Cyber Defense Search Engine

IP
76.190.75.213

Network
76.190.0.0/16

Domain(s)
spectrum.com

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://76.190.75.213:58603/ 302

HTTP Title
302 Found

Reverse DNS
syn-076-190-075-213.biz.spectrum.com

ASN
AS10796

Organization
TWC-10796-MIDWEST

Protocol
http

Source
urlscan::redirect
Operating System
Microsoft Windows

Product
Apache HTTP Server 2.4.59

HTTP Component(s)
PHP PHP 8.2.18 OpenSSL OpenSSL 3.1.5 Apache mod_fcgid 2.3.10

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
469875669f32bca7b68bfef207da81d8

HTTP Header MD5
36ada1bfe21a9aaa7ab75ccb839b8943

HTTP Body MD5
80a2a799c54de69f47f467b8044e8903

HTTP/1.1 302 Found
Date: Thu, 07 Nov 2024 05:18:06 GMT
Server: Apache/2.4.59 (Win64) OpenSSL/3.1.5 PHP/8.2.18 mod_fcgid/2.3.10-dev
Location: https://<ip>:58603/
Content-Length: 339
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://<ip>:58603/">here</a>.</p>
<hr>
<address>Apache/2.4.59 (Win64) OpenSSL/3.1.5 PHP/8.2.18 mod_fcgid/2.3.10-dev Server at <ip> Port 58603</address>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:18:08.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "80a2a799c54de69f47f467b8044e8903",
         "bodymmh3" : -557653814,
         "component" : [
            {
               "productversion" : "3.1.5",
               "productvendor" : "OpenSSL",
               "product" : "OpenSSL"
            },
            {
               "product" : "mod_fcgid",
               "productversion" : "2.3.10",
               "productvendor" : "Apache"
            },
            {
               "productvendor" : "PHP",
               "productversion" : "8.2.18",
               "product" : "PHP"
            }
         ],
         "headermd5" : "36ada1bfe21a9aaa7ab75ccb839b8943",
         "headermmh3" : 789913783,
         "title" : "302 Found"
      },
      "length" : 573
   },
   "asn" : "AS10796",
   "city" : "Cincinnati",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 05:18:06 GMT\r\nServer: Apache/2.4.59 (Win64) OpenSSL/3.1.5 PHP/8.2.18 mod_fcgid/2.3.10-dev\r\nLocation: https://<ip>:58603/\r\nContent-Length: 339\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>302 Found</title>\n</head><body>\n<h1>Found</h1>\n<p>The document has moved <a href=\"https://<ip>:58603/\">here</a>.</p>\n<hr>\n<address>Apache/2.4.59 (Win64) OpenSSL/3.1.5 PHP/8.2.18 mod_fcgid/2.3.10-dev Server at <ip> Port 58603</address>\n</body></html>\n",
   "datamd5" : "469875669f32bca7b68bfef207da81d8",
   "datammh3" : -1297073645,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "spectrum.com"
   ],
   "forward" : "76.190.75.213",
   "geolocus" : {
      "asn" : "AS10796",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "charter.com",
         "charter.net",
         "spectrum.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "RRACI",
      "organization" : "Charter Communications Inc",
      "subnet" : "76.190.0.0/16"
   },
   "host" : [
      "syn-076-190-075-213"
   ],
   "hostname" : [
      "76.190.75.213",
      "syn-076-190-075-213.biz.spectrum.com"
   ],
   "ip" : "76.190.75.213",
   "ipv6" : "false",
   "latitude" : "39.1408",
   "location" : "39.1408,-84.4710",
   "longitude" : "-84.4710",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TWC-10796-MIDWEST",
   "os" : "Windows",
   "osbits" : 64,
   "osvendor" : "Microsoft",
   "port" : 58603,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.59",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "syn-076-190-075-213.biz.spectrum.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 302,
   "subdomains" : [
      "biz.spectrum.com"
   ],
   "subnet" : "76.190.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
202.91.210.202

Network
202.91.208.0/20

Domain(s)
amigo2.ne.jp

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://202.91.210.202:58603/ 302

Reverse DNS
host-202-91-210-202.amigo2.ne.jp

ASN
AS9351

Organization
ZTV CO.,LTD

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
8a78c1897cba4e83bbd36518e1f605d6

HTTP Header MD5
2795c45036388768f0107eebcae6bbbb

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
X-UA-Compatible: requiresActiveX=true
Set-Cookie: DATA1=-1
Set-Cookie: DATA1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Location: http://<ip>:58603/uwa
Content-type: text/html; charset=UTF-8
Content-Length: 0
Connection: close
Date: Thu, 07 Nov 2024 05:12:30 GMT

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:12:12.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "headermd5" : "2795c45036388768f0107eebcae6bbbb",
         "headermmh3" : -706387554
      },
      "length" : 308
   },
   "asn" : "AS9351",
   "city" : "Shima",
   "country" : "JP",
   "data" : "HTTP/1.1 302 Found\r\nX-UA-Compatible: requiresActiveX=true\r\nSet-Cookie: DATA1=-1\r\nSet-Cookie: DATA1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\r\nLocation: http://<ip>:58603/uwa\r\nContent-type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:12:30 GMT\r\n\r\n",
   "datamd5" : "8a78c1897cba4e83bbd36518e1f605d6",
   "datammh3" : 955874049,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amigo2.ne.jp"
   ],
   "geolocus" : {
      "asn" : "AS9351",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "amigo2.ne.jp",
         "nic.ad.jp",
         "ztv.co.jp"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "ZTV",
      "organization" : "ZTV CO.,LTD",
      "subnet" : "202.91.208.0/20"
   },
   "host" : [
      "host-202-91-210-202"
   ],
   "hostname" : [
      "host-202-91-210-202.amigo2.ne.jp"
   ],
   "ip" : "202.91.210.202",
   "ipv6" : "false",
   "latitude" : "34.4609",
   "location" : "34.4609,136.8654",
   "longitude" : "136.8654",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ZTV CO.,LTD",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 58603,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "host-202-91-210-202.amigo2.ne.jp"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "202.91.208.0/20",
   "tld" : [
      "ne.jp"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
59.75.38.61

Network
59.64.0.0/12

Device

<enterprise field>: device.class

URL

http://59.75.38.61:58603/ 302

ASN
AS4538

Organization
China Education and Research Network Center

Protocol
http

Source
datascan

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
96d7aced4477a5334c7de4616620bcc7

HTTP Header MD5
17494da67b263d49a356f29516833bab

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:11:47.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.254.3"
         ],
         "url" : [
            "http://192.168.254.3"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "17494da67b263d49a356f29516833bab",
         "headermmh3" : 1664562682
      },
      "length" : 153
   },
   "asn" : "AS4538",
   "country" : "CN",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: DrcomServer1.0\r\nLocation: http://192.168.254.3\r\nCache-Control: no-cache\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "96d7aced4477a5334c7de4616620bcc7",
   "datammh3" : 1446480259,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cernet.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "XAR-CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "59.75.32.0/21"
   },
   "ip" : "59.75.38.61",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 58603,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "59.64.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
59.75.39.151

Network
59.64.0.0/12

Device

<enterprise field>: device.class

URL

http://59.75.39.151:58603/ 302

ASN
AS4538

Organization
China Education and Research Network Center

Protocol
http

Source
datascan

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
96d7aced4477a5334c7de4616620bcc7

HTTP Header MD5
17494da67b263d49a356f29516833bab

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T02:07:03.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.254.3"
         ],
         "url" : [
            "http://192.168.254.3"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "17494da67b263d49a356f29516833bab",
         "headermmh3" : 1664562682
      },
      "length" : 153
   },
   "asn" : "AS4538",
   "country" : "CN",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: DrcomServer1.0\r\nLocation: http://192.168.254.3\r\nCache-Control: no-cache\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "96d7aced4477a5334c7de4616620bcc7",
   "datammh3" : 1446480259,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cernet.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "XAR-CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "59.75.32.0/21"
   },
   "ip" : "59.75.39.151",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 58603,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "59.64.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
59.75.41.34

Network
59.64.0.0/12

Device

<enterprise field>: device.class

URL

http://59.75.41.34:58603/ 302

ASN
AS4538

Organization
China Education and Research Network Center

Protocol
http

Source
datascan

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
96d7aced4477a5334c7de4616620bcc7

HTTP Header MD5
17494da67b263d49a356f29516833bab

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T02:05:10.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.254.3"
         ],
         "url" : [
            "http://192.168.254.3"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "17494da67b263d49a356f29516833bab",
         "headermmh3" : 1664562682
      },
      "length" : 153
   },
   "asn" : "AS4538",
   "country" : "CN",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: DrcomServer1.0\r\nLocation: http://192.168.254.3\r\nCache-Control: no-cache\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "96d7aced4477a5334c7de4616620bcc7",
   "datammh3" : 1446480259,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cernet.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "XAR-CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "59.75.41.0/24"
   },
   "ip" : "59.75.41.34",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 58603,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "59.64.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
197.158.44.176

Network
197.158.0.0/18

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://197.158.44.176:58603/ 302

HTTP Title
Object moved

ASN
AS30619

Organization
Telecomunicacoes de Mocambique (TDM)

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft IIS 8.5

HTTP Component(s)
Microsoft ASP.NET 4.0.30319

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f835a2d3a3c0f303db5fa0668c1bbef2

HTTP Header MD5
b997f735bf7d901539f61375cda3d5be

HTTP Body MD5
95033559c42889e3f507a85446d38c26

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /programs/login.aspx?ReturnUrl=%2f
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 00:37:40 GMT
Connection: close
Content-Length: 151

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/programs/login.aspx?ReturnUrl=%2f">here</a>.</h2>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T00:37:42.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "95033559c42889e3f507a85446d38c26",
         "bodymmh3" : -1132440478,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "productversion" : "4.0.30319",
               "product" : "ASP.NET"
            }
         ],
         "headermd5" : "b997f735bf7d901539f61375cda3d5be",
         "headermmh3" : 606175474,
         "title" : "Object moved"
      },
      "length" : 439
   },
   "asn" : "AS30619",
   "city" : "Chimoio",
   "country" : "MZ",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nLocation: /programs/login.aspx?ReturnUrl=%2f\r\nServer: Microsoft-IIS/8.5\r\nX-AspNet-Version: 4.0.30319\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 00:37:40 GMT\r\nConnection: close\r\nContent-Length: 151\r\n\r\n<html><head><title>Object moved</title></head><body>\r\n<h2>Object moved to <a href=\"/programs/login.aspx?ReturnUrl=%2f\">here</a>.</h2>\r\n</body></html>\r\n",
   "datamd5" : "f835a2d3a3c0f303db5fa0668c1bbef2",
   "datammh3" : -1283995942,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS30619",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "MZ",
      "countryname" : "Mozambique",
      "isineu" : "false",
      "latitude" : "-18.665695",
      "location" : "-18.665695,35.529562",
      "longitude" : "35.529562",
      "netname" : "ADSL-NET-197-158-32-0",
      "organization" : "Route 197.158.32.0/20",
      "subnet" : "197.158.32.0/20"
   },
   "ip" : "197.158.44.176",
   "ipv6" : "false",
   "latitude" : "-19.1172",
   "location" : "-19.1172,33.4787",
   "longitude" : "33.4787",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Telecomunicacoes de Mocambique (TDM)",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2012",
      "8.1"
   ],
   "port" : 58603,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "8.5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "197.158.0.0/18",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
59.75.38.30

Network
59.64.0.0/12

Device

<enterprise field>: device.class

URL

http://59.75.38.30:58603/ 302

ASN
AS4538

Organization
China Education and Research Network Center

Protocol
http

Source
datascan

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
96d7aced4477a5334c7de4616620bcc7

HTTP Header MD5
17494da67b263d49a356f29516833bab

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T00:37:05.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.254.3"
         ],
         "url" : [
            "http://192.168.254.3"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "17494da67b263d49a356f29516833bab",
         "headermmh3" : 1664562682
      },
      "length" : 153
   },
   "asn" : "AS4538",
   "country" : "CN",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: DrcomServer1.0\r\nLocation: http://192.168.254.3\r\nCache-Control: no-cache\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "96d7aced4477a5334c7de4616620bcc7",
   "datammh3" : 1446480259,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cernet.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "XAR-CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "59.75.32.0/21"
   },
   "ip" : "59.75.38.30",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 58603,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "59.64.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
134.122.218.104

Network
134.122.192.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://134.122.218.104:58603/ 302

HTTP Title
302 Found

ASN
AS152194

Organization
CTG Server Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
fec523b9aa4f35bf1e9de0046045ced3

HTTP Header MD5
d7becab03a8905d978f0985d2d16182f

HTTP Body MD5
29b5f7615598c74df0019844c163d80c

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 06 Nov 2024 23:05:15 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://<ip>/
Strict-Transport-Security: max-age=31536000

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T23:05:16.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "29b5f7615598c74df0019844c163d80c",
         "bodymmh3" : -23674247,
         "headermd5" : "d7becab03a8905d978f0985d2d16182f",
         "headermmh3" : 901577746,
         "title" : "302 Found"
      },
      "length" : 359
   },
   "asn" : "AS152194",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 06 Nov 2024 23:05:15 GMT\r\nContent-Type: text/html\r\nContent-Length: 138\r\nConnection: close\r\nLocation: https://<ip>/\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "fec523b9aa4f35bf1e9de0046045ced3",
   "datammh3" : 576449098,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "BGP192-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "134.122.208.0/20"
   },
   "ip" : "134.122.218.104",
   "ipv6" : "false",
   "latitude" : "35.6974",
   "location" : "35.6974,139.7705",
   "longitude" : "139.7705",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 58603,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "134.122.192.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
112.78.185.150

Network
112.78.184.0/23

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://112.78.185.150:58603/ 302

HTTP Title
Object moved

ASN
AS17451

Organization
BIZNET NETWORKS

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft IIS 10.0

HTTP Component(s)
Microsoft ASP.NET 4.0.30319

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
fd01bc0eb333e9a0f88b734139dd0f67

HTTP Header MD5
dcecdb5df4d1efaec8c66b5ae58078bb

HTTP Body MD5
e7a6f980ae4f38f12fb49ddf922bf0f1

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://<ip>/login.aspx?ReturnUrl=%2f
Server: Microsoft-IIS/10.0
Set-Cookie: .ASPXANONYMOUS=U03PejFn2wEkAAAANTM4ZWRiNWYtYzczZS00M2Q4LWE4ZTQtMTZjYTg1Yzc3NTg10; expires=Wed, 15-Jan-2025 09:40:14 GMT; path=/; HttpOnly
Set-Cookie: ASP.NET_SessionId=0qyhxxdjnklohjbrsfk1ydfk; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
Set-Cookie: .ASPXANONYMOUS=U03PejFn2wEkAAAANTM4ZWRiNWYtYzczZS00M2Q4LWE4ZTQtMTZjYTg1Yzc3NTg10; expires=Wed, 15-Jan-2025 09:40:14 GMT; path=/; HttpOnly
Set-Cookie: ASP.NET_SessionId=0qyhxxdjnklohjbrsfk1ydfk; path=/; HttpOnly; SameSite=Lax
Set-Cookie: language=en-US; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Wed, 06 Nov 2024 23:00:14 GMT
Connection: close
Content-Length: 163

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://<ip>/login.aspx?ReturnUrl=%2f">here</a>.</h2>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T23:00:15.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "e7a6f980ae4f38f12fb49ddf922bf0f1",
         "bodymmh3" : 952567728,
         "component" : [
            {
               "productversion" : "4.0.30319",
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "headermd5" : "dcecdb5df4d1efaec8c66b5ae58078bb",
         "headermmh3" : -1360524853,
         "title" : "Object moved"
      },
      "length" : 968
   },
   "asn" : "AS17451",
   "city" : "Jakarta",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nLocation: http://<ip>/login.aspx?ReturnUrl=%2f\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: .ASPXANONYMOUS=U03PejFn2wEkAAAANTM4ZWRiNWYtYzczZS00M2Q4LWE4ZTQtMTZjYTg1Yzc3NTg10; expires=Wed, 15-Jan-2025 09:40:14 GMT; path=/; HttpOnly\r\nSet-Cookie: ASP.NET_SessionId=0qyhxxdjnklohjbrsfk1ydfk; path=/; HttpOnly; SameSite=Lax\r\nX-AspNet-Version: 4.0.30319\r\nSet-Cookie: .ASPXANONYMOUS=U03PejFn2wEkAAAANTM4ZWRiNWYtYzczZS00M2Q4LWE4ZTQtMTZjYTg1Yzc3NTg10; expires=Wed, 15-Jan-2025 09:40:14 GMT; path=/; HttpOnly\r\nSet-Cookie: ASP.NET_SessionId=0qyhxxdjnklohjbrsfk1ydfk; path=/; HttpOnly; SameSite=Lax\r\nSet-Cookie: language=en-US; path=/; HttpOnly\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 06 Nov 2024 23:00:14 GMT\r\nConnection: close\r\nContent-Length: 163\r\n\r\n<html><head><title>Object moved</title></head><body>\r\n<h2>Object moved to <a href=\"http://<ip>/login.aspx?ReturnUrl=%2f\">here</a>.</h2>\r\n</body></html>\r\n",
   "datamd5" : "fd01bc0eb333e9a0f88b734139dd0f67",
   "datammh3" : 933650593,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS17451",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "biz.net.id",
         "biznetnetworks.com"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "BIZNET-ID",
      "organization" : "Biznet Networks",
      "subnet" : "112.78.184.0/23"
   },
   "ip" : "112.78.185.150",
   "ipv6" : "false",
   "latitude" : "-6.2114",
   "location" : "-6.2114,106.8446",
   "longitude" : "106.8446",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "BIZNET NETWORKS",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 58603,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "112.78.184.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
192.36.41.86

Network
192.36.41.0/24

Domain(s)
192.in-addr.arpa

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://192.36.41.86:58603/ 302

Reverse DNS
86.41.36.192.in-addr.arpa

ASN
AS57169

Organization
EDIS GmbH

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

HTTP Component(s)
Atlassian Confluence Oracle Java

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1625694c587cd601197fb35f20511ece

HTTP Header MD5
2dc1e159d50343e36aa92b49adbad2ef

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 06 Nov 2024 20:00:52 UTC
Cache-Control: no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Confluence-Request-Time: 1697032431875
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Location: /login.action?os_destination=%2Findex.action&permissionViolation=true
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Set-Cookie: JSESSIONID=FD2CA9E2B09E9FEE2EC126FA48BF694B; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T20:00:52.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            },
            {
               "productvendor" : "Atlassian",
               "product" : "Confluence"
            }
         ],
         "headermd5" : "2dc1e159d50343e36aa92b49adbad2ef",
         "headermmh3" : -1407767561
      },
      "length" : 620
   },
   "asn" : "AS57169",
   "city" : "Riga",
   "country" : "LV",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Wed, 06 Nov 2024 20:00:52 UTC\r\nCache-Control: no-store\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nX-Confluence-Request-Time: 1697032431875\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'\r\nLocation: /login.action?os_destination=%2Findex.action&permissionViolation=true\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Length: 0\r\nSet-Cookie: JSESSIONID=FD2CA9E2B09E9FEE2EC126FA48BF694B; Path=/; Secure; HttpOnly\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\n\r\n",
   "datamd5" : "1625694c587cd601197fb35f20511ece",
   "datammh3" : 1837928346,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "192.in-addr.arpa"
   ],
   "host" : [
      86
   ],
   "hostname" : [
      "86.41.36.192.in-addr.arpa"
   ],
   "ip" : "192.36.41.86",
   "ipv6" : "false",
   "latitude" : "56.9496",
   "location" : "56.9496,24.0978",
   "longitude" : "24.0978",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "EDIS GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 58603,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "86.41.36.192.in-addr.arpa"
   ],
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "41.36.192.in-addr.arpa",
      "36.192.in-addr.arpa"
   ],
   "subnet" : "192.36.41.0/24",
   "tld" : [
      "in-addr.arpa"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 957 in 0.128 second(s)

76.190.75.213:58603 (tcp/http) - last seen on 2024-11-07 at 05:18:08 UTC

202.91.210.202:58603 (tcp/http) - last seen on 2024-11-07 at 05:12:12 UTC

59.75.38.61:58603 (tcp/http) - last seen on 2024-11-07 at 05:11:47 UTC

59.75.39.151:58603 (tcp/http) - last seen on 2024-11-07 at 02:07:03 UTC

59.75.41.34:58603 (tcp/http) - last seen on 2024-11-07 at 02:05:10 UTC

197.158.44.176:58603 (tcp/http) - last seen on 2024-11-07 at 00:37:42 UTC

59.75.38.30:58603 (tcp/http) - last seen on 2024-11-07 at 00:37:05 UTC

134.122.218.104:58603 (tcp/http) - last seen on 2024-11-06 at 23:05:16 UTC

112.78.185.150:58603 (tcp/http) - last seen on 2024-11-06 at 23:00:15 UTC

192.36.41.86:58603 (tcp/http) - last seen on 2024-11-06 at 20:00:52 UTC