are not allowed</li>
					<li class="D">Range Invalid</li></ul>
			</div>
			<a class="N C" href="#" onclick="s(1)">return</a></div>
		<script type="text/javascript">function e(i) {
				return document.getElementById(i);
			}
			function d(i, t) {
				e(i).style.display = (t ? 'block': 'none');
			}
			function s(e) {
				d('p', e);
				d('d', !e);
			}</script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:55:24.000Z",
   "alternativeip" : [
      "138.113.149.152",
      "157.185.179.202",
      "163.171.129.134",
      "163.171.129.86",
      "163.171.131.248",
      "163.171.132.236",
      "163.171.135.63",
      "163.171.137.29",
      "163.171.161.11",
      "163.171.162.13",
      "174.35.118.62",
      "174.35.118.63",
      "222.246.138.50",
      "240e:968:1000:2:0:0:0:5d",
      "2a01:53c0:ff0a:0:0:0:0:43",
      "43.132.66.200",
      "43.132.66.242",
      "43.132.66.245",
      "43.132.66.251",
      "43.152.186.117",
      "43.152.186.235",
      "43.152.186.92"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "4b395ae0b42ef9b499c08a2f511e3009",
         "bodymmh3" : -152239760,
         "headermd5" : "3a3a1cd2f6026541fd05c157538e5951",
         "headermmh3" : 648692981,
         "title" : "400 Bad Request"
      },
      "length" : 2533
   },
   "asn" : "AS54994",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "CA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:55:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 2350\r\nConnection: close\r\nx-ws-request-id: 673ef57c_bd71_32329-2237\r\n\r\n<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<meta charset=\"utf-8\">\n\t\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t\t<title>400 Bad Request</title>\n\t\t<style type=\"text/css\">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style>\n\t</head>\n\t<body>\n\t\t<div id=\"p\" class=\"P\">\n\t\t\t<div class=\"K\">400</div>\n\t\t\t<div class=\"O I\">Bad Request</div>\n\t\t\t<p class=\"J A L\">Error Times: Thu, 21 Nov 2024 08:55:24 GMT\n\t\t\t\t<br>\n\t\t\t\t<span class=\"F\">IP: <srcip></span>Node information: bd71\n\t\t\t\t<br>URL: \n\t\t\t\t<br>Request-Id: 673ef57c_bd71_32329-2237\n\t\t\t\t<br>\n\t\t\t\t<br>Check:\n\t\t\t\t<span class=\"C G\" onclick=\"s(0)\">Details</span></p>\n\t\t</div>\n\t\t<div id=\"d\" class=\"hide_me P H\">\n\t\t\t<div class=\"K\">ERROR</div>\n\t\t\t<p class=\"O I\">\"The Requested URL could not be retrieved</p>\n\t\t\t<div class=\"O\">\n\t\t\t\t<div>While trying to retrieve the URL:</div>\n\t\t\t\t<pre class=\"B G\"></pre></div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>The following error was encountered:</span>\n\t\t\t\t<ul class=\"E\">\n\t\t\t\t\t<li class=\"D G\">Invalid Request</li></ul>\n\t\t\t</div>\n\t\t\t<div class=\"M\">\n\t\t\t\t<span>This request could not be forwarded to the origin server or to any higher level cache servers. The most likely cause for this error is that:</span>\n\t\t\t\t<ul class=\"E G\">\n\t\t\t\t\t<li class=\"D\">Missing or unknown request method</li>\n\t\t\t\t\t<li class=\"D\">Missing URL</li>\n\t\t\t\t\t<li class=\"D\">Missing HTTP Identifier (HTTP/1.0)</li>\n\t\t\t\t\t<li class=\"D\">Request is too large</li>\n\t\t\t\t\t<li class=\"D\">Content-Length missing for POST or PUT requests</li>\n\t\t\t\t\t<li class=\"D\">Illegal character in hostname;underscores are not allowed</li>\n\t\t\t\t\t<li class=\"D\">Range Invalid</li></ul>\n\t\t\t</div>\n\t\t\t<a class=\"N C\" href=\"#\" onclick=\"s(1)\">return</a></div>\n\t\t<script type=\"text/javascript\">function e(i) {\n\t\t\t\treturn document.getElementById(i);\n\t\t\t}\n\t\t\tfunction d(i, t) {\n\t\t\t\te(i).style.display = (t ? 'block': 'none');\n\t\t\t}\n\t\t\tfunction s(e) {\n\t\t\t\td('p', e);\n\t\t\t\td('d', !e);\n\t\t\t}</script>\n\t</body>\n</html>",
   "datamd5" : "f21e690ea21ac0776cb3693f78b55c2b",
   "datammh3" : 1876652350,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "3304399.net",
      "3839.com",
      "3839app.com",
      "4399.cn",
      "4399.com",
      "4399pk.com",
      "4399youpai.com",
      "5054399.com",
      "bldimg.com",
      "blued.com",
      "cdn20.com",
      "chinanetcenter.com",
      "chunboimg.com",
      "dianping.com",
      "dpfile.com",
      "heesay.com",
      "i3839.com",
      "img4399.com",
      "ip138.com",
      "kugou.com",
      "lof3.xyz",
      "lxdns.com",
      "lxdns.net",
      "meituan.net",
      "ourdvsss.com",
      "ourdvsssvip.com",
      "ourhttps.com",
      "rax0mai4.xyz",
      "walla-app.com",
      "wscdns.com",
      "wsfdn.com",
      "wslivehls.com",
      "ziroom.com",
      "zservey.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "089239ef2c407c178523e0d3bbe19774",
      "sha1" : "6bd364c1d2ad157d479f9b8a3b90a3ceca3112f2",
      "sha256" : "57e520eb8ee2a48043aa52c3fea652c2e67cfe2568d6212fa3375c36be2e9b8a"
   },
   "geolocus" : {
      "asn" : "AS54994",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "SE",
      "countryname" : "Sweden",
      "isineu" : "true",
      "latitude" : "60.128161",
      "location" : "60.128161,18.643501",
      "longitude" : "18.643501",
      "netname" : "FUJITSU-SE",
      "organization" : "Fujitsu Sweden AB",
      "subnet" : "140.150.0.0/19"
   },
   "host" : [
      "default",
      "hls",
      "jssdk",
      "lvs",
      "m",
      "maangh2",
      "nitrome",
      "s0",
      "s1",
      "s2",
      "s3",
      "sstatic",
      "www"
   ],
   "hostname" : [
      "4399.cn",
      "default.chinanetcenter.com",
      "hls.vda.v.cdn20.com",
      "ip138.com",
      "jssdk.3304399.net",
      "lvs.lxdns.net",
      "m.bbs.3839.com",
      "maangh2.chinanetcenter.com",
      "nitrome.com.4399.com",
      "s0.chunboimg.com",
      "s1.chunboimg.com",
      "s2.chunboimg.com",
      "s3.chunboimg.com",
      "sstatic.chunboimg.com",
      "www.miniclip.com.4399pk.com"
   ],
   "ip" : "140.150.6.198",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "DigiCert Basic RSA CN CA G2",
      "country" : "US",
      "organization" : "DigiCert Inc"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "43.6319",
   "location" : "43.6319,-79.3716",
   "longitude" : "-79.3716",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ML-1432-54994",
   "port" : 10001,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "serial" : "0f:05:44:d9:df:f2:0a:e1:b4:a1:c1:2f:09:82:2a:8c",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "bbs.3839.com",
      "cntv.cdn20.com",
      "cntv.lxdns.com",
      "com.4399.com",
      "com.4399pk.com",
      "miniclip.com.4399pk.com",
      "service.kugou.com",
      "v.cdn20.com",
      "v.wscdns.com",
      "vda.v.cdn20.com"
   ],
   "subject" : {
      "altname" : [
         "default.chinanetcenter.com",
         "*.dianping.com",
         "*.dpfile.com",
         "*.meituan.net",
         "*.zservey.net",
         "*.wslivehls.com",
         "*.ourhttps.com",
         "*.wsfdn.com",
         "*.heesay.com",
         "*.i3839.com",
         "*.ourdvsss.com",
         "*.ziroom.com",
         "*.blued.com",
         "sstatic.chunboimg.com",
         "*.ip138.com",
         "m.bbs.3839.com",
         "nitrome.com.4399.com",
         "s3.chunboimg.com",
         "jssdk.3304399.net",
         "*.lof3.xyz",
         "*.rax0mai4.xyz",
         "*.4399.cn",
         "s0.chunboimg.com",
         "*.3839.com",
         "www.miniclip.com.4399pk.com",
         "ip138.com",
         "maangh2.chinanetcenter.com",
         "*.4399.com",
         "s1.chunboimg.com",
         "*.service.kugou.com",
         "lvs.lxdns.net",
         "*.wscdns.com",
         "*.walla-app.com",
         "*.bldimg.com",
         "*.5054399.com",
         "*.4399youpai.com",
         "*.3839app.com",
         "*.v.cdn20.com",
         "hls.vda.v.cdn20.com",
         "*.cntv.cdn20.com",
         "*.img4399.com",
         "s2.chunboimg.com",
         "*.cntv.lxdns.com",
         "*.ourdvsssvip.com",
         "*.v.wscdns.com",
         "4399.cn"
      ],
      "city" : "\u53a6\u95e8\u5e02",
      "commonname" : "default.chinanetcenter.com",
      "country" : "CN",
      "organization" : "\u7f51\u5bbf\u79d1\u6280\u80a1\u4efd\u6709\u9650\u516c\u53f8\u53a6\u95e8\u5206\u516c\u53f8"
   },
   "subnet" : "140.150.4.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "cn",
      "com",
      "net",
      "xyz"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-11-16T23:59:59Z",
      "notbefore" : "2024-11-06T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
45.223.236.175

Alternative IP(s)
107.154.105.175 107.154.106.175 107.154.115.175 45.60.109.225 45.60.73.225

Network
45.223.236.0/23

Domain(s)
imperva.com totalcal.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS19551

Organization
INCAPSULA

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
GlobalSign Atlas R3 DV TLS CA 2024 Q4

Issuer Organization
GlobalSign nv-sa

Subject Common Name
imperva.com

Subject Alt Name
www.totalcal.com totalcal.com imperva.com

SHA256 Fingerprint
53dbb4a044d58c15fa9e77571abd488db2ce6e37f1a27c4c121f68be57f66b3d

Validity Not Before
2024-10-16T00:30:00Z

Validity Not After
2025-04-14T00:30:00Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
df8d9a18a65e1013cdbb1ceefb19e5a3

HTTP Header MD5
b0e7c720e73978c9766ca1ad11eae396

HTTP Body MD5
2f6852526c25bf0eb0c08039e4cb59cf

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
Content-Length: 701
X-Iinfo: 4-86844773-0 0NNN RT(1732179295463 874) q(-1 -1 -1 -1) r(0 -1) b1

<html style="height:100%"><head><META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"><meta name="format-detection" content="telephone=no"><meta name="viewport" content="initial-scale=1.0"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"></head><body style="margin:0px;height:100%"><iframe id="main-iframe" src="/_Incapsula_Resource?CWUDNSAI=24&xinfo=4-86844773-0%200NNN%20RT%281732179295463%20874%29%20q%28-1%20-1%20-1%20-1%29%20r%280%20-1%29%20b1&incident_id=0-456497204772471492&edet=3&cinfo=ffffffff&pe=544&rpinfo=0&mth=NA" frameborder=0 width="100%" height="100%" marginheight="0px" marginwidth="0px">Request unsuccessful. Incapsula incident ID: 0-456497204772471492</iframe></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:54:57.000Z",
   "alternativeip" : [
      "107.154.105.175",
      "107.154.106.175",
      "107.154.115.175",
      "45.60.109.225",
      "45.60.73.225"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "2f6852526c25bf0eb0c08039e4cb59cf",
         "bodymmh3" : -962237128,
         "headermd5" : "b0e7c720e73978c9766ca1ad11eae396",
         "headermmh3" : 498042166
      },
      "length" : 905
   },
   "asn" : "AS19551",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html\r\nCache-Control: no-cache, no-store\r\nConnection: close\r\nContent-Length: 701\r\nX-Iinfo: 4-86844773-0 0NNN RT(1732179295463 874) q(-1 -1 -1 -1) r(0 -1) b1\r\n\r\n<html style=\"height:100%\"><head><META NAME=\"ROBOTS\" CONTENT=\"NOINDEX, NOFOLLOW\"><meta name=\"format-detection\" content=\"telephone=no\"><meta name=\"viewport\" content=\"initial-scale=1.0\"><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\"></head><body style=\"margin:0px;height:100%\"><iframe id=\"main-iframe\" src=\"/_Incapsula_Resource?CWUDNSAI=24&xinfo=4-86844773-0%200NNN%20RT%281732179295463%20874%29%20q%28-1%20-1%20-1%20-1%29%20r%280%20-1%29%20b1&incident_id=0-456497204772471492&edet=3&cinfo=ffffffff&pe=544&rpinfo=0&mth=NA\" frameborder=0 width=\"100%\" height=\"100%\" marginheight=\"0px\" marginwidth=\"0px\">Request unsuccessful. Incapsula incident ID: 0-456497204772471492</iframe></body></html>",
   "datamd5" : "df8d9a18a65e1013cdbb1ceefb19e5a3",
   "datammh3" : 1760618911,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "imperva.com",
      "totalcal.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "917898b46fdfbab56499f9f2787cbd8c",
      "sha1" : "407ab0bba4042321de6374d78d25c95ebb97fe59",
      "sha256" : "53dbb4a044d58c15fa9e77571abd488db2ce6e37f1a27c4c121f68be57f66b3d"
   },
   "geolocus" : {
      "asn" : "AS19551",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "imperva.com",
         "incapsula.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "INCAPSULA-NET",
      "organization" : "Incapsula Inc",
      "subnet" : "45.223.236.174/31"
   },
   "host" : [
      "www"
   ],
   "hostname" : [
      "imperva.com",
      "totalcal.com",
      "www.totalcal.com"
   ],
   "ip" : "45.223.236.175",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "GlobalSign Atlas R3 DV TLS CA 2024 Q4",
      "country" : "BE",
      "organization" : "GlobalSign nv-sa"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "INCAPSULA",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 10001,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "serial" : "01:cd:4c:cb:95:39:6d:3c:b3:9f:49:c0:6b:43:bd:ec",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subject" : {
      "altname" : [
         "www.totalcal.com",
         "totalcal.com",
         "imperva.com"
      ],
      "commonname" : "imperva.com"
   },
   "subnet" : "45.223.236.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-04-14T00:30:00Z",
      "notbefore" : "2024-10-16T00:30:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
52.142.200.150

Network
52.136.0.0/13

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Microsoft Azure RSA TLS Issuing CA 03

Issuer Organization
Microsoft Corporation

Subject Organization
Microsoft Corporation

Subject Common Name
wavnet.prod.cloudapp.net

Subject Alt Name
wavnet.prod.cloudapp.net

SHA256 Fingerprint
30c4b136f4803299212756e8d0d7a9a5dc51440c596aecacb6dfaa6b4e74cc32

Validity Not Before
2024-08-27T10:06:01Z

Validity Not After
2025-08-22T10:06:01Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 08:54:56 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:54:57.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 1211113311,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Amsterdam",
   "country" : "NL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 08:54:56 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "clientAuth",
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "287853abc607e01d3e166e245e3f58a7",
      "sha1" : "fb7bf3b383965183907de99fad3b7af9da675c6c",
      "sha256" : "30c4b136f4803299212756e8d0d7a9a5dc51440c596aecacb6dfaa6b4e74cc32"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "52.142.192.0/18"
   },
   "host" : [
      "wavnet"
   ],
   "hostname" : [
      "wavnet.prod.cloudapp.net"
   ],
   "ip" : "52.142.200.150",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Microsoft Azure RSA TLS Issuing CA 03",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "52.3759",
   "location" : "52.3759,4.8975",
   "longitude" : "4.8975",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 10001,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "serial" : "33:00:a0:61:64:c7:14:16:f4:57:fa:a6:57:00:00:00:a0:61:64",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "prod.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "wavnet.prod.cloudapp.net"
      ],
      "city" : "Redmond",
      "commonname" : "wavnet.prod.cloudapp.net",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "subnet" : "52.136.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-08-22T10:06:01Z",
      "notbefore" : "2024-08-27T10:06:01Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
72.144.85.153

Network
72.144.0.0/14

Domain(s)
cloudapp.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http Cert not expired http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Microsoft Azure RSA TLS Issuing CA 08

Issuer Organization
Microsoft Corporation

Subject Organization
Microsoft Corporation

Subject Common Name
wavnet.prod.cloudapp.net

Subject Alt Name
wavnet.prod.cloudapp.net

SHA256 Fingerprint
a2ed3063444dd7d64fa159b6fd5743d8366bbaaf9ad04519ef442a589aabfc2b

Validity Not Before
2024-11-20T13:25:41Z

Validity Not After
2025-05-19T13:25:41Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 21 Nov 2024 08:54:31 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:54:32.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : -459708548,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS8075",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 21 Nov 2024 08:54:31 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cloudapp.net"
   ],
   "extkeyusage" : [
      "clientAuth",
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "63f031765a6bf39ff79a5b6993fc1d77",
      "sha1" : "cb405893012ef16a7238d1c1bc19fa16365ef88c",
      "sha256" : "a2ed3063444dd7d64fa159b6fd5743d8366bbaaf9ad04519ef442a589aabfc2b"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "BLS-72-144-0-0-1003020946",
      "organization" : "Microsoft Corporation",
      "subnet" : "72.144.0.0/14"
   },
   "host" : [
      "wavnet"
   ],
   "hostname" : [
      "wavnet.prod.cloudapp.net"
   ],
   "ip" : "72.144.85.153",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Microsoft Azure RSA TLS Issuing CA 08",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 10001,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "serial" : "33:00:d6:89:57:52:cb:9d:95:d9:6c:a5:71:00:00:00:d6:89:57",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "prod.cloudapp.net"
   ],
   "subject" : {
      "altname" : [
         "wavnet.prod.cloudapp.net"
      ],
      "city" : "Redmond",
      "commonname" : "wavnet.prod.cloudapp.net",
      "country" : "US",
      "organization" : "Microsoft Corporation"
   },
   "subnet" : "72.144.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-05-19T13:25:41Z",
      "notbefore" : "2024-11-20T13:25:41Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

Returning 10 result(s) out of 864,158 in 0.330 second(s)

20.162.59.133:10001 (tcp/http/tls) - last seen on 2024-11-21 at 09:00:09 UTC

13.69.216.163:10001 (tcp/http/tls) - last seen on 2024-11-21 at 09:00:08 UTC

113.201.242.25:10001 (tcp/http/tls) - last seen on 2024-11-21 at 08:59:28 UTC

20.33.46.25:10001 (tcp/http/tls) - last seen on 2024-11-21 at 08:59:27 UTC

52.189.236.144:10001 (tcp/http/tls) - last seen on 2024-11-21 at 08:59:27 UTC

20.92.161.198:10001 (tcp/http/tls) - last seen on 2024-11-21 at 08:55:25 UTC

140.150.6.198:10001 (tcp/http/tls) - last seen on 2024-11-21 at 08:55:24 UTC

45.223.236.175:10001 (tcp/http/tls) - last seen on 2024-11-21 at 08:54:57 UTC

52.142.200.150:10001 (tcp/http/tls) - last seen on 2024-11-21 at 08:54:57 UTC

72.144.85.153:10001 (tcp/http/tls) - last seen on 2024-11-21 at 08:54:32 UTC