ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 2,157 in 0.081 second(s)

  • 182.53.232.253:4899 (tcp/http) - last seen on 2024-11-07 at 05:38:18 UTC

    • IP
      182.53.232.253
      Network
      182.53.0.0/16
      Domain(s)
      totinternet.net
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://182.53.232.253:4899/ 302

      HTTP Title
      Object moved
      Reverse DNS
      node-1a0t.pool-182-53.dynamic.totinternet.net
      ASN
      AS23969
      Organization
      TOT Public Company Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      Microsoft IIS 10.0
      HTTP Component(s)
      Microsoft ASP.NET 4.0.30319
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      977b1ead21cb891e92644afa9dc74c87
      HTTP Header MD5
      910d12dfec7e344c60081ee857977d5d
      HTTP Body MD5
      a708d4352acfe1619524bd7e97d7aa0d 
    • HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /LoginPage.aspx?ReturnUrl=%2f
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 05:38:18 GMT
Connection: close
Content-Length: 146

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/LoginPage.aspx?ReturnUrl=%2f">here</a>.</h2>
</body></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:38:18.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "a708d4352acfe1619524bd7e97d7aa0d",
         "bodymmh3" : 421716611,
         "component" : [
            {
               "product" : "ASP.NET",
               "productvendor" : "Microsoft",
               "productversion" : "4.0.30319"
            }
         ],
         "headermd5" : "910d12dfec7e344c60081ee857977d5d",
         "headermmh3" : 499280206,
         "title" : "Object moved"
      },
      "length" : 430
   },
   "asn" : "AS23969",
   "city" : "Chiang Mai",
   "country" : "TH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nLocation: /LoginPage.aspx?ReturnUrl=%2f\r\nServer: Microsoft-IIS/10.0\r\nX-AspNet-Version: 4.0.30319\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 05:38:18 GMT\r\nConnection: close\r\nContent-Length: 146\r\n\r\n<html><head><title>Object moved</title></head><body>\r\n<h2>Object moved to <a href=\"/LoginPage.aspx?ReturnUrl=%2f\">here</a>.</h2>\r\n</body></html>\r\n",
   "datamd5" : "977b1ead21cb891e92644afa9dc74c87",
   "datammh3" : 133564657,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "totinternet.net"
   ],
   "geolocus" : {
      "asn" : "AS23969",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "TH",
      "countryname" : "Thailand",
      "domain" : [
         "totidc.net",
         "totinternet.net",
         "totisp.net"
      ],
      "isineu" : "false",
      "latitude" : "15.870032",
      "location" : "15.870032,100.992541",
      "longitude" : "100.992541",
      "netname" : "TOT-AS",
      "organization" : "TOT Public Company Limited",
      "subnet" : "182.53.192.0/18"
   },
   "host" : [
      "node-1a0t"
   ],
   "hostname" : [
      "node-1a0t.pool-182-53.dynamic.totinternet.net"
   ],
   "ip" : "182.53.232.253",
   "ipv6" : "false",
   "latitude" : "18.7929",
   "location" : "18.7929,99.0004",
   "longitude" : "99.0004",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TOT Public Company Limited",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 4899,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "node-1a0t.pool-182-53.dynamic.totinternet.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "dynamic.totinternet.net",
      "pool-182-53.dynamic.totinternet.net"
   ],
   "subnet" : "182.53.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 160.251.83.92:4899 (tcp/http) - last seen on 2024-11-07 at 05:30:04 UTC

    • IP
      160.251.83.92
      Alternative IP(s)
      2400:8500:1302:1181:160:251:83:92
      Network
      160.251.0.0/17
      Domain(s)
      cnode.io
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Ubuntu
      URL

      http://160.251.83.92:4899/ 302

      HTTP Title
      302 Found
      Reverse DNS
      v160-251-83-92.9oqf.static.cnode.io
      ASN
      AS7506
      Organization
      GMO Internet,Inc
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Ubuntu
      Product
      F5 Nginx 1.14.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4f9e75836482fd87eecb05b7728e6b01
      HTTP Header MD5
      935ae8a017676cb92664e8d279572ee0
      HTTP Body MD5
      602c1b9891c3be7844f8d51d248440ea 
    • HTTP/1.1 302 Moved Temporarily
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 07 Nov 2024 05:30:04 GMT
Content-Type: text/html
Content-Length: 170
Connection: close
Location: https://<ip>/__proxy_error__/497.html

<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:04.000Z",
   "alternativeip" : [
      "2400:8500:1302:1181:160:251:83:92"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "602c1b9891c3be7844f8d51d248440ea",
         "bodymmh3" : 959249276,
         "headermd5" : "935ae8a017676cb92664e8d279572ee0",
         "headermmh3" : 1311897963,
         "title" : "302 Found"
      },
      "length" : 386
   },
   "asn" : "AS7506",
   "city" : "Hiyoshi",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: nginx/1.14.0 (Ubuntu)\r\nDate: Thu, 07 Nov 2024 05:30:04 GMT\r\nContent-Type: text/html\r\nContent-Length: 170\r\nConnection: close\r\nLocation: https://<ip>/__proxy_error__/497.html\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx/1.14.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "4f9e75836482fd87eecb05b7728e6b01",
   "datammh3" : 656937095,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cnode.io"
   ],
   "geolocus" : {
      "asn" : "AS7506",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "cnode.io",
         "gmo.jp",
         "nic.ad.jp"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "interQ",
      "organization" : "GMO Internet Group, Inc.",
      "subnet" : "160.251.0.0/17"
   },
   "host" : [
      "v160-251-83-92"
   ],
   "hostname" : [
      "v160-251-83-92.9oqf.static.cnode.io"
   ],
   "ip" : "160.251.83.92",
   "ipv6" : "false",
   "latitude" : "35.5479",
   "location" : "35.5479,139.6416",
   "longitude" : "139.6416",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GMO Internet,Inc",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 4899,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "reverse" : [
      "v160-251-83-92.9oqf.static.cnode.io"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "9oqf.static.cnode.io",
      "static.cnode.io"
   ],
   "subnet" : "160.251.0.0/17",
   "tld" : [
      "io"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 194.68.27.117:4899 (tcp/http) - last seen on 2024-11-07 at 05:20:50 UTC

    • IP
      194.68.27.117
      Network
      194.68.26.0/23
      Domain(s)
      194.in-addr.arpa
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://194.68.27.117:4899/ 302

      Reverse DNS
      117.27.68.194.in-addr.arpa
      ASN
      AS9009
      Organization
      M247 Europe SRL
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      HTTP Component(s)
      Oracle Java Atlassian Confluence
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      1625694c587cd601197fb35f20511ece
      HTTP Header MD5
      2dc1e159d50343e36aa92b49adbad2ef
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Server: nginx
Date: Thu, 07 Nov 2024 05:20:50 UTC
Cache-Control: no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Confluence-Request-Time: 1697032431875
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Location: /login.action?os_destination=%2Findex.action&permissionViolation=true
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Set-Cookie: JSESSIONID=FD2CA9E2B09E9FEE2EC126FA48BF694B; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:20:50.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            },
            {
               "product" : "Confluence",
               "productvendor" : "Atlassian"
            }
         ],
         "headermd5" : "2dc1e159d50343e36aa92b49adbad2ef",
         "headermmh3" : 1432458827
      },
      "length" : 620
   },
   "asn" : "AS9009",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:20:50 UTC\r\nCache-Control: no-store\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nX-Confluence-Request-Time: 1697032431875\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'\r\nLocation: /login.action?os_destination=%2Findex.action&permissionViolation=true\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Length: 0\r\nSet-Cookie: JSESSIONID=FD2CA9E2B09E9FEE2EC126FA48BF694B; Path=/; Secure; HttpOnly\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\n\r\n",
   "datamd5" : "1625694c587cd601197fb35f20511ece",
   "datammh3" : 1837928346,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "194.in-addr.arpa"
   ],
   "host" : [
      117
   ],
   "hostname" : [
      "117.27.68.194.in-addr.arpa"
   ],
   "ip" : "194.68.27.117",
   "ipv6" : "false",
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "M247 Europe SRL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4899,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "117.27.68.194.in-addr.arpa"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "27.68.194.in-addr.arpa",
      "68.194.in-addr.arpa"
   ],
   "subnet" : "194.68.26.0/23",
   "tld" : [
      "in-addr.arpa"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 121.90.244.46:4899 (tcp/http) - last seen on 2024-11-07 at 03:55:24 UTC

    • IP
      121.90.244.46
      Network
      121.90.0.0/16
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://121.90.244.46:4899/ 302

      ASN
      AS9500
      Organization
      One New Zealand Group Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      bb5484d295ad177a072b581f09f97211
      HTTP Header MD5
      52c24bc23f0be06295973a532cd0c1a6
      HTTP Body MD5
      edf370a2290dcd9534df4ff52bf328e7 
    • HTTP/1.1 302 Moved temporarily
Date: Thu Nov 07 03:55:23 2024
Server: 3S_WebServer
Last-modified: Thu Nov 07 03:55:23 2024
Cache-Control: must-revalidate
Content-length: 11
Content-type: text/html
Location: webvisu.htm

webvisu.htm
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:55:24.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "edf370a2290dcd9534df4ff52bf328e7",
         "bodymmh3" : -1028054168,
         "header" : [
            {
               "value" : "Thu Nov 07 03:55:23 2024",
               "name" : "Last-modified"
            }
         ],
         "headermd5" : "52c24bc23f0be06295973a532cd0c1a6",
         "headermmh3" : 1199643557
      },
      "length" : 240
   },
   "asn" : "AS9500",
   "city" : "Christchurch",
   "country" : "NZ",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved temporarily\r\nDate: Thu Nov 07 03:55:23 2024\r\nServer: 3S_WebServer\r\nLast-modified: Thu Nov 07 03:55:23 2024\r\nCache-Control: must-revalidate\r\nContent-length: 11\r\nContent-type: text/html\r\nLocation: webvisu.htm\r\n\r\nwebvisu.htm",
   "datamd5" : "bb5484d295ad177a072b581f09f97211",
   "datammh3" : 1451230687,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9500",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "NZ",
      "countryname" : "New Zealand",
      "domain" : [
         "one.nz",
         "vodafone.com",
         "vodafone.nz"
      ],
      "isineu" : "false",
      "latitude" : "-40.900557",
      "location" : "-40.900557,174.885971",
      "longitude" : "174.885971",
      "netname" : "ONENZ-NZ",
      "organization" : "One New Zealand Group Limited",
      "subnet" : "121.90.0.0/16"
   },
   "ip" : "121.90.244.46",
   "ipv6" : "false",
   "latitude" : "-43.5551",
   "location" : "-43.5551,172.6178",
   "longitude" : "172.6178",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "One New Zealand Group Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4899,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "121.90.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 85.113.70.116:4899 (tcp/http) - last seen on 2024-11-07 at 03:45:29 UTC

    • IP
      85.113.70.116
      Network
      85.113.70.0/24
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://85.113.70.116:4899/ 302

      HTTP Title
      302 Found
      ASN
      AS3258
      Organization
      xTom Japan Co., Ltd.
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Server Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      3b3451a169cde2295b99f9d0d0f06d5b
      HTTP Header MD5
      87366acd3126b9318804da42bd42d33f
      HTTP Body MD5
      08ab8b0790c65a7cd15bf0248dc0c112 
    • HTTP/1.1 302 Found
Date: Thu, 07 Nov 2024 03:45:29 UTC
Server: server
X-XSS-Protection: 1; mode=block
X-Frame-Options: SameOrigin
X-Content-Type-Options: nosniff
Location: https://<ip>:4899/mifs/user/index.html
Content-Length: 288
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://<ip>:4899/mifs/user/index.html">here</a>.</p>
<hr>
<address>server Server at <ip> Port 4899</address>
</body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:45:29.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "08ab8b0790c65a7cd15bf0248dc0c112",
         "bodymmh3" : 354211964,
         "headermd5" : "87366acd3126b9318804da42bd42d33f",
         "headermmh3" : 1590716672,
         "title" : "302 Found"
      },
      "length" : 582
   },
   "asn" : "AS3258",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 03:45:29 UTC\r\nServer: server\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: SameOrigin\r\nX-Content-Type-Options: nosniff\r\nLocation: https://<ip>:4899/mifs/user/index.html\r\nContent-Length: 288\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>302 Found</title>\n</head><body>\n<h1>Found</h1>\n<p>The document has moved <a href=\"https://<ip>:4899/mifs/user/index.html\">here</a>.</p>\n<hr>\n<address>server Server at <ip> Port 4899</address>\n</body></html>",
   "datamd5" : "3b3451a169cde2295b99f9d0d0f06d5b",
   "datammh3" : 2061714653,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "85.113.70.116",
   "ipv6" : "false",
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "xTom Japan Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4899,
   "product" : "Server",
   "productvendor" : "Server",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "85.113.70.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 160.124.138.215:4899 (tcp/http) - last seen on 2024-11-07 at 03:18:23 UTC

    • IP
      160.124.138.215
      Network
      160.124.0.0/16
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://160.124.138.215:4899/ 302

      HTTP Title
      302 Found
      ASN
      AS132839
      Organization
      POWER LINE DATACENTER
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      fec523b9aa4f35bf1e9de0046045ced3
      HTTP Header MD5
      d7becab03a8905d978f0985d2d16182f
      HTTP Body MD5
      29b5f7615598c74df0019844c163d80c 
    • HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 07 Nov 2024 03:18:23 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://<ip>/
Strict-Transport-Security: max-age=31536000

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:18:23.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "29b5f7615598c74df0019844c163d80c",
         "bodymmh3" : -23674247,
         "headermd5" : "d7becab03a8905d978f0985d2d16182f",
         "headermmh3" : -2117492965,
         "title" : "302 Found"
      },
      "length" : 359
   },
   "asn" : "AS132839",
   "country" : "ZA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:18:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 138\r\nConnection: close\r\nLocation: https://<ip>/\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "fec523b9aa4f35bf1e9de0046045ced3",
   "datammh3" : 576449098,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS132839",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "ZA",
      "countryname" : "South Africa",
      "isineu" : "false",
      "latitude" : "-30.559482",
      "location" : "-30.559482,22.937506",
      "longitude" : "22.937506",
      "netname" : "POSIX-AFRICA",
      "organization" : "Posix Systems (Pty) Ltd",
      "subnet" : "160.124.0.0/16"
   },
   "ip" : "160.124.138.215",
   "ipv6" : "false",
   "latitude" : "-28.9984",
   "location" : "-28.9984,23.9888",
   "longitude" : "23.9888",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "POWER LINE DATACENTER",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4899,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "160.124.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 45.15.21.106:4899 (tcp/http) - last seen on 2024-11-07 at 03:17:54 UTC

    • IP
      45.15.21.106
      Network
      45.15.20.0/22
      Domain(s)
      v9ks2n.cn
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://45.15.21.106:4899/ 302

      Reverse DNS
      v9ks2n.cn
      ASN
      AS9009
      Organization
      M247 Europe SRL
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      HTTP Component(s)
      Oracle Java Atlassian Confluence
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      1625694c587cd601197fb35f20511ece
      HTTP Header MD5
      2dc1e159d50343e36aa92b49adbad2ef
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e
      Favicon MD5
      966e60f8eb85b7ea43a7b0095f3e2336
      Favicon MMH3
      -305179312 
    • HTTP/1.1 302 Found
Server: nginx
Date: Thu, 07 Nov 2024 01:50:51 UTC
Cache-Control: no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Confluence-Request-Time: 1697032431875
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Location: /login.action?os_destination=%2Findex.action&permissionViolation=true
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Set-Cookie: JSESSIONID=FD2CA9E2B09E9FEE2EC126FA48BF694B; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:17:54.000Z",
   "app" : {
      "favicon" : {
         "image" : "AAABAAMAMDAAAAEAIACCCAAANgAAACAgAAABACAAYQUAALgIAAAQEAAAAQAgAIoCAAAZDgAAiVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAISUlEQVRoga2ZeZAU9RXHP98fuxyCCMu1CCoKGUzAaBUm0ZSlMRVTieYwXsHgVSYYTRmNROORFY9MFE80xiiJ4gkqpZaJ0RyWpiqJFQ9MUigeGxCPdVlQBAQVhJ1v/uiZ2e6Z7tnZYV9V19Tv9ev33ve97+v+dY+oJUctFSAe3r9Q066fZPjsVdOEDkX8Swr/3rBgd/d2jTLPHLV0CPBDYF/gMeAJHt5/Y79lWyG7nPbmePD9kg4GvaGgmyXd8f5vJq6rdV0tAN8A7geGStoi6RmkOyQ91r1kv5pOG5ERp781V3ApkiQh1I30TwXNk8KT7/5q3La6AejoFwYC9yAdJwAJRcc2pBck3Snp958snt7VH8m3/KhjBvAIaGIUpxgTIWkj0iIFzV8zf8yKugCEY/9zIPCopFGKvPU4jY7tSC9JulvSg1Lo+OiuXK98TZNRZ3YOwyxEHFtMuBgHemILSa8SNF/SfZ3XjNyUCaD5+BflQuEG4KweZz0g4jpJBaTXJC2S9ICklZtun1w3kDFndQXb5whdgRhY9p0N5BNJf1HQVVJ45q0rh3WnAZgK/FloEsWLewMCsqRVCloi6T5JL29YsMf2WsmPPXtNAE4A5oNaeuJUVb4MJKZbK+l3Crq1CsCgWcsvBK4oV5mY04SuAkhZpy5Jf1XQQ5KeBd5dd/OExG143E/WjgV+APopoiXpM+abRLejPHp0BUlPJwAMPvGVVuBPwH4J9FRUJ0uXBLdF0kopPI/0YgSMZtBUpK8K9kVqShnaGBBSdAlwG5viAKTwNYnpVCQXb2kVrbLBDUaaJjGtqHPxfOkn5rNUZVJ0mUC6BQvLAIae8r+dgVmIpkqaJJzVAJfN4SjvVF6nVD4TCIniPYt9fRmAgg4CHZgyoD1Oq2gSA9KLrg8DGotDzGcCxGbg2vaLQ0cTwPDZq5qxZ4GGVt2+KrqRMrS1OVwFrq4BjcUhkXxRFhFtb2gqIhqBtG99QxsDktb6rMrXO6BUMqBK/gtc3d6mT8oAgPUhhCVIEySNrI/XWZXv44AmeV2ueIasAy5ub9PrJUUA2PjbSdulMC8oHKEQFiiErjAgEAYEFAIhDIiOhK6kr9apaNujC0XdgPI60oWyTiGUQWTIVmAe8HhcWWU95sddTUjTJZ2ooGMk7aZiafvO6ySHU4YxK9lK6QZuAi5qb9PHNQGUpPWc9wJSTtL3JB0vabJUAaQODvcyjPUmfzvws/Y2Vb2P9Opt1/PWSwp7SvqupBMk7Y0UMjmcBa4x2QrcClySlnxdAOKy+0WbJ0rhaEknSfos8a1A5YBGyBpNHOA9Is7f0t6mj7KMGoqw59wtY6VweJFeByDt3ACvs6QbeBr4BfBUe5tqvo/vULQpl20fJulzkr6N9BVgCjCoQXfbgZeBhcDi9ja9W89FO1wugKm/tGzGATOAQ4DPE4EZRQQoK84WYDXwAvAo8ER7m1b3JXa/AKiUXN5DgFZgUvGYALQQgekGNgLvACuBdqCzvU2pL+29ScMAcnk3AeOATxFVewIwgujpvhVYX0zyTeANoKvyHt4f0mcAubxHA18GvkVElQnAkAxfJgKzDlgBPAf8HVgKrO1tQOuRugHk8h4BHAvMJvrYNbDBmFuJwDxp+xHbz6+YO2Bzg756B5DLW8CBwFyiyjc3Gqwktku/m7Cftb3Y9uOvXzZwTV991QSQy3sgcApwCbBrA7kmxDbYOFrE19ttL8O+x/aDb+SHdNTrMxNALu+hwAXAHGCnHcg6kXAieUz0U14XbF61fa/tB7BXvT1v55rfmVIB5PLeCbgMOJsGKROjSSzBeBcMjtYp54y90vb9thfZtHdeMyJ14KsA5PJuBn4OXEgDg5pKk4pKp1CoyrZ4zsZvYz/oiF4vdV0/OvHBLA3AbGA+MLShxGPVTKdJrS7EbCn5K6+7bP/B9p3YS9feGH2tTgDI5X0IsJh6B7ZYvbSEMoa1hm1snexCpe1645tccP69X4/fFmLJ7wrk60k+qliBgo0LheiwcaFnXTpXKBRSbAs9ti5QKK7LtoWatiNd8EzwaCi+1OfyHkA0sAf1lviOVDadJhm21RTqWePlRFuV8leJLwHfr0WTBgYwlRapg03JX9w2g1J4K2bR+7dM3ALQlMt7FHAe0dY3We14ZfsygDs2rL10gaXAU6U8m4AzgEN3jCaJypbugErvQp3Dmt6VArB4w4I91scBnIY9MJMmvbYesLvBy2yeAL9qsw271fY+tmdgTzEelJZ8VhfKtuVzBngN88c4U5psL7M9ATv08WlZOreB6LmxoOOq4YnN2Pg564JhLPYXbB9t+zDs1j4Ma2UXHvrgtr3eisfQlMu7W23Pxj7D9vg+dmGDYY7g7o6rd+mmhow9e22z7c9gH2/7ONuTwKqudCaFOoGvb7p98rIEAIDJl24LLhRm2D7f9hHA4DoGcBtwMXDNOxn7lDQZfebqYHsv2zOxZ9nOGYc6unAb4vTNC6ckCpV4Ek9q+3io7WOwz7U9zVjZQ8XDwCmd1/b85dkXaTmjQ7Z3s32MXTgRM912UylORfIfgI/88M7c3yr9pO5Gd79w8yTbZ9k+GbvF1RTqBL6z+rpRzzWSfKUMn72qFftI2ydHQ09zRRceBWZ+dNfUqg9cme8DE8//oMn2wbYvwD7UdlOMUpcTwqVd17W4PwCUZNipK0bZPhz7VNsH2AwuPrhO+vievZekXdP7t9Fz3x9p+4RiRyZjngZmrrlhzDv9mXxcdjr5tV1sH2b7m8ArmJu23PvpD9Ns63qpb52zTi4U9gF/0eYfa28cu7xfM86QQbOWB2xvXTw9s9P/ByyJE7YSazbXAAAAAElFTkSuQmCCiVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAFKElEQVRYhZ2We4icZxXGf8+Z3aStuk3S3aRNYm3iurSxSBWpQikIEUVSSFNrQ6Xb1HhLkXYptiq4GINbCVYxitHiSi60EdJCItj8kShFSCo1ijZEY7uJtZdkm6sm0mA3u3Me/5jLTuaWsQdeZub73nN+z3Pe733nE/Vxx5+uAPqBV9nx4XMN9/+PuPKLr3wSsVyKrYWuwv4zGxe4fk40yRsEdkvaHp/5y12FlQdmvR347DWvXaNCrIso3B+F2C7p4b4Hj/fWz9NFau78c69hl6SbJSFpQhH7I2KTFM+89eQNpzuB9z14QsWpqW9JrJUkKUAqRug5RayPiN+Of3/OZIOAwsoDdwu2SJohCSIoC5mMiBek2KLQr97c1D/eTkDvA28sBbZJmieVa4TKteKcIrZFaMPr63sOVwXM+Oxfr8A8hVgmRU2CqClSlOKQQr+MiJ1I//j3z949VQufO3TyFuBxSTfWgaFSL4QUL0bET6oCLrvn0FLQDoV66sHUiwlZ0lFF7A3FXoX+KUU30i2Ce5AW1oCmc+t/S2cF8I77xgq2f460us5xsy5c7Kgk5oIUIam7BQhNL2c5LyzY0gWgiBsFn6px2AAm6oRMgyRpZjMwbboAHBB8twsgCoXlQtcoNL1OTRy3amU7UG0XKrWB88D3xoZ1pCQgCmcU+o+knrZFqgLbgxrarYs2G8BmYAdAWUCMKnRQEZ8LxTKF+miAdOAw6n43j93Ao2PDmmg4B+YOneyWdFNErFLECoXmNwPTyjFAazDAc8Dnx4b1UuVC09kLHjlbkLREEYOKuEvStaVnrQ7cusX1YWAPMFQLbymgEu/55vmQ4n2KWBmhO6W4XlJ3h9BKnAU2UXroTtTf7KhK/7pJobha0sck3QZ8BFgIzGyRksAp4FlgFNg3NqzJZhM7tlGJgRHPKMNvKI/rgF7gMmACGAcOAvuBsbFhXWhX75ICBkbcDbwXuBn4ADC/BnYaeBV4ETgEHL0UsGMBAyMuAB8FvgR8HLia5u8PlMUcBf6A/Yzt39k+fmRtV8MLSEcCBkbcCzxUhje8RLQK29ietP2SM5+2vd3Ow6985/LsWMDAiBcBG4DbaO24loqr8IR0RYhtv2bn004/Yftvr69/V7GtgDJ8FFjaiVtchVVH47XE6XHbO5251fYLb/xgTnVHVAUMjPgq4BfA7W8HXLqepe/ZUtApZ+6yvdnO50/+aN6FKMO7gK8By9uBM7NmFMni9HCxSBazNGrn1I5isS8z78vMXzt9P5T/jIBlwJr6JSmtb1tHje5rOtB8boLdYzMXoGtgxNcC3wB6Ol/fvCSI2nm110s5p4CdlQ48TOmQaeEym4Emy095t23RGtRCFHsQB0oC7E8bouQo27TY2D5mvA2zz85JpxfZvtXOW51eYFtt3Zc+z2O2nRu9bhKgK+1vO3PI9vubui+3GnwIWJOZ+8Yfm1094eY9dHoUu9+ZK9J5t+0l2AVnS/e/B/ZdtA0Xr51Y7PSQnYNOz26i/CQweOyxWXvabdGrvjI+384VTq+y86byEtWamsJ84c3N/VsrOQHw8rqZL2fmVzO9MjOfzcypytZxFsnMx41/0w4OcGbj/PF//XThRjuXOf3lzNybxZwobc8iWcyDmbm7NqfhKF749XNznL43Mx+wvRj7j8CK4z/sPXYpAfXxztVHZtn+hDNX2/4g5tH/PnH9j9sKAFjwyFkVi1MfcnoVsOvEhr7dzeZ1GpcP/v1KwyLsw289ueR87b3/AaPHxyTsnFoAAAAAAElFTkSuQmCCiVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAACUUlEQVQ4jW2SXWgOYBTH/+ecZ1NrvjJlkvkoayWyJm7kxgVWLpZWhFgpZW6krLxFuJjU3LhQ8hFR2lZa+bqdhEZpIS2LppnPFtbS23v+x8X7sXc49dyc//P7nafTIwCAlmcJwH5RnTCzvtyt1T/wn5pzYGSniLSapc6KysqnY13zQgDAWl80AHigqvM1pYdm6Yolu//r0vLxIlxzaKwOgR5RaVKzEUvpvFm6JgAwY9frjIicUlWoGtQ0q2bPLKVus/REzKoEOCwizWIGVYWa5tRsQKrb3tYh0Ceqq9RKAkheFmo2oaqmplVTWV4iIreTpVQvorU6ZS6TmKjpTNViZpA8CBEZBJBJqtZvyXZoSm1maYuazv0bUNUSWKhRAEeHMvKq1Fl4ZLxSzdZaSnvNbKua1YqqlEEAEAAGAXQMZeQ+AExLAWDZ8axZSitFpBnAOgDzC+AXAP0AeocyMlK8P02w4nQsAtACYCOABYX8K4CnEXGH7i+HT1R4OSNl8CYAZwCsmSaOQEQEyTG633X3q0Ef+NA5K1sSFOBLABZPcZE/dNAJkggSpI/Tec89d5nuj2TF6agHcBNAYwlkHshDecE/PfJbMPYkACeBaAxG2RSC5GSQTno1nRKc9goE4zOANynIWpI50lNxUkTcjYiuICfdfT3dt9O9iWRlYToioufnxaXvkufD3XRvp/sSRjwX4ODo2TnvC+t4XNP+8aq7b6b7PrpvCPJ7AN2lJdYdm5RcNruW9I5g9H46V3Pj7/8BANVtw7NJ3xbk7Ii48Pt6Q+4P/3tTTDJ3gjcAAAAASUVORK5CYII=",
         "imagemd5" : "966e60f8eb85b7ea43a7b0095f3e2336",
         "imagemmh3" : -305179312,
         "length" : 4259,
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            },
            {
               "productvendor" : "Atlassian",
               "product" : "Confluence"
            }
         ],
         "headermd5" : "2dc1e159d50343e36aa92b49adbad2ef",
         "headermmh3" : -136762667
      },
      "length" : 620
   },
   "asn" : "AS9009",
   "city" : "New York",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 01:50:51 UTC\r\nCache-Control: no-store\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nX-Confluence-Request-Time: 1697032431875\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'\r\nLocation: /login.action?os_destination=%2Findex.action&permissionViolation=true\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Length: 0\r\nSet-Cookie: JSESSIONID=FD2CA9E2B09E9FEE2EC126FA48BF694B; Path=/; Secure; HttpOnly\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\n\r\n",
   "datamd5" : "1625694c587cd601197fb35f20511ece",
   "datammh3" : 1837928346,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "v9ks2n.cn"
   ],
   "geolocus" : {
      "asn" : "AS55933",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "apnic.net"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "IANA-NETBLOCK-45",
      "organization" : "This network range is not fully allocated to APNIC.",
      "subnet" : "45.0.0.0/8"
   },
   "hostname" : [
      "v9ks2n.cn"
   ],
   "ip" : "45.15.21.106",
   "ipv6" : "false",
   "latitude" : "40.7123",
   "location" : "40.7123,-74.0068",
   "longitude" : "-74.0068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "M247 Europe SRL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4899,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "v9ks2n.cn"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "45.15.20.0/22",
   "tld" : [
      "cn"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 88.120.200.184:4899 (tcp/http) - last seen on 2024-11-07 at 02:17:29 UTC

    • IP
      88.120.200.184
      Network
      88.120.0.0/13
      Domain(s)
      proxad.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://88.120.200.184:4899/ 302

      Reverse DNS
      88-120-200-184.subs.proxad.net
      ASN
      AS12322
      Organization
      Free SAS
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      6220986d5201ab6b04924ee035f7fcd4
      HTTP Header MD5
      d4757ef5cd6ea4af2ab354870c866926
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Server: nginx
Date: Thu, 07 Nov 2024 02:17:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Location: /login.php
Expires: Thu, 07 Nov 2024 02:17:28 GMT
Cache-Control: no-cache
Cache-Control: must-revalidate,no-store


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T02:17:29.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "headermd5" : "d4757ef5cd6ea4af2ab354870c866926",
         "headermmh3" : 403178175
      },
      "length" : 280
   },
   "asn" : "AS12322",
   "city" : "Firminy",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 02:17:29 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 0\r\nConnection: close\r\nLocation: /login.php\r\nExpires: Thu, 07 Nov 2024 02:17:28 GMT\r\nCache-Control: no-cache\r\nCache-Control: must-revalidate,no-store\r\n\r\n",
   "datamd5" : "6220986d5201ab6b04924ee035f7fcd4",
   "datammh3" : 361589339,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "proxad.net"
   ],
   "geolocus" : {
      "asn" : "AS12322",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "proxad.net"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "TISCALI-FRANCE",
      "organization" : "Free SAS",
      "subnet" : "88.120.128.0/17"
   },
   "host" : [
      "88-120-200-184"
   ],
   "hostname" : [
      "88-120-200-184.subs.proxad.net"
   ],
   "ip" : "88.120.200.184",
   "ipv6" : "false",
   "latitude" : "45.3838",
   "location" : "45.3838,4.2920",
   "longitude" : "4.2920",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Free SAS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4899,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "88-120-200-184.subs.proxad.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "subs.proxad.net"
   ],
   "subnet" : "88.120.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 82.219.26.70:4899 (tcp/http) - last seen on 2024-11-07 at 01:51:16 UTC

    • IP
      82.219.26.70
      Network
      82.219.0.0/16
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://82.219.26.70:4899/ 302

      ASN
      AS30740
      Organization
      Exa Networks Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      1aa77f9111ec2daf287d90bb16315fd5
      HTTP Header MD5
      48d2668b10bb47f62303ac81b5672524
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Location: https://captive.surfprotect.co.uk/backend/auto-sign-in?continue=http://<ip>/
Date: 2024-11-07 01:51:16 PST
Server: lachesis
Last-Modified: 2024-11-07 01:51:16 PST
Content-Length: 0
Cache-Control: private
Content-Type: html


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T01:51:16.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "surfprotect.co.uk"
         ],
         "hostname" : [
            "captive.surfprotect.co.uk"
         ],
         "url" : [
            "https://captive.surfprotect.co.uk/backend/auto-sign-in?continue=http://"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "2024-11-07 01:51:16 PST"
            }
         ],
         "headermd5" : "48d2668b10bb47f62303ac81b5672524",
         "headermmh3" : 1332027717
      },
      "length" : 253
   },
   "asn" : "AS30740",
   "city" : "Walsall",
   "country" : "GB",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\nLocation: https://captive.surfprotect.co.uk/backend/auto-sign-in?continue=http://<ip>/\nDate: 2024-11-07 01:51:16 PST\nServer: lachesis\nLast-Modified: 2024-11-07 01:51:16 PST\nContent-Length: 0\nCache-Control: private\nContent-Type: html\n\n",
   "datamd5" : "1aa77f9111ec2daf287d90bb16315fd5",
   "datammh3" : -105778913,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "82.219.26.70",
   "ipv6" : "false",
   "latitude" : "52.5876",
   "location" : "52.5876,-1.9828",
   "longitude" : "-1.9828",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Exa Networks Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4899,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "82.219.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 45.15.21.106:4899 (tcp/http) - last seen on 2024-11-07 at 01:50:51 UTC

    • IP
      45.15.21.106
      Network
      45.15.20.0/22
      Domain(s)
      v9ks2n.cn
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://45.15.21.106:4899/ 302

      Reverse DNS
      v9ks2n.cn
      ASN
      AS9009
      Organization
      M247 Europe SRL
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      HTTP Component(s)
      Atlassian Confluence Oracle Java
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      1625694c587cd601197fb35f20511ece
      HTTP Header MD5
      2dc1e159d50343e36aa92b49adbad2ef
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Server: nginx
Date: Thu, 07 Nov 2024 01:50:51 UTC
Cache-Control: no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Confluence-Request-Time: 1697032431875
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Location: /login.action?os_destination=%2Findex.action&permissionViolation=true
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Set-Cookie: JSESSIONID=FD2CA9E2B09E9FEE2EC126FA48BF694B; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T01:50:51.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            },
            {
               "product" : "Confluence",
               "productvendor" : "Atlassian"
            }
         ],
         "headermd5" : "2dc1e159d50343e36aa92b49adbad2ef",
         "headermmh3" : -136762667
      },
      "length" : 620
   },
   "asn" : "AS9009",
   "city" : "New York",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 01:50:51 UTC\r\nCache-Control: no-store\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nX-Confluence-Request-Time: 1697032431875\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'\r\nLocation: /login.action?os_destination=%2Findex.action&permissionViolation=true\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Length: 0\r\nSet-Cookie: JSESSIONID=FD2CA9E2B09E9FEE2EC126FA48BF694B; Path=/; Secure; HttpOnly\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\n\r\n",
   "datamd5" : "1625694c587cd601197fb35f20511ece",
   "datammh3" : 1837928346,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "v9ks2n.cn"
   ],
   "geolocus" : {
      "asn" : "AS55933",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "apnic.net"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "IANA-NETBLOCK-45",
      "organization" : "This network range is not fully allocated to APNIC.",
      "subnet" : "45.0.0.0/8"
   },
   "hostname" : [
      "v9ks2n.cn"
   ],
   "ip" : "45.15.21.106",
   "ipv6" : "false",
   "latitude" : "40.7123",
   "location" : "40.7123,-74.0068",
   "longitude" : "-74.0068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "M247 Europe SRL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4899,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "v9ks2n.cn"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "45.15.20.0/22",
   "tld" : [
      "cn"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}