Cyber Defense Search Engine

IP
193.19.149.194

Network
193.19.148.0/22

Domain(s)
193-avatel.es

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://193.19.149.194:1222/ 302

Reverse DNS
194.149.19.193-avatel.es

ASN
AS200845

Organization
Avatel Telecom, SA

Protocol
http

Source
datascan
Operating System
Microsoft Windows

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
161e4771579ab4c4f0831f46945fc603

HTTP Header MD5
e81dc45b491638f91c4409a389341855

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.0 302 Redirection
Server: BlueServer/5.5.8.2
Date: Thu, 07 Nov 2024 05:32:24 GMT
P3P: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
Access-Control-Allow-Origin: *
Set-Cookie: session=05c31d7f105c5fe708025678671a6c9b; path=/
Connection: close
Location: /login.htm?page=%2F
Content-Length: 0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:32:21.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "5.5.8.2"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "e81dc45b491638f91c4409a389341855",
         "headermmh3" : -504964175
      },
      "length" : 314
   },
   "asn" : "AS200845",
   "country" : "ES",
   "data" : "HTTP/1.0 302 Redirection\r\nServer: BlueServer/5.5.8.2\r\nDate: Thu, 07 Nov 2024 05:32:24 GMT\r\nP3P: CP=\"CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE\"\r\nAccess-Control-Allow-Origin: *\r\nSet-Cookie: session=05c31d7f105c5fe708025678671a6c9b; path=/\r\nConnection: close\r\nLocation: /login.htm?page=%2F\r\nContent-Length: 0\r\n\r\n",
   "datamd5" : "161e4771579ab4c4f0831f46945fc603",
   "datammh3" : -223911550,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "193-avatel.es"
   ],
   "geolocus" : {
      "asn" : "AS200845",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "ES",
      "countryname" : "Spain",
      "domain" : [
         "avatel.es"
      ],
      "isineu" : "true",
      "latitude" : "40.463667",
      "location" : "40.463667,-3.74922",
      "longitude" : "-3.74922",
      "netname" : "ES-AVATELTELECOM-20180425",
      "organization" : "AVATEL TELECOM, SA",
      "subnet" : "193.19.148.0/22"
   },
   "host" : [
      194
   ],
   "hostname" : [
      "194.149.19.193-avatel.es"
   ],
   "ip" : "193.19.149.194",
   "ipv6" : "false",
   "latitude" : "40.4172",
   "location" : "40.4172,-3.6840",
   "longitude" : "-3.6840",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Avatel Telecom, SA",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 1222,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Redirection",
   "reverse" : [
      "194.149.19.193-avatel.es"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "149.19.193-avatel.es",
      "19.193-avatel.es"
   ],
   "subnet" : "193.19.148.0/22",
   "tld" : [
      "es"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
47.253.154.23

Network
47.253.128.0/17

Device

<enterprise field>: device.class

URL

http://47.253.154.23:1222/ 301

ASN
AS45102

Organization
Alibaba US Technology Co., Ltd.

Protocol
http

Source
datascan
Product
Apache HTTP Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
433fd4199a3d308ad34b27bca550fea1

HTTP Header MD5
1596025e1d1eb4b7aaf8a70fe8f5fcfb

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 301 Moved Permanently
Location: /admin/login.html
Content-Type: text/html; charset=UTF-8
Server: Apache
Content-Length: 0
Set-Cookie: idA2010=1b25cc5e; max-age=2592000;
Connection: keep-alive

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:31:47.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "headermd5" : "1596025e1d1eb4b7aaf8a70fe8f5fcfb",
         "headermmh3" : 1728086632
      },
      "length" : 210
   },
   "asn" : "AS45102",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nLocation: /admin/login.html\r\nContent-Type: text/html; charset=UTF-8\r\nServer: Apache\r\nContent-Length: 0\r\nSet-Cookie: idA2010=1b25cc5e; max-age=2592000;\r\nConnection: keep-alive\r\n\r\n",
   "datamd5" : "433fd4199a3d308ad34b27bca550fea1",
   "datammh3" : -1934269793,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS45102",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "alibaba-inc.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ALICLOUD-US",
      "organization" : "Alibaba Cloud LLC",
      "subnet" : "47.253.128.0/17"
   },
   "ip" : "47.253.154.23",
   "ipv6" : "false",
   "latitude" : "38.6583",
   "location" : "38.6583,-77.2481",
   "longitude" : "-77.2481",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Alibaba US Technology Co., Ltd.",
   "port" : 1222,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 301,
   "subnet" : "47.253.128.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
158.179.164.92

Network
158.179.160.0/19

Device

<enterprise field>: device.class

URL

http://158.179.164.92:1222/ 307

ASN
AS31898

Organization
ORACLE-BMC-31898

Protocol
http

Source
urlscan::redirect

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
aa80dd02b9ef1491939e724fb3bad221

HTTP Header MD5
c3dc1c6e68b0572d7d0c0afc05ba8b0e

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/0.0 307 Temporary Redirect
Location: https://<ip>:1222/
Content-Length: 0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:24:03.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "c3dc1c6e68b0572d7d0c0afc05ba8b0e",
         "headermmh3" : 1707144410
      },
      "length" : 84
   },
   "asn" : "AS31898",
   "city" : "Chuncheon",
   "country" : "KR",
   "data" : "HTTP/0.0 307 Temporary Redirect\r\nLocation: https://<ip>:1222/\r\nContent-Length: 0\r\n\r\n",
   "datamd5" : "aa80dd02b9ef1491939e724fb3bad221",
   "datammh3" : 2065578779,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "158.179.164.92",
   "hostname" : [
      "158.179.164.92"
   ],
   "ip" : "158.179.164.92",
   "ipv6" : "false",
   "latitude" : "37.8897",
   "location" : "37.8897,127.7360",
   "longitude" : "127.7360",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ORACLE-BMC-31898",
   "port" : 1222,
   "protocol" : "http",
   "protocolversion" : "0.0",
   "reason" : "Temporary Redirect",
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 307,
   "subnet" : "158.179.160.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
101.2.165.61

Network
101.2.160.0/21

Device

<enterprise field>: device.class

URL

http://101.2.165.61:1222/LIVE/f?p=4550:1:11009809962737::::: 302

ASN
AS38592

Organization
Chittagong Online Limited AS38592 AP

Protocol
http

Source
urlscan::redirect

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5117e9af287cea0cb351dc134e983a36

HTTP Header MD5
e15c2c92bd9a253c49ae55c023635704

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Connection: close
Content-Type: text/html;charset=utf-8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Cache-Control: no-store
Pragma: no-cache
Expires: Sun, 27 Jul 1997 13:00:00 GMT
Set-Cookie: ORA_WWV_USER_697862362083645=ORA_WWV-kZIJ5iQaSMm7YY99MAVmJl6S; path=/LIVE/; HttpOnly
Location: http://<ip>:1222/LIVE/f?p=4550:1:11355730318127:::::

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:10:39.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "headermd5" : "e15c2c92bd9a253c49ae55c023635704",
         "headermmh3" : 1414798188
      },
      "length" : 423
   },
   "asn" : "AS38592",
   "city" : "Chittagong",
   "country" : "BD",
   "data" : "HTTP/1.1 302 Found\r\nConnection: close\r\nContent-Type: text/html;charset=utf-8\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nReferrer-Policy: strict-origin\r\nCache-Control: no-store\r\nPragma: no-cache\r\nExpires: Sun, 27 Jul 1997 13:00:00 GMT\r\nSet-Cookie: ORA_WWV_USER_697862362083645=ORA_WWV-kZIJ5iQaSMm7YY99MAVmJl6S; path=/LIVE/; HttpOnly\r\nLocation: http://<ip>:1222/LIVE/f?p=4550:1:11355730318127:::::\r\n\r\n",
   "datamd5" : "5117e9af287cea0cb351dc134e983a36",
   "datammh3" : 1972015303,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "101.2.165.61",
   "geolocus" : {
      "asn" : "AS38592",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "BD",
      "countryname" : "Bangladesh",
      "domain" : [
         "colbd.com"
      ],
      "isineu" : "false",
      "latitude" : "23.684994",
      "location" : "23.684994,90.356331",
      "longitude" : "90.356331",
      "netname" : "CTGONLINENET",
      "organization" : "Chittagong Online Limited.",
      "subnet" : "101.2.160.0/21"
   },
   "hostname" : [
      "101.2.165.61"
   ],
   "ip" : "101.2.165.61",
   "ipv6" : "false",
   "latitude" : "22.3468",
   "location" : "22.3468,91.8300",
   "longitude" : "91.8300",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Chittagong Online Limited AS38592 AP",
   "port" : 1222,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 302,
   "subnet" : "101.2.160.0/21",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/LIVE/f?p=4550:1:11009809962737:::::"
}

IP
202.155.214.62

Network
202.155.192.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://202.155.214.62:1222/ 302

ASN
AS9381

Organization
HKBN Enterprise Solutions HK Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.26.1

HTTP Component(s)
Oracle Java

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
36b9d40938c0f277387b44a4e7cbb063

HTTP Header MD5
1ee6e4a607947b43f426db21bb72d291

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: nginx/1.26.1
Date: Thu, 07 Nov 2024 05:08:39 GMT
Content-Length: 0
Connection: close
Set-Cookie: route=9875dbff14c902498bca7976459006b7; Path=/
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=3FC7F3EACC50A109E00D5F6AF758C530; Path=/; HttpOnly
Location: https://sso.yitaigroup.com/idp/oauth2/authorize?redirect_uri=http://oa.yitaigroup.com&state=login&client_id=oa&response_type=code

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:08:39.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "yitaigroup.com"
         ],
         "hostname" : [
            "sso.yitaigroup.com"
         ],
         "url" : [
            "https://sso.yitaigroup.com/idp/oauth2/authorize?redirect_uri=http://oa.yitaigroup.com&state=login&client_id=oa&response_type=code"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            }
         ],
         "headermd5" : "1ee6e4a607947b43f426db21bb72d291",
         "headermmh3" : 1099956452
      },
      "length" : 427
   },
   "asn" : "AS9381",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.26.1\r\nDate: Thu, 07 Nov 2024 05:08:39 GMT\r\nContent-Length: 0\r\nConnection: close\r\nSet-Cookie: route=9875dbff14c902498bca7976459006b7; Path=/\r\nAccess-Control-Allow-Origin: *\r\nSet-Cookie: JSESSIONID=3FC7F3EACC50A109E00D5F6AF758C530; Path=/; HttpOnly\r\nLocation: https://sso.yitaigroup.com/idp/oauth2/authorize?redirect_uri=http://oa.yitaigroup.com&state=login&client_id=oa&response_type=code\r\n\r\n",
   "datamd5" : "36b9d40938c0f277387b44a4e7cbb063",
   "datammh3" : -1449086325,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9381",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "hkbn.com.hk"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "HKBNES-HK",
      "organization" : "HKBN Enterprise Solutions HK Limited",
      "subnet" : "202.155.192.0/18"
   },
   "ip" : "202.155.214.62",
   "ipv6" : "false",
   "latitude" : "22.2908",
   "location" : "22.2908,114.1501",
   "longitude" : "114.1501",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "HKBN Enterprise Solutions HK Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1222,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.26.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "202.155.192.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
202.155.214.62

Network
202.155.192.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://202.155.214.62:1222/ 302

ASN
AS9381

Organization
HKBN Enterprise Solutions HK Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.26.1

HTTP Component(s)
Oracle Java

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3e7d988a8a9d56d9949e6d435271d253

HTTP Header MD5
a25a1c399dd19d78acddccc59cfe8f23

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: nginx/1.26.1
Date: Thu, 07 Nov 2024 05:03:41 GMT
Content-Length: 0
Connection: close
Set-Cookie: route=e46ea1b550f0781affbea7f78b698dd3; Path=/
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=C4A40AE6BF8A21397B8248683DE39E21; Path=/; HttpOnly
Location: https://sso.yitaigroup.com/idp/oauth2/authorize?redirect_uri=http://oa.yitaigroup.com&state=login&client_id=oa&response_type=code

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:03:41.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "yitaigroup.com"
         ],
         "hostname" : [
            "sso.yitaigroup.com"
         ],
         "url" : [
            "https://sso.yitaigroup.com/idp/oauth2/authorize?redirect_uri=http://oa.yitaigroup.com&state=login&client_id=oa&response_type=code"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "product" : "Java",
               "productvendor" : "Oracle"
            }
         ],
         "headermd5" : "a25a1c399dd19d78acddccc59cfe8f23",
         "headermmh3" : -869968908
      },
      "length" : 427
   },
   "asn" : "AS9381",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.26.1\r\nDate: Thu, 07 Nov 2024 05:03:41 GMT\r\nContent-Length: 0\r\nConnection: close\r\nSet-Cookie: route=e46ea1b550f0781affbea7f78b698dd3; Path=/\r\nAccess-Control-Allow-Origin: *\r\nSet-Cookie: JSESSIONID=C4A40AE6BF8A21397B8248683DE39E21; Path=/; HttpOnly\r\nLocation: https://sso.yitaigroup.com/idp/oauth2/authorize?redirect_uri=http://oa.yitaigroup.com&state=login&client_id=oa&response_type=code\r\n\r\n",
   "datamd5" : "3e7d988a8a9d56d9949e6d435271d253",
   "datammh3" : 1442973217,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9381",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "hkbn.com.hk"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "HKBNES-HK",
      "organization" : "HKBN Enterprise Solutions HK Limited",
      "subnet" : "202.155.192.0/18"
   },
   "ip" : "202.155.214.62",
   "ipv6" : "false",
   "latitude" : "22.2908",
   "location" : "22.2908,114.1501",
   "longitude" : "114.1501",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "HKBN Enterprise Solutions HK Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1222,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.26.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "202.155.192.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
61.61.24.34

Network
61.61.16.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://61.61.24.34:1222/ 412

ASN
AS18049

Organization
Taiwan Infrastructure Network Technologie

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
332a83f54cf1a3fd66b6371ac53d6a74

HTTP Header MD5
74ec1a529e318fd6e5847151e98f0727

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 412 Precondition Failed
Date: Thu, 07 Nov 2024 05:00:47 GMT
Content-Language: en
Server: Neptune/1.1.3
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:00:51.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "74ec1a529e318fd6e5847151e98f0727",
         "headermmh3" : -1791657136
      },
      "length" : 156
   },
   "asn" : "AS18049",
   "city" : "Taichung",
   "country" : "TW",
   "data" : "HTTP/1.1 412 Precondition Failed\r\nDate: Thu, 07 Nov 2024 05:00:47 GMT\r\nContent-Language: en\r\nServer: Neptune/1.1.3\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "332a83f54cf1a3fd66b6371ac53d6a74",
   "datammh3" : -941482008,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS18049",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "TW",
      "countryname" : "Taiwan",
      "domain" : [
         "fareastone.com.tw",
         "tinp.net.tw",
         "twnic.net",
         "twnic.net.tw"
      ],
      "isineu" : "false",
      "latitude" : "23.69781",
      "location" : "23.69781,120.960515",
      "longitude" : "120.960515",
      "netname" : "KGT-TW",
      "organization" : "KGEx.com",
      "subnet" : "61.61.16.0/20"
   },
   "ip" : "61.61.24.34",
   "ipv6" : "false",
   "latitude" : "24.1440",
   "location" : "24.1440,120.6844",
   "longitude" : "120.6844",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Taiwan Infrastructure Network Technologie",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1222,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Precondition Failed",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 412,
   "subnet" : "61.61.16.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
159.149.30.17

Network
159.149.0.0/16

Domain(s)
unimi.it

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://159.149.30.17:1222/ 426

Reverse DNS
prenotazioni.mat.unimi.it

ASN
AS137

Organization
Consortium GARR

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
d28dd5a4a4c63f28a50cba2d76989bd8

HTTP Header MD5
478f4d27c63aa2d0b60d69a2ab7bafdc

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 426 Upgrade header MUST be provided
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Version: 13
X-Powered-By: Ratchet/0.4.3

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:48:35.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "478f4d27c63aa2d0b60d69a2ab7bafdc",
         "headermmh3" : 330591319
      },
      "length" : 145
   },
   "asn" : "AS137",
   "city" : "Milan",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 426 Upgrade header MUST be provided\r\nConnection: Upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nX-Powered-By: Ratchet/0.4.3\r\n\r\n",
   "datamd5" : "d28dd5a4a4c63f28a50cba2d76989bd8",
   "datammh3" : -1420660082,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "unimi.it"
   ],
   "geolocus" : {
      "asn" : "AS137",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "IT",
      "countryname" : "Italy",
      "domain" : [
         "garr.it"
      ],
      "isineu" : "true",
      "latitude" : "41.87194",
      "location" : "41.87194,12.56738",
      "longitude" : "12.56738",
      "netname" : "UNIMINET",
      "organization" : "Universita' degli Studi di Milano",
      "subnet" : "159.149.0.0/16"
   },
   "host" : [
      "prenotazioni"
   ],
   "hostname" : [
      "prenotazioni.mat.unimi.it"
   ],
   "ip" : "159.149.30.17",
   "ipv6" : "false",
   "latitude" : "45.4722",
   "location" : "45.4722,9.1922",
   "longitude" : "9.1922",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Consortium GARR",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1222,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Upgrade header MUST be provided",
   "reverse" : [
      "prenotazioni.mat.unimi.it"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 426,
   "subdomains" : [
      "mat.unimi.it"
   ],
   "subnet" : "159.149.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "it"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
159.149.30.17

Network
159.149.0.0/16

Domain(s)
unimi.it

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://159.149.30.17:1222/ 426

Reverse DNS
prenotazioni.mat.unimi.it

ASN
AS137

Organization
Consortium GARR

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
d28dd5a4a4c63f28a50cba2d76989bd8

HTTP Header MD5
478f4d27c63aa2d0b60d69a2ab7bafdc

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 426 Upgrade header MUST be provided
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Version: 13
X-Powered-By: Ratchet/0.4.3

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:45:29.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "478f4d27c63aa2d0b60d69a2ab7bafdc",
         "headermmh3" : 330591319
      },
      "length" : 145
   },
   "asn" : "AS137",
   "city" : "Milan",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 426 Upgrade header MUST be provided\r\nConnection: Upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nX-Powered-By: Ratchet/0.4.3\r\n\r\n",
   "datamd5" : "d28dd5a4a4c63f28a50cba2d76989bd8",
   "datammh3" : -1420660082,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "unimi.it"
   ],
   "geolocus" : {
      "asn" : "AS137",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "IT",
      "countryname" : "Italy",
      "domain" : [
         "garr.it"
      ],
      "isineu" : "true",
      "latitude" : "41.87194",
      "location" : "41.87194,12.56738",
      "longitude" : "12.56738",
      "netname" : "UNIMINET",
      "organization" : "Universita' degli Studi di Milano",
      "subnet" : "159.149.0.0/16"
   },
   "host" : [
      "prenotazioni"
   ],
   "hostname" : [
      "prenotazioni.mat.unimi.it"
   ],
   "ip" : "159.149.30.17",
   "ipv6" : "false",
   "latitude" : "45.4722",
   "location" : "45.4722,9.1922",
   "longitude" : "9.1922",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Consortium GARR",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1222,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Upgrade header MUST be provided",
   "reverse" : [
      "prenotazioni.mat.unimi.it"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 426,
   "subdomains" : [
      "mat.unimi.it"
   ],
   "subnet" : "159.149.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "it"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
189.50.60.136

Network
189.50.60.0/22

Domain(s)
136-candibanet.com.br

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://189.50.60.136:1222/ 302

Reverse DNS
189.50.60.136-candibanet.com.br

ASN
AS270963

Organization
Fernando Martins Reis

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Apache Coyote HTTP Connector 1.1

HTTP Component(s)
Oracle Java

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f0b01afd491a992be0fa3085238915a3

HTTP Header MD5
3168611c39a1603bac5da2255293c0e7

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=EA818BA8C2AE9C95DC95D9640A500543; Path=/; HttpOnly
Location: http://<ip>:1222/webrun/
Content-Type: text/html
Content-Length: 0
Date: Thu, 07 Nov 2024 03:39:33 GMT
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:39:29.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            }
         ],
         "headermd5" : "3168611c39a1603bac5da2255293c0e7",
         "headermmh3" : -1455865972
      },
      "length" : 260
   },
   "asn" : "AS270963",
   "city" : "Santa Maria da Vit\u00f3ria",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: Apache-Coyote/1.1\r\nSet-Cookie: JSESSIONID=EA818BA8C2AE9C95DC95D9640A500543; Path=/; HttpOnly\r\nLocation: http://<ip>:1222/webrun/\r\nContent-Type: text/html\r\nContent-Length: 0\r\nDate: Thu, 07 Nov 2024 03:39:33 GMT\r\nConnection: close\r\n\r\n",
   "datamd5" : "f0b01afd491a992be0fa3085238915a3",
   "datammh3" : 1823197757,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "136-candibanet.com.br"
   ],
   "geolocus" : {
      "asn" : "AS270963",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "1-candibanet.com.br",
         "cert.br",
         "connectba.com.br",
         "hotmail.com"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "17.202.845/0001-62",
      "organization" : "Fernando Martins Reis",
      "subnet" : "189.50.60.0/22"
   },
   "host" : [
      189
   ],
   "hostname" : [
      "189.50.60.136-candibanet.com.br"
   ],
   "ip" : "189.50.60.136",
   "ipv6" : "false",
   "latitude" : "-13.2601",
   "location" : "-13.2601,-44.3776",
   "longitude" : "-44.3776",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Fernando Martins Reis",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 1222,
   "product" : "Coyote HTTP Connector",
   "productvendor" : "Apache",
   "productversion" : "1.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "189.50.60.136-candibanet.com.br"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "60.136-candibanet.com.br",
      "50.60.136-candibanet.com.br"
   ],
   "subnet" : "189.50.60.0/22",
   "tld" : [
      "com.br"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 10,451 in 0.114 second(s)

193.19.149.194:1222 (tcp/http) - last seen on 2024-11-07 at 05:32:21 UTC

47.253.154.23:1222 (tcp/http) - last seen on 2024-11-07 at 05:31:47 UTC

158.179.164.92:1222 (tcp/http) - last seen on 2024-11-07 at 05:24:03 UTC

101.2.165.61:1222 (tcp/http) - last seen on 2024-11-07 at 05:10:39 UTC

202.155.214.62:1222 (tcp/http) - last seen on 2024-11-07 at 05:08:39 UTC

202.155.214.62:1222 (tcp/http) - last seen on 2024-11-07 at 05:03:41 UTC

61.61.24.34:1222 (tcp/http) - last seen on 2024-11-07 at 05:00:51 UTC

159.149.30.17:1222 (tcp/http) - last seen on 2024-11-07 at 04:48:35 UTC

159.149.30.17:1222 (tcp/http) - last seen on 2024-11-07 at 04:45:29 UTC

189.50.60.136:1222 (tcp/http) - last seen on 2024-11-07 at 04:39:29 UTC