Cyber Defense Search Engine

IP
204.156.216.142

Network
204.156.192.0/19

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS19009

Organization
ONECLEVELAND

Protocol
unknown

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
09ddd6478a2d9450a65d5b3b4688be9f

8\x00\x00\x00\x07\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe5\xb8\xe1Y\x00\x00\x00\x00\x07\xc2\x0bZ\x00\x00\x00\x00\xcb\x86nN\x00\x00\x00\x00

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:44:57.000Z",
   "app" : {
      "length" : 56
   },
   "asn" : "AS19009",
   "city" : "Parma",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "8\\x00\\x00\\x00\\x07\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xe5\\xb8\\xe1Y\\x00\\x00\\x00\\x00\\x07\\xc2\\x0bZ\\x00\\x00\\x00\\x00\\xcb\\x86nN\\x00\\x00\\x00\\x00",
   "datamd5" : "09ddd6478a2d9450a65d5b3b4688be9f",
   "datammh3" : 53859576,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS19009",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "everstream.net",
         "onecommunity.org"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ONECL",
      "organization" : "OneCleveland",
      "subnet" : "204.156.192.0/19"
   },
   "ip" : "204.156.216.142",
   "ipv6" : "false",
   "latitude" : "41.3844",
   "location" : "41.3844,-81.7003",
   "longitude" : "-81.7003",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ONECLEVELAND",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 1691,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "204.156.192.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
43.203.226.117

Network
43.200.0.0/13

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://43.203.226.117:1691/ 301

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

HTTP Component(s)
Atlassian Confluence Oracle Java

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3e2107ab7be2fc959bb4d52c26caa3df

HTTP Header MD5
7b948b15043b8704010b9349d29b6a04

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Date: Thu, 07 Nov 2024 05:43:35 GMT
Server: nginx
X-Confluence-Request-Time: 1730958215
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=z6xe7zjehhi2wx6xsmg1wrzwlupfps4d; Path=/; Secure; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=63072000
Location: ./login.action
Content-Length: 0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:43:35.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "product" : "Java",
               "productvendor" : "Oracle"
            },
            {
               "product" : "Confluence",
               "productvendor" : "Atlassian"
            }
         ],
         "headermd5" : "7b948b15043b8704010b9349d29b6a04",
         "headermmh3" : 2042920408
      },
      "length" : 587
   },
   "asn" : "AS16509",
   "city" : "Incheon",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nConnection: keep-alive\r\nDate: Thu, 07 Nov 2024 05:43:35 GMT\r\nServer: nginx\r\nX-Confluence-Request-Time: 1730958215\r\nContent-Type: text/html;charset=UTF-8\r\nCache-Control: no-cache, must-revalidate\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nSet-Cookie: JSESSIONID=z6xe7zjehhi2wx6xsmg1wrzwlupfps4d; Path=/; Secure; HttpOnly\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'\r\nStrict-Transport-Security: max-age=63072000\r\nLocation: ./login.action\r\nContent-Length: 0\r\n\r\n",
   "datamd5" : "3e2107ab7be2fc959bb4d52c26caa3df",
   "datammh3" : -689027504,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AMAZON-AS-AP",
      "organization" : "Amazon.com, Inc.",
      "subnet" : "43.200.0.0/14"
   },
   "ip" : "43.203.226.117",
   "ipv6" : "false",
   "latitude" : "37.4585",
   "location" : "37.4585,126.7015",
   "longitude" : "126.7015",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1691,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 301,
   "subnet" : "43.200.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
51.16.42.190

Network
51.16.0.0/15

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://51.16.42.190:1691/ 200

Reverse DNS
ec2-51-16-42-190.il-central-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
841ef049931f2abf64cb8efe40b3361a

HTTP Header MD5
9f060a9cb1b31c417a3a68e629ae97e3

HTTP Body MD5
7247f7a69fe8c58679f8e1859605c9b1

HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 05:42:35 GMT
Server: nginx
Content-Length: 88
Content-Type: text/html

<HTML><HEAD><script>window.top.location.href='/Main_Login.asp';</script>
</HEAD></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:42:35.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "7247f7a69fe8c58679f8e1859605c9b1",
         "bodymmh3" : -1161513703,
         "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
         "headermmh3" : -156376094
      },
      "length" : 223
   },
   "asn" : "AS16509",
   "city" : "Tel Aviv",
   "country" : "IL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:42:35 GMT\r\nServer: nginx\r\nContent-Length: 88\r\nContent-Type: text/html\r\n\r\n<HTML><HEAD><script>window.top.location.href='/Main_Login.asp';</script>\n</HEAD></HTML>\n",
   "datamd5" : "841ef049931f2abf64cb8efe40b3361a",
   "datammh3" : -116911898,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "host" : [
      "ec2-51-16-42-190"
   ],
   "hostname" : [
      "ec2-51-16-42-190.il-central-1.compute.amazonaws.com"
   ],
   "ip" : "51.16.42.190",
   "ipv6" : "false",
   "latitude" : "32.0803",
   "location" : "32.0803,34.7805",
   "longitude" : "34.7805",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1691,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-51-16-42-190.il-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "il-central-1.compute.amazonaws.com"
   ],
   "subnet" : "51.16.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
204.156.216.142

Network
204.156.192.0/19

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS19009

Organization
ONECLEVELAND

Protocol
unknown

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
44de8e44beca98ba4562ecae53dc1b3a

8\x00\x00\x00\x07\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\xdf\x17\x03\x00\x00\x00\x00\x83\xc4\xdb5\x00\x00\x00\x00\xf04~\x05\x00\x00\x00\x00

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:42:11.000Z",
   "app" : {
      "length" : 56
   },
   "asn" : "AS19009",
   "city" : "Parma",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "8\\x00\\x00\\x00\\x07\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x05\\xdf\\x17\\x03\\x00\\x00\\x00\\x00\\x83\\xc4\\xdb5\\x00\\x00\\x00\\x00\\xf04~\\x05\\x00\\x00\\x00\\x00",
   "datamd5" : "44de8e44beca98ba4562ecae53dc1b3a",
   "datammh3" : 1579062046,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS19009",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "everstream.net",
         "onecommunity.org"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ONECL",
      "organization" : "OneCleveland",
      "subnet" : "204.156.192.0/19"
   },
   "ip" : "204.156.216.142",
   "ipv6" : "false",
   "latitude" : "41.3844",
   "location" : "41.3844,-81.7003",
   "longitude" : "-81.7003",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ONECLEVELAND",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 1691,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "204.156.192.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
142.93.146.200

Network
142.93.144.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://142.93.146.200:1691/ 200

ASN
AS14061

Organization
DIGITALOCEAN-ASN

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
380083522d5746bc39611837d20f3f84

HTTP Header MD5
9b25fd43ac35a3b878f5988c823bdb9e

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Nov 2024 05:38:06 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Thu, 30 May 2024 12:50:28 GMT
Connection: close
ETag: "66587614-0"
Accept-Ranges: bytes

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:40:30.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "header" : [
            {
               "value" : "Thu, 30 May 2024 12:50:28 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "66587614-0"
            }
         ],
         "headermd5" : "9b25fd43ac35a3b878f5988c823bdb9e",
         "headermmh3" : 1624132660
      },
      "length" : 222
   },
   "asn" : "AS14061",
   "city" : "Toronto",
   "country" : "CA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:38:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nLast-Modified: Thu, 30 May 2024 12:50:28 GMT\r\nConnection: close\r\nETag: \"66587614-0\"\r\nAccept-Ranges: bytes\r\n\r\n",
   "datamd5" : "380083522d5746bc39611837d20f3f84",
   "datammh3" : 280911274,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS14061",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "digitalocean.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "DIGITALOCEAN-142-93-0-0",
      "organization" : "DigitalOcean, LLC",
      "subnet" : "142.93.144.0/20"
   },
   "ip" : "142.93.146.200",
   "ipv6" : "false",
   "latitude" : "43.6547",
   "location" : "43.6547,-79.3623",
   "longitude" : "-79.3623",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "DIGITALOCEAN-ASN",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1691,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "142.93.144.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
190.249.213.141

Alternative IP(s)
190.0.0.1

Network
190.248.0.0/14

Domain(s)
epm.net.co

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

Reverse DNS
cable190-249-213-141.epm.net.co

ASN
AS13489

Organization
EPM Telecomunicaciones S.A. E.S.P.

Protocol
mysql

Source
datascan
Operating System
Microsoft Windows

Product
Oracle MySQL 8.0.34

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1fe38ee4a274dcc2274cd22c86217053

J\x00\x00\x00
8.0.34\x00:\x10\x05\x00\x141\x0d9PZXu\x00\xff\xff\xff\x02\x00\xff\xdf\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00y>\x16bez-4o\x121\x1b\x00caching_sha2_password\x00!\x00\x00\x01\xff\x84\x04#08S01Got packets out of order

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:40:30.000Z",
   "alternativeip" : [
      "190.0.0.1"
   ],
   "app" : {
      "length" : 115
   },
   "asn" : "AS13489",
   "city" : "Medell\u00edn",
   "country" : "CO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "J\\x00\\x00\\x00\n8.0.34\\x00:\\x10\\x05\\x00\\x141\\x0d9PZXu\\x00\\xff\\xff\\xff\\x02\\x00\\xff\\xdf\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00y>\\x16bez-4o\\x121\\x1b\\x00caching_sha2_password\\x00!\\x00\\x00\\x01\\xff\\x84\\x04#08S01Got packets out of order",
   "datamd5" : "1fe38ee4a274dcc2274cd22c86217053",
   "datammh3" : -1759831802,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "epm.net.co"
   ],
   "geolocus" : {
      "asn" : "AS13489",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "CO",
      "countryname" : "Colombia",
      "domain" : [
         "tigo.com.co"
      ],
      "isineu" : "false",
      "latitude" : "4.570868",
      "location" : "4.570868,-74.297333",
      "longitude" : "-74.297333",
      "netname" : "CO-EPME1-LACNIC",
      "organization" : "EPM Telecomunicaciones S.A. E.S.P.",
      "subnet" : "190.248.0.0/15"
   },
   "host" : [
      "cable190-249-213-141"
   ],
   "hostname" : [
      "cable190-249-213-141.epm.net.co"
   ],
   "ip" : "190.249.213.141",
   "ipv6" : "false",
   "latitude" : "6.2529",
   "location" : "6.2529,-75.5646",
   "longitude" : "-75.5646",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "EPM Telecomunicaciones S.A. E.S.P.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 1691,
   "product" : "MySQL",
   "productvendor" : "Oracle",
   "productversion" : "8.0.34",
   "protocol" : "mysql",
   "reverse" : [
      "cable190-249-213-141.epm.net.co"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "190.248.0.0/14",
   "tld" : [
      "net.co"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
149.62.44.239

Network
149.62.44.0/24

Domain(s)
vps.hosting

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://149.62.44.239:1691/ 302

HTTP Title
302 Found

Reverse DNS
s38629.vps.hosting

ASN
AS3258

Organization
xTom Japan Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7be874fdef406ca4e3be4ef82d0c85b0

HTTP Header MD5
f4d978c54ddbbdbf3b1588a8eef27a50

HTTP Body MD5
72bb92c6b139c34867ea2ed28b37e423

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 07 Nov 2024 05:36:43 GMT
Content-Type: text/html
Content-Length: 142
Connection: close
Location: https://<ip>/
Strict-Transport-Security: max-age=31536000

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>openresty</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:43.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "72bb92c6b139c34867ea2ed28b37e423",
         "bodymmh3" : -2012374589,
         "headermd5" : "f4d978c54ddbbdbf3b1588a8eef27a50",
         "headermmh3" : 1500910655,
         "title" : "302 Found"
      },
      "length" : 367
   },
   "asn" : "AS3258",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: openresty\r\nDate: Thu, 07 Nov 2024 05:36:43 GMT\r\nContent-Type: text/html\r\nContent-Length: 142\r\nConnection: close\r\nLocation: https://<ip>/\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "7be874fdef406ca4e3be4ef82d0c85b0",
   "datammh3" : -980438086,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "vps.hosting"
   ],
   "host" : [
      "s38629"
   ],
   "hostname" : [
      "s38629.vps.hosting"
   ],
   "ip" : "149.62.44.239",
   "ipv6" : "false",
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "xTom Japan Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1691,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "reverse" : [
      "s38629.vps.hosting"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "149.62.44.0/24",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "hosting"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
193.29.182.20

Network
193.29.182.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://193.29.182.20:1691/ 407

ASN
AS216157

Organization
Sixnet Operation Ltd

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
78585a31a9923f851fd7498cc40b6a44

HTTP Header MD5
ec1a9c7961fed7d88fbabb0196599217

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 407 Proxy Authentication Required
proxy-authenticate: Basic
connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:41.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "ec1a9c7961fed7d88fbabb0196599217",
         "headermmh3" : 1542279371
      },
      "length" : 92
   },
   "asn" : "AS216157",
   "country" : "NL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nproxy-authenticate: Basic\r\nconnection: close\r\n\r\n",
   "datamd5" : "78585a31a9923f851fd7498cc40b6a44",
   "datammh3" : 1547380673,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS216157",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "GB",
      "countryname" : "United Kingdom",
      "domain" : [
         "rtmnetworks.net"
      ],
      "isineu" : "false",
      "latitude" : "55.378051",
      "location" : "55.378051,-3.435973",
      "longitude" : "-3.435973",
      "netname" : "GB-SIXNET-20240416",
      "organization" : "Sixnet Operations Ltd",
      "subnet" : "193.29.182.0/24"
   },
   "ip" : "193.29.182.20",
   "ipv6" : "false",
   "latitude" : "52.3824",
   "location" : "52.3824,4.8995",
   "longitude" : "4.8995",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Sixnet Operation Ltd",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1691,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "193.29.182.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
52.187.179.214

Network
52.160.0.0/11

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://52.187.179.214:1691/ 200

ASN
AS8075

Organization
MICROSOFT-CORP-MSN-AS-BLOCK

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
50123608d0b37b43ee19b36ebd2bdc40

HTTP Header MD5
729dd82ecedf025dc9950c96b0f2547c

HTTP Body MD5
d36f8f9425c4a8000ad9c4a97185aca5

HTTP/1.1 200 OK
Content-Length: 3
Content-Type: text/plain

OK

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:19.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d36f8f9425c4a8000ad9c4a97185aca5",
         "bodymmh3" : 1370833863,
         "headermd5" : "729dd82ecedf025dc9950c96b0f2547c",
         "headermmh3" : 404768235
      },
      "length" : 66
   },
   "asn" : "AS8075",
   "city" : "Singapore",
   "country" : "SG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Length: 3\r\nContent-Type: text/plain\n\r\nOK\n",
   "datamd5" : "50123608d0b37b43ee19b36ebd2bdc40",
   "datammh3" : -1789337956,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS8075",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "microsoft.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MSFT",
      "organization" : "Microsoft Corporation",
      "subnet" : "52.187.128.0/18"
   },
   "ip" : "52.187.179.214",
   "ipv6" : "false",
   "latitude" : "1.2868",
   "location" : "1.2868,103.8503",
   "longitude" : "103.8503",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1691,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "52.160.0.0/11",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
62.204.37.84

Network
62.204.37.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://62.204.37.84:1691/ 407

ASN
AS198231

Organization
Sixnet Operation Ltd

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
78585a31a9923f851fd7498cc40b6a44

HTTP Header MD5
ec1a9c7961fed7d88fbabb0196599217

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 407 Proxy Authentication Required
proxy-authenticate: Basic
connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:35:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "ec1a9c7961fed7d88fbabb0196599217",
         "headermmh3" : 1542279371
      },
      "length" : 92
   },
   "asn" : "AS198231",
   "country" : "CY",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nproxy-authenticate: Basic\r\nconnection: close\r\n\r\n",
   "datamd5" : "78585a31a9923f851fd7498cc40b6a44",
   "datammh3" : 1547380673,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "62.204.37.84",
   "ipv6" : "false",
   "latitude" : "35.0077",
   "location" : "35.0077,32.9882",
   "longitude" : "32.9882",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Sixnet Operation Ltd",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 1691,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "62.204.37.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 43,271 in 0.033 second(s)

204.156.216.142:1691 (tcp/unknown) - last seen on 2024-11-07 at 05:44:57 UTC

43.203.226.117:1691 (tcp/http) - last seen on 2024-11-07 at 05:43:35 UTC

51.16.42.190:1691 (tcp/http) - last seen on 2024-11-07 at 05:42:35 UTC

204.156.216.142:1691 (tcp/unknown) - last seen on 2024-11-07 at 05:42:11 UTC

142.93.146.200:1691 (tcp/http) - last seen on 2024-11-07 at 05:40:30 UTC

190.249.213.141:1691 (tcp/mysql) - last seen on 2024-11-07 at 05:40:30 UTC

149.62.44.239:1691 (tcp/http) - last seen on 2024-11-07 at 05:36:43 UTC

193.29.182.20:1691 (tcp/http) - last seen on 2024-11-07 at 05:36:41 UTC

52.187.179.214:1691 (tcp/http) - last seen on 2024-11-07 at 05:36:19 UTC

62.204.37.84:1691 (tcp/http) - last seen on 2024-11-07 at 05:35:05 UTC