Cyber Defense Search Engine

IP
217.159.169.184

Network
217.159.128.0/17

Domain(s)
estpak.ee

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

Reverse DNS
184-169-159-217.sta.estpak.ee

ASN
AS3249

Organization
Telia Eesti AS

Protocol
mysql

Source
datascan
Operating System
Microsoft Windows

Product
MariaDB MariaDB 5.5.30

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
08543331415cc1a16dba57d183bcc9b2

R\x00\x00\x00
5.5.30-MariaDB\x00[\x06\x00\x00%@QWA|qB\x00\xff\xf7\x08\x02\x00\x0f\xa0\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x006&[yqHRFFkgG\x00mysql_native_password\x00!\x00\x00\x01\xff\x84\x04#08S01Got packets out of order

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:17:21.000Z",
   "app" : {
      "length" : 123
   },
   "asn" : "AS3249",
   "city" : "Narva",
   "country" : "EE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "R\\x00\\x00\\x00\n5.5.30-MariaDB\\x00[\\x06\\x00\\x00%@QWA|qB\\x00\\xff\\xf7\\x08\\x02\\x00\\x0f\\xa0\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x006&[yqHRFFkgG\\x00mysql_native_password\\x00!\\x00\\x00\\x01\\xff\\x84\\x04#08S01Got packets out of order",
   "datamd5" : "08543331415cc1a16dba57d183bcc9b2",
   "datammh3" : 483904314,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "estpak.ee"
   ],
   "geolocus" : {
      "asn" : "AS3249",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "EE",
      "countryname" : "Estonia",
      "domain" : [
         "estpak.ee",
         "telia.ee"
      ],
      "isineu" : "true",
      "latitude" : "58.595272",
      "location" : "58.595272,25.013607",
      "longitude" : "25.013607",
      "netname" : "EE-ESTPAK",
      "organization" : "EE-ESTPAK-217-159-128-0-17",
      "subnet" : "217.159.169.0/24"
   },
   "host" : [
      "184-169-159-217"
   ],
   "hostname" : [
      "184-169-159-217.sta.estpak.ee"
   ],
   "ip" : "217.159.169.184",
   "ipv6" : "false",
   "latitude" : "59.3755",
   "location" : "59.3755,28.2032",
   "longitude" : "28.2032",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Telia Eesti AS",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3411,
   "product" : "MariaDB",
   "productvendor" : "MariaDB",
   "productversion" : "5.5.30",
   "protocol" : "mysql",
   "reverse" : [
      "184-169-159-217.sta.estpak.ee"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subdomains" : [
      "sta.estpak.ee"
   ],
   "subnet" : "217.159.128.0/17",
   "tld" : [
      "ee"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
217.159.135.28

Network
217.159.128.0/17

Domain(s)
estpak.ee

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

HTTP Title
400 Bad Request

Reverse DNS
28-135-159-217.dyn.estpak.ee

ASN
AS3249

Organization
Telia Eesti AS

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
79d068ddf45b5609a5b2772a7d459499

HTTP Header MD5
ba0a31d70458e7cacc2bc5fbff25087b

HTTP Body MD5
11ad19916878f7393518778d55fc05bf

HTTP/1.0 400 Bad Request
Content-Type: text/html
Content-Length: 345
Connection: close
Date: Sat, 09 Nov 2024 00:58:02 GMT
Server: LHS

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
         "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
  <title>400 Bad Request</title>
 </head>
 <body>
  <h1>400 Bad Request</h1>
 </body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-09T00:58:03.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "11ad19916878f7393518778d55fc05bf",
         "bodymmh3" : 522603301,
         "headermd5" : "ba0a31d70458e7cacc2bc5fbff25087b",
         "headermmh3" : -993662961,
         "title" : "400 Bad Request"
      },
      "length" : 488
   },
   "asn" : "AS3249",
   "city" : "P\u00e4rnu",
   "country" : "EE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 400 Bad Request\r\nContent-Type: text/html\r\nContent-Length: 345\r\nConnection: close\r\nDate: Sat, 09 Nov 2024 00:58:02 GMT\r\nServer: LHS\r\n\r\n<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n         \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n <head>\n  <title>400 Bad Request</title>\n </head>\n <body>\n  <h1>400 Bad Request</h1>\n </body>\n</html>\n",
   "datamd5" : "79d068ddf45b5609a5b2772a7d459499",
   "datammh3" : 1720144829,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "estpak.ee"
   ],
   "geolocus" : {
      "asn" : "AS3249",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "EE",
      "countryname" : "Estonia",
      "domain" : [
         "estpak.ee",
         "telia.ee"
      ],
      "isineu" : "true",
      "latitude" : "58.595272",
      "location" : "58.595272,25.013607",
      "longitude" : "25.013607",
      "netname" : "EE-ESTPAK",
      "organization" : "EE-ESTPAK-217-159-128-0-17",
      "subnet" : "217.159.128.0/18"
   },
   "host" : [
      "28-135-159-217"
   ],
   "hostname" : [
      "28-135-159-217.dyn.estpak.ee"
   ],
   "ip" : "217.159.135.28",
   "ipv6" : "false",
   "latitude" : "58.3891",
   "location" : "58.3891,24.4983",
   "longitude" : "24.4983",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Telia Eesti AS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3411,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Bad Request",
   "reverse" : [
      "28-135-159-217.dyn.estpak.ee"
   ],
   "seen_date" : "2024-11-09",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "dyn.estpak.ee"
   ],
   "subnet" : "217.159.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ee"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
80.235.42.239

Network
80.235.0.0/17

Domain(s)
estpak.ee

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

Reverse DNS
239-42-235-80.sta.estpak.ee

ASN
AS3249

Organization
Telia Eesti AS

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 05 Nov 2024 21:30:53 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T21:30:53.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 204043720,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS3249",
   "city" : "Tallinn",
   "country" : "EE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Tue, 05 Nov 2024 21:30:53 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "estpak.ee"
   ],
   "geolocus" : {
      "asn" : "AS3249",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "EE",
      "countryname" : "Estonia",
      "domain" : [
         "estpak.ee",
         "telia.ee"
      ],
      "isineu" : "true",
      "latitude" : "58.595272",
      "location" : "58.595272,25.013607",
      "longitude" : "25.013607",
      "netname" : "EE-ESTPAK",
      "organization" : "EE-ESTPAK-80-235-0-0-17",
      "subnet" : "80.235.0.0/17"
   },
   "host" : [
      "239-42-235-80"
   ],
   "hostname" : [
      "239-42-235-80.sta.estpak.ee"
   ],
   "ip" : "80.235.42.239",
   "ipv6" : "false",
   "latitude" : "59.4381",
   "location" : "59.4381,24.7369",
   "longitude" : "24.7369",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Telia Eesti AS",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3411,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "239-42-235-80.sta.estpak.ee"
   ],
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "sta.estpak.ee"
   ],
   "subnet" : "80.235.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ee"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
80.235.42.239

Network
80.235.0.0/17

Domain(s)
estpak.ee

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

Reverse DNS
239-42-235-80.sta.estpak.ee

ASN
AS3249

Organization
Telia Eesti AS

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab7ec59c257a6ef4d994483c583b818c

HTTP Header MD5
5f8987fc4ee9770a3292cd04557b2dbf

HTTP Body MD5
779df2c90c98bc5e3cb4127ecf04909e

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 25 Oct 2024 00:15:50 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-25T00:15:51.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "779df2c90c98bc5e3cb4127ecf04909e",
         "bodymmh3" : -640633908,
         "headermd5" : "5f8987fc4ee9770a3292cd04557b2dbf",
         "headermmh3" : 4978034,
         "title" : "Bad Request"
      },
      "length" : 505
   },
   "asn" : "AS3249",
   "city" : "Tallinn",
   "country" : "EE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Fri, 25 Oct 2024 00:15:50 GMT\r\nConnection: close\r\nContent-Length: 326\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Verb</h2>\r\n<hr><p>HTTP Error 400. The request verb is invalid.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "ab7ec59c257a6ef4d994483c583b818c",
   "datammh3" : 1596030123,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "estpak.ee"
   ],
   "geolocus" : {
      "asn" : "AS3249",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "EE",
      "countryname" : "Estonia",
      "domain" : [
         "estpak.ee",
         "telia.ee"
      ],
      "isineu" : "true",
      "latitude" : "58.595272",
      "location" : "58.595272,25.013607",
      "longitude" : "25.013607",
      "netname" : "EE-ESTPAK",
      "organization" : "EE-ESTPAK-80-235-0-0-17",
      "subnet" : "80.235.0.0/17"
   },
   "host" : [
      "239-42-235-80"
   ],
   "hostname" : [
      "239-42-235-80.sta.estpak.ee"
   ],
   "ip" : "80.235.42.239",
   "ipv6" : "false",
   "latitude" : "59.4381",
   "location" : "59.4381,24.7369",
   "longitude" : "24.7369",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Telia Eesti AS",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3411,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "239-42-235-80.sta.estpak.ee"
   ],
   "seen_date" : "2024-10-25",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "sta.estpak.ee"
   ],
   "subnet" : "80.235.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ee"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

Returning 4 result(s) out of 4 in 0.047 second(s)

217.159.169.184:3411 (tcp/mysql) - last seen on 2024-11-21 at 08:17:21 UTC

217.159.135.28:3411 (tcp/http) - last seen on 2024-11-09 at 00:58:03 UTC

80.235.42.239:3411 (tcp/http) - last seen on 2024-11-05 at 21:30:53 UTC

80.235.42.239:3411 (tcp/http) - last seen on 2024-10-25 at 00:15:51 UTC