IP

92.38.149.171

Alternative IP(s)

69.167.164.199

Network

92.38.148.0/23

Domain(s)

test.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://92.38.149.171:2455/ 302

HTTP Title

302 Found

Reverse DNS

gcorelabs-us-07.test.com

ASN

AS202422

Organization

G-Core Labs S.A.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx 1.23.0

HTTP Component(s)

GeoServer GeoServer

CPE(s)

<enterprise field>: cpe

Data MD5

77fff245479ebac7cb761e559b1ea33d

HTTP Header MD5

7b54338a53a71649b70ea9b131f36142

HTTP Body MD5

313466a1cb86c02fb0d54750ae2c91dc

HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Thu, 07 Nov 2024 04:07:27 UTC
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: /geoserver/web/
Access-Control-Allow-Credentials: False
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, Origin, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, OPTION

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.23.0</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:07:27.000Z",
   "alternativeip" : [
      "69.167.164.199"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "313466a1cb86c02fb0d54750ae2c91dc",
         "bodymmh3" : -360064107,
         "component" : [
            {
               "productvendor" : "GeoServer",
               "product" : "GeoServer"
            }
         ],
         "headermd5" : "7b54338a53a71649b70ea9b131f36142",
         "headermmh3" : -1904602490,
         "title" : "302 Found"
      },
      "length" : 512
   },
   "asn" : "AS202422",
   "city" : "Santa Clara",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.23.0\r\nDate: Thu, 07 Nov 2024 04:07:27 UTC\r\nContent-Type: text/html\r\nContent-Length: 145\r\nConnection: keep-alive\r\nLocation: /geoserver/web/\r\nAccess-Control-Allow-Credentials: False\r\nAccess-Control-Allow-Headers: Content-Type, Accept, Authorization, Origin, User-Agent\r\nAccess-Control-Allow-Methods: GET, POST, PUT, PATCH, OPTION\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx/1.23.0</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "77fff245479ebac7cb761e559b1ea33d",
   "datammh3" : -1957578169,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "test.com"
   ],
   "geolocus" : {
      "asn" : "AS202422",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "gcore.lu"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "GCL-CUSTOMER-US",
      "organization" : "GCL-92-38-148",
      "subnet" : "92.38.148.0/23"
   },
   "host" : [
      "gcorelabs-us-07"
   ],
   "hostname" : [
      "gcorelabs-us-07.test.com"
   ],
   "ip" : "92.38.149.171",
   "ipv6" : "false",
   "latitude" : "37.3931",
   "location" : "37.3931,-121.9620",
   "longitude" : "-121.9620",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "G-Core Labs S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2455,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.23.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "gcorelabs-us-07.test.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "92.38.148.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

92.38.160.6

Network

92.38.160.0/24

Domain(s)

example.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://92.38.160.6:2455/ 302

HTTP Title

302 Found

Reverse DNS

borg1ajp1gke1.example.com

ASN

AS202422

Organization

G-Core Labs S.A.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

Server Server

CPE(s)

<enterprise field>: cpe

Data MD5

e457a95ce485f7e67cfe6c97d172c727

HTTP Header MD5

87366acd3126b9318804da42bd42d33f

HTTP Body MD5

0f1c27ac453cea986a8d31af7eabebc5

HTTP/1.1 302 Found
Date: Thu, 07 Nov 2024 03:15:51 UTC
Server: server
X-XSS-Protection: 1; mode=block
X-Frame-Options: SameOrigin
X-Content-Type-Options: nosniff
Location: https://<ip>:2455/mifs/user/index.html
Content-Length: 288
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://<ip>:2455/mifs/user/index.html">here</a>.</p>
<hr>
<address>server Server at <ip> Port 2455</address>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:15:51.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "0f1c27ac453cea986a8d31af7eabebc5",
         "bodymmh3" : -865975226,
         "headermd5" : "87366acd3126b9318804da42bd42d33f",
         "headermmh3" : -2114301494,
         "title" : "302 Found"
      },
      "length" : 582
   },
   "asn" : "AS202422",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 03:15:51 UTC\r\nServer: server\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: SameOrigin\r\nX-Content-Type-Options: nosniff\r\nLocation: https://<ip>:2455/mifs/user/index.html\r\nContent-Length: 288\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>302 Found</title>\n</head><body>\n<h1>Found</h1>\n<p>The document has moved <a href=\"https://<ip>:2455/mifs/user/index.html\">here</a>.</p>\n<hr>\n<address>server Server at <ip> Port 2455</address>\n</body></html>",
   "datamd5" : "e457a95ce485f7e67cfe6c97d172c727",
   "datammh3" : -1576089271,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "example.com"
   ],
   "host" : [
      "borg1ajp1gke1"
   ],
   "hostname" : [
      "borg1ajp1gke1.example.com"
   ],
   "ip" : "92.38.160.6",
   "ipv6" : "false",
   "latitude" : "35.1496",
   "location" : "35.1496,126.9156",
   "longitude" : "126.9156",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "G-Core Labs S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2455,
   "product" : "Server",
   "productvendor" : "Server",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "borg1ajp1gke1.example.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "92.38.160.0/24",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

5.189.222.76

Alternative IP(s)

69.167.164.199

Network

5.189.222.0/24

Domain(s)

test.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://5.189.222.76:2455/ 302

Reverse DNS

gcorelabs-es-01.test.com

ASN

AS202422

Organization

G-Core Labs S.A.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

HTTP Component(s)

Oracle Java

CPE(s)

<enterprise field>: cpe

Data MD5

79bfa6ce9247910015d95d5afd268282

HTTP Header MD5

1c1958f3c84e870233ed2fc0a8e666cb

HTTP Body MD5

d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=D2B27CECFC88400C73FDC99DC00F501B; Path=/; Secure; HttpOnly
X-UA-Compatible: IE=edge
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Location: /webclient/Dashboard.xhtml
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Wed, 06 Nov 2024 08:35:21 UTC

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T08:35:21.000Z",
   "alternativeip" : [
      "69.167.164.199"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            }
         ],
         "headermd5" : "1c1958f3c84e870233ed2fc0a8e666cb",
         "headermmh3" : 153314011
      },
      "length" : 440
   },
   "asn" : "AS202422",
   "city" : "Madrid",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nSet-Cookie: JSESSIONID=D2B27CECFC88400C73FDC99DC00F501B; Path=/; Secure; HttpOnly\r\nX-UA-Compatible: IE=edge\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nLocation: /webclient/Dashboard.xhtml\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Length: 0\r\nDate: Wed, 06 Nov 2024 08:35:21 UTC\r\n\r\n",
   "datamd5" : "79bfa6ce9247910015d95d5afd268282",
   "datammh3" : -176501737,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "test.com"
   ],
   "host" : [
      "gcorelabs-es-01"
   ],
   "hostname" : [
      "gcorelabs-es-01.test.com"
   ],
   "ip" : "5.189.222.76",
   "ipv6" : "false",
   "latitude" : "40.5443",
   "location" : "40.5443,-3.6159",
   "longitude" : "-3.6159",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "G-Core Labs S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2455,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "gcorelabs-es-01.test.com"
   ],
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "5.189.222.0/24",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

5.188.228.205

Alternative IP(s)

2606:2800:21f:cb07:6820:80da:af6b:8b2c 93.184.215.14

Network

5.188.228.0/24

Domain(s)

example.com

Device

<enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

Operating System

Linux Linux Kernel

URL

http://5.188.228.205:2455/ 302

Reverse DNS

example.com

ASN

AS202422

Organization

G-Core Labs S.A.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

CheckPoint Web Server

CPE(s)

<enterprise field>: cpe

Data MD5

830bc586467e1bdfc0d9dffe0c379e86

HTTP Header MD5

1b2cab3355fc05f0b518157b3f844bfb

HTTP Body MD5

ce948f4f38ce50ebaeb087be85e0c40b

HTTP/1.1 302 Found
Date: Sun, 03 Nov 2024 21:15:37 UTC
Server: CPWS
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
Location: /sslvpn/Login/Login
Pragma: no-cache
Cache-Control: no-store
Vary: User-Agent
Content-Length: 147
Content-Type: text/html; charset=UTF-8



<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML>
<BODY>
Please see: <A HREF="/sslvpn/Login/Login">/sslvpn/Login/Login</A></BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-03T21:15:37.000Z",
   "alternativeip" : [
      "2606:2800:21f:cb07:6820:80da:af6b:8b2c",
      "93.184.215.14"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "ce948f4f38ce50ebaeb087be85e0c40b",
         "bodymmh3" : -1456837522,
         "headermd5" : "1b2cab3355fc05f0b518157b3f844bfb",
         "headermmh3" : 690374990
      },
      "length" : 466
   },
   "asn" : "AS202422",
   "city" : "Navi Mumbai",
   "country" : "IN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Sun, 03 Nov 2024 21:15:37 UTC\r\nServer: CPWS\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Frame-Options: SAMEORIGIN\r\nLocation: /sslvpn/Login/Login\r\nPragma: no-cache\r\nCache-Control: no-store\r\nVary: User-Agent\r\nContent-Length: 147\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n\n\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<HTML>\n<BODY>\nPlease see: <A HREF=\"/sslvpn/Login/Login\">/sslvpn/Login/Login</A></BODY></HTML>\n",
   "datamd5" : "830bc586467e1bdfc0d9dffe0c379e86",
   "datammh3" : -495821595,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "example.com"
   ],
   "geolocus" : {
      "asn" : "AS202422",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IN",
      "countryname" : "India",
      "domain" : [
         "gcore.lu"
      ],
      "isineu" : "false",
      "latitude" : "20.593684",
      "location" : "20.593684,78.96288",
      "longitude" : "78.96288",
      "netname" : "GCL-CUSTOMER-IN",
      "organization" : "G-Core Labs S.A.",
      "subnet" : "5.188.228.0/24"
   },
   "hostname" : [
      "example.com"
   ],
   "ip" : "5.188.228.205",
   "ipv6" : "false",
   "latitude" : "19.0565",
   "location" : "19.0565,73.0656",
   "longitude" : "73.0656",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "G-Core Labs S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2455,
   "product" : "Web Server",
   "productvendor" : "CheckPoint",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "example.com"
   ],
   "seen_date" : "2024-11-03",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "5.188.228.0/24",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

92.38.149.173

Alternative IP(s)

69.167.164.199

Network

92.38.148.0/23

Domain(s)

test.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://92.38.149.173:2455/ 302

HTTP Title

302 Found

Reverse DNS

gcorelabs-us-07.test.com

ASN

AS202422

Organization

G-Core Labs S.A.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx 1.23.0

HTTP Component(s)

GeoServer GeoServer

CPE(s)

<enterprise field>: cpe

Data MD5

77fff245479ebac7cb761e559b1ea33d

HTTP Header MD5

7b54338a53a71649b70ea9b131f36142

HTTP Body MD5

313466a1cb86c02fb0d54750ae2c91dc

HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Sun, 03 Nov 2024 00:37:27 UTC
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: /geoserver/web/
Access-Control-Allow-Credentials: False
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, Origin, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, OPTION

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.23.0</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-03T00:37:27.000Z",
   "alternativeip" : [
      "69.167.164.199"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "313466a1cb86c02fb0d54750ae2c91dc",
         "bodymmh3" : -360064107,
         "component" : [
            {
               "product" : "GeoServer",
               "productvendor" : "GeoServer"
            }
         ],
         "headermd5" : "7b54338a53a71649b70ea9b131f36142",
         "headermmh3" : -1860105744,
         "title" : "302 Found"
      },
      "length" : 512
   },
   "asn" : "AS202422",
   "city" : "Santa Clara",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.23.0\r\nDate: Sun, 03 Nov 2024 00:37:27 UTC\r\nContent-Type: text/html\r\nContent-Length: 145\r\nConnection: keep-alive\r\nLocation: /geoserver/web/\r\nAccess-Control-Allow-Credentials: False\r\nAccess-Control-Allow-Headers: Content-Type, Accept, Authorization, Origin, User-Agent\r\nAccess-Control-Allow-Methods: GET, POST, PUT, PATCH, OPTION\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx/1.23.0</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "77fff245479ebac7cb761e559b1ea33d",
   "datammh3" : -1957578169,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "test.com"
   ],
   "geolocus" : {
      "asn" : "AS202422",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "gcore.lu"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "GCL-CUSTOMER-US",
      "organization" : "GCL-92-38-148",
      "subnet" : "92.38.148.0/23"
   },
   "host" : [
      "gcorelabs-us-07"
   ],
   "hostname" : [
      "gcorelabs-us-07.test.com"
   ],
   "ip" : "92.38.149.173",
   "ipv6" : "false",
   "latitude" : "37.3931",
   "location" : "37.3931,-121.9620",
   "longitude" : "-121.9620",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "G-Core Labs S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2455,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.23.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "gcorelabs-us-07.test.com"
   ],
   "seen_date" : "2024-11-03",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "92.38.148.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

5.188.4.70

Alternative IP(s)

69.167.164.199

Network

5.188.4.0/23

Domain(s)

test.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://5.188.4.70:2455/ 302

HTTP Title

302 Found

Reverse DNS

gcorelabs-br-02.test.com

ASN

AS202422

Organization

G-Core Labs S.A.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx 1.23.0

HTTP Component(s)

GeoServer GeoServer

CPE(s)

<enterprise field>: cpe

Data MD5

77fff245479ebac7cb761e559b1ea33d

HTTP Header MD5

7b54338a53a71649b70ea9b131f36142

HTTP Body MD5

313466a1cb86c02fb0d54750ae2c91dc

HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Sat, 02 Nov 2024 10:26:48 UTC
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: /geoserver/web/
Access-Control-Allow-Credentials: False
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, Origin, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, OPTION

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.23.0</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-02T10:26:48.000Z",
   "alternativeip" : [
      "69.167.164.199"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "313466a1cb86c02fb0d54750ae2c91dc",
         "bodymmh3" : -360064107,
         "component" : [
            {
               "productvendor" : "GeoServer",
               "product" : "GeoServer"
            }
         ],
         "headermd5" : "7b54338a53a71649b70ea9b131f36142",
         "headermmh3" : 978347887,
         "title" : "302 Found"
      },
      "length" : 512
   },
   "asn" : "AS202422",
   "city" : "Santana de Parna\u00edba",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.23.0\r\nDate: Sat, 02 Nov 2024 10:26:48 UTC\r\nContent-Type: text/html\r\nContent-Length: 145\r\nConnection: keep-alive\r\nLocation: /geoserver/web/\r\nAccess-Control-Allow-Credentials: False\r\nAccess-Control-Allow-Headers: Content-Type, Accept, Authorization, Origin, User-Agent\r\nAccess-Control-Allow-Methods: GET, POST, PUT, PATCH, OPTION\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx/1.23.0</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "77fff245479ebac7cb761e559b1ea33d",
   "datammh3" : -1957578169,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "test.com"
   ],
   "geolocus" : {
      "asn" : "AS202422",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "gcore.lu"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "GCL-CUSTOMER-BR",
      "organization" : "G-Core Labs S.A.",
      "subnet" : "5.188.4.0/24"
   },
   "host" : [
      "gcorelabs-br-02"
   ],
   "hostname" : [
      "gcorelabs-br-02.test.com"
   ],
   "ip" : "5.188.4.70",
   "ipv6" : "false",
   "latitude" : "-23.4418",
   "location" : "-23.4418,-46.9157",
   "longitude" : "-46.9157",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "G-Core Labs S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2455,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.23.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "gcorelabs-br-02.test.com"
   ],
   "seen_date" : "2024-11-02",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "5.188.4.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

5.188.228.205

Alternative IP(s)

2606:2800:21f:cb07:6820:80da:af6b:8b2c 93.184.215.14

Network

5.188.228.0/24

Domain(s)

example.com

Device

<enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

Operating System

Linux Linux Kernel

URL

http://5.188.228.205:2455/ 302

Reverse DNS

example.com

ASN

AS202422

Organization

G-Core Labs S.A.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

CheckPoint Web Server

CPE(s)

<enterprise field>: cpe

Data MD5

830bc586467e1bdfc0d9dffe0c379e86

HTTP Header MD5

1b2cab3355fc05f0b518157b3f844bfb

HTTP Body MD5

ce948f4f38ce50ebaeb087be85e0c40b

HTTP/1.1 302 Found
Date: Sun, 27 Oct 2024 09:01:22 UTC
Server: CPWS
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
Location: /sslvpn/Login/Login
Pragma: no-cache
Cache-Control: no-store
Vary: User-Agent
Content-Length: 147
Content-Type: text/html; charset=UTF-8



<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML>
<BODY>
Please see: <A HREF="/sslvpn/Login/Login">/sslvpn/Login/Login</A></BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-27T09:01:22.000Z",
   "alternativeip" : [
      "2606:2800:21f:cb07:6820:80da:af6b:8b2c",
      "93.184.215.14"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "ce948f4f38ce50ebaeb087be85e0c40b",
         "bodymmh3" : -1456837522,
         "headermd5" : "1b2cab3355fc05f0b518157b3f844bfb",
         "headermmh3" : 1997065838
      },
      "length" : 466
   },
   "asn" : "AS202422",
   "city" : "Navi Mumbai",
   "country" : "IN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Sun, 27 Oct 2024 09:01:22 UTC\r\nServer: CPWS\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nX-Frame-Options: SAMEORIGIN\r\nLocation: /sslvpn/Login/Login\r\nPragma: no-cache\r\nCache-Control: no-store\r\nVary: User-Agent\r\nContent-Length: 147\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n\n\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<HTML>\n<BODY>\nPlease see: <A HREF=\"/sslvpn/Login/Login\">/sslvpn/Login/Login</A></BODY></HTML>\n",
   "datamd5" : "830bc586467e1bdfc0d9dffe0c379e86",
   "datammh3" : -495821595,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "example.com"
   ],
   "geolocus" : {
      "asn" : "AS202422",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IN",
      "countryname" : "India",
      "domain" : [
         "gcore.lu"
      ],
      "isineu" : "false",
      "latitude" : "20.593684",
      "location" : "20.593684,78.96288",
      "longitude" : "78.96288",
      "netname" : "GCL-CUSTOMER-IN",
      "organization" : "G-Core Labs S.A.",
      "subnet" : "5.188.228.0/24"
   },
   "hostname" : [
      "example.com"
   ],
   "ip" : "5.188.228.205",
   "ipv6" : "false",
   "latitude" : "19.0565",
   "location" : "19.0565,73.0656",
   "longitude" : "73.0656",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "G-Core Labs S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2455,
   "product" : "Web Server",
   "productvendor" : "CheckPoint",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "example.com"
   ],
   "seen_date" : "2024-10-27",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "5.188.228.0/24",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

185.14.44.104

Alternative IP(s)

2606:2800:21f:cb07:6820:80da:af6b:8b2c 93.184.215.14

Network

185.14.44.0/23

Domain(s)

example.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://185.14.44.104:2455/ 200

HTTP Title

Pentaho Business Analytics

Reverse DNS

example.com

ASN

AS202422

Organization

G-Core Labs S.A.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

Apache Coyote HTTP Connector 1.1

HTTP Component(s)

Oracle Java

CPE(s)

<enterprise field>: cpe

Data MD5

b67ed81a3561214b87e0c0294ac897d6

HTTP Header MD5

928c9caafadce96045404345d6246c9b

HTTP Body MD5

fd371e102e6a80e217fd4dd385212310

HTTP/1.1 200 OK
Content-Type: text/html
Date: Thu, 24 Oct 2024 07:05:49 UTC
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=CC7A04ED6D71B07700C4542ADDA533BF; Path=/
Content-Length: 355
Connection: keep-alive



<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <title>Pentaho Business Analytics</title>
    <meta http-equiv="refresh" content="0;URL=/pentaho">
  </head>
  <body>
  </body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-24T07:05:49.000Z",
   "alternativeip" : [
      "2606:2800:21f:cb07:6820:80da:af6b:8b2c",
      "93.184.215.14"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "fd371e102e6a80e217fd4dd385212310",
         "bodymmh3" : 66312083,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            }
         ],
         "headermd5" : "928c9caafadce96045404345d6246c9b",
         "headermmh3" : 1923795,
         "title" : "Pentaho Business Analytics"
      },
      "length" : 573
   },
   "asn" : "AS202422",
   "city" : "Manassas",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nDate: Thu, 24 Oct 2024 07:05:49 UTC\r\nServer: Apache-Coyote/1.1\r\nSet-Cookie: JSESSIONID=CC7A04ED6D71B07700C4542ADDA533BF; Path=/\r\nContent-Length: 355\r\nConnection: keep-alive\r\n\r\n\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n  <head>\n    <title>Pentaho Business Analytics</title>\n    <meta http-equiv=\"refresh\" content=\"0;URL=/pentaho\">\n  </head>\n  <body>\n  </body>\n</html>",
   "datamd5" : "b67ed81a3561214b87e0c0294ac897d6",
   "datammh3" : 1582738561,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "example.com"
   ],
   "hostname" : [
      "example.com"
   ],
   "ip" : "185.14.44.104",
   "ipv6" : "false",
   "latitude" : "38.7911",
   "location" : "38.7911,-77.5264",
   "longitude" : "-77.5264",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "G-Core Labs S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2455,
   "product" : "Coyote HTTP Connector",
   "productvendor" : "Apache",
   "productversion" : "1.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "example.com"
   ],
   "seen_date" : "2024-10-24",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "185.14.44.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

79.133.120.150

Alternative IP(s)

69.167.164.199

Network

79.133.120.0/22

Domain(s)

test.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://79.133.120.150:2455/ 200

HTTP Title

Mirth Connect Administrator

Reverse DNS

gcorelabs-fr-02.test.com

ASN

AS202422

Organization

G-Core Labs S.A.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

Mortbay Jetty 7.6.7

HTTP Component(s)

NextGen Mirth Connect jQuery jQuery 1.7.1

CPE(s)

<enterprise field>: cpe

Data MD5

a6b67a89320d10f9ca82c75648f64c39

HTTP Header MD5

a05d029317bbc8a28dd92000102db2ad

HTTP Body MD5

b0ebe5bc1036cd1fe9997be43b7fafa8

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 2512
Last-Modified: Tue, 11 Nov 2014 19:40:08 GMT
Server: Jetty(7.6.7.v20120910)

<!doctype html>
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
	<meta http-equiv="x-ua-compatible" content="IE=edge">
	<meta http-equiv="cache-control" content="no-cache">
	<meta http-equiv="cache-control" content="no-store">
	
	<title>Mirth Connect Administrator</title>
	
	<link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico" />
	<link rel="stylesheet" type="text/css" href="css/bootstrap.css" />
	<link rel="stylesheet" type="text/css" href="css/main.css" />
	
	<script type="text/javascript">
		/* Break out of frame if inside a frame. */
		if (window != window.top) {
			window.top.location = window.location;
		}
	</script>

	<script type="text/javascript" src="js/jquery-1.7.1.min.js"></script>
</head>

<body id="body" style="display:none;" class="subpage">
	<div id="centerWrapper">
		<div class="row">
			<div style="padding: 10px; text-align: center;">
				<img id="mirthLogo" src="images/mirthconnectlogowide.png"/>
			</div>
			
			<div id="mcadministrator" class="span9">
				<h1 style="text-align: center;">Mirth Connect Administrator</h1>

				<div class="help-block">
					<strong>Overview of Web Start:</strong><br /> Java Web Start is a framework developed by Sun Microsystems
					that enables launching Java applications directly from a browser.
					Unlike Java applets, Web Start applications do not run inside the
					browser. 
				</div>				
				<div class="help-block">
					<br/>Click the big green button below to launch the Mirth Connect
					Administrator using Java Web Start.
				</div>
				
				<div style="text-align: center; margin-top: 10px;">
					<a class="btn btn-large btn-themebutton" type="submit" href="javascript:launchAdministrator()">Launch Mirth Connect Administrator</a>
				</div>
			</div>
		</div>
	</div>

	<footer class="smallSubPage" style="width:100%;">
		<table>
			<tr>
				<td style="text-align: center;">&copy; 2014 Mirth Corporation | Mirth Connect</td>
			</tr>
		</table>
	</footer>

 	<script type="text/javascript">
		$(document).ready(function() {			
			$.ajax({
			    type: 'HEAD',
			    url: 'webadmin/Index.action',
				success: function() {
					window.location.replace("webadmin/Index.action");
				},
				error: function() {
					$("#body").css("display", "inline");
				} 
			});
		}); 
	</script>
	
    <script type="text/javascript">
   		function launchAdministrator(){
    		window.location.href = 'webstart.jnlp?time=' + new Date().getTime(); 
   		}
	</script>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-24T02:22:52.000Z",
   "alternativeip" : [
      "69.167.164.199"
   ],
   "app" : {
      "favicon" : {
         "url" : "/images/favicon.ico"
      },
      "http" : {
         "bodymd5" : "b0ebe5bc1036cd1fe9997be43b7fafa8",
         "bodymmh3" : -683887888,
         "component" : [
            {
               "productvendor" : "NextGen",
               "product" : "Mirth Connect"
            },
            {
               "productvendor" : "jQuery",
               "productversion" : "1.7.1",
               "product" : "jQuery"
            }
         ],
         "header" : [
            {
               "value" : "Tue, 11 Nov 2014 19:40:08 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "a05d029317bbc8a28dd92000102db2ad",
         "headermmh3" : 409096128,
         "title" : "Mirth Connect Administrator"
      },
      "length" : 2656
   },
   "asn" : "AS202422",
   "city" : "Paris",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nContent-Length: 2512\r\nLast-Modified: Tue, 11 Nov 2014 19:40:08 GMT\r\nServer: Jetty(7.6.7.v20120910)\r\n\r\n<!doctype html>\n<html>\n<head>\n\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\n\t<meta http-equiv=\"x-ua-compatible\" content=\"IE=edge\">\n\t<meta http-equiv=\"cache-control\" content=\"no-cache\">\n\t<meta http-equiv=\"cache-control\" content=\"no-store\">\n\t\n\t<title>Mirth Connect Administrator</title>\n\t\n\t<link rel=\"shortcut icon\" type=\"image/x-icon\" href=\"images/favicon.ico\" />\n\t<link rel=\"stylesheet\" type=\"text/css\" href=\"css/bootstrap.css\" />\n\t<link rel=\"stylesheet\" type=\"text/css\" href=\"css/main.css\" />\n\t\n\t<script type=\"text/javascript\">\n\t\t/* Break out of frame if inside a frame. */\n\t\tif (window != window.top) {\n\t\t\twindow.top.location = window.location;\n\t\t}\n\t</script>\n\n\t<script type=\"text/javascript\" src=\"js/jquery-1.7.1.min.js\"></script>\n</head>\n\n<body id=\"body\" style=\"display:none;\" class=\"subpage\">\n\t<div id=\"centerWrapper\">\n\t\t<div class=\"row\">\n\t\t\t<div style=\"padding: 10px; text-align: center;\">\n\t\t\t\t<img id=\"mirthLogo\" src=\"images/mirthconnectlogowide.png\"/>\n\t\t\t</div>\n\t\t\t\n\t\t\t<div id=\"mcadministrator\" class=\"span9\">\n\t\t\t\t<h1 style=\"text-align: center;\">Mirth Connect Administrator</h1>\n\n\t\t\t\t<div class=\"help-block\">\n\t\t\t\t\t<strong>Overview of Web Start:</strong><br /> Java Web Start is a framework developed by Sun Microsystems\n\t\t\t\t\tthat enables launching Java applications directly from a browser.\n\t\t\t\t\tUnlike Java applets, Web Start applications do not run inside the\n\t\t\t\t\tbrowser. \n\t\t\t\t</div>\t\t\t\t\n\t\t\t\t<div class=\"help-block\">\n\t\t\t\t\t<br/>Click the big green button below to launch the Mirth Connect\n\t\t\t\t\tAdministrator using Java Web Start.\n\t\t\t\t</div>\n\t\t\t\t\n\t\t\t\t<div style=\"text-align: center; margin-top: 10px;\">\n\t\t\t\t\t<a class=\"btn btn-large btn-themebutton\" type=\"submit\" href=\"javascript:launchAdministrator()\">Launch Mirth Connect Administrator</a>\n\t\t\t\t</div>\n\t\t\t</div>\n\t\t</div>\n\t</div>\n\n\t<footer class=\"smallSubPage\" style=\"width:100%;\">\n\t\t<table>\n\t\t\t<tr>\n\t\t\t\t<td style=\"text-align: center;\">&copy; 2014 Mirth Corporation | Mirth Connect</td>\n\t\t\t</tr>\n\t\t</table>\n\t</footer>\n\n \t<script type=\"text/javascript\">\n\t\t$(document).ready(function() {\t\t\t\n\t\t\t$.ajax({\n\t\t\t    type: 'HEAD',\n\t\t\t    url: 'webadmin/Index.action',\n\t\t\t\tsuccess: function() {\n\t\t\t\t\twindow.location.replace(\"webadmin/Index.action\");\n\t\t\t\t},\n\t\t\t\terror: function() {\n\t\t\t\t\t$(\"#body\").css(\"display\", \"inline\");\n\t\t\t\t} \n\t\t\t});\n\t\t}); \n\t</script>\n\t\n    <script type=\"text/javascript\">\n   \t\tfunction launchAdministrator(){\n    \t\twindow.location.href = 'webstart.jnlp?time=' + new Date().getTime(); \n   \t\t}\n\t</script>\n</body>\n</html>",
   "datamd5" : "a6b67a89320d10f9ca82c75648f64c39",
   "datammh3" : 1266031808,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "test.com"
   ],
   "geolocus" : {
      "asn" : "AS202422",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "gcore.lu"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "GCL-CUSTOMER-FR",
      "organization" : "G-Core Labs S.A.",
      "subnet" : "79.133.120.0/24"
   },
   "host" : [
      "gcorelabs-fr-02"
   ],
   "hostname" : [
      "gcorelabs-fr-02.test.com"
   ],
   "ip" : "79.133.120.150",
   "ipv6" : "false",
   "latitude" : "48.9163",
   "location" : "48.9163,2.3869",
   "longitude" : "2.3869",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "G-Core Labs S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2455,
   "product" : "Jetty",
   "productvendor" : "Mortbay",
   "productversion" : "7.6.7",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "gcorelabs-fr-02.test.com"
   ],
   "seen_date" : "2024-10-24",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "79.133.120.0/22",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

92.223.90.169

Network

92.223.90.0/24

Domain(s)

free.ds

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://92.223.90.169:2455/ 404

Reverse DNS

free.ds

ASN

AS202422

Organization

G-Core Labs S.A.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

76518d912cff076292b208597042a7fe

HTTP Header MD5

e69912c1df46c4a7b79604af7810a873

HTTP Body MD5

d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-19T04:36:01.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "e69912c1df46c4a7b79604af7810a873",
         "headermmh3" : -1341215179
      },
      "length" : 64
   },
   "asn" : "AS202422",
   "city" : "Hong Kong",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 404 Not Found\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "76518d912cff076292b208597042a7fe",
   "datammh3" : -1603471701,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "free.ds"
   ],
   "geolocus" : {
      "asn" : "AS202422",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "gcore.lu"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "GCL-CUSTOMER-HK",
      "organization" : "G-Core Labs S.A.",
      "subnet" : "92.223.90.0/24"
   },
   "hostname" : [
      "free.ds"
   ],
   "ip" : "92.223.90.169",
   "ipv6" : "false",
   "latitude" : "22.2842",
   "location" : "22.2842,114.1759",
   "longitude" : "114.1759",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "G-Core Labs S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2455,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "reverse" : [
      "free.ds"
   ],
   "seen_date" : "2024-10-19",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "92.223.90.0/24",
   "tld" : [
      "ds"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}