Cyber Defense Search Engine

IP
154.209.108.74

Network
154.209.96.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://154.209.108.74:7678/ 302

HTTP Title
302 Found

ASN
AS132839

Organization
POWER LINE DATACENTER

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
fec523b9aa4f35bf1e9de0046045ced3

HTTP Header MD5
d7becab03a8905d978f0985d2d16182f

HTTP Body MD5
29b5f7615598c74df0019844c163d80c

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 07 Nov 2024 05:48:48 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://<ip>/
Strict-Transport-Security: max-age=31536000

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:48:48.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "29b5f7615598c74df0019844c163d80c",
         "bodymmh3" : -23674247,
         "headermd5" : "d7becab03a8905d978f0985d2d16182f",
         "headermmh3" : 1206848420,
         "title" : "302 Found"
      },
      "length" : 359
   },
   "asn" : "AS132839",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:48:48 GMT\r\nContent-Type: text/html\r\nContent-Length: 138\r\nConnection: close\r\nLocation: https://<ip>/\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "fec523b9aa4f35bf1e9de0046045ced3",
   "datammh3" : 576449098,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS132839",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "cloudinnovation.org"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "Digital_Core_Technology_Co_Ltd",
      "organization" : "Digital Core Technology Co., Ltd",
      "subnet" : "154.209.96.0/19"
   },
   "ip" : "154.209.108.74",
   "ipv6" : "false",
   "latitude" : "22.2578",
   "location" : "22.2578,114.1657",
   "longitude" : "114.1657",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "POWER LINE DATACENTER",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7678,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "154.209.96.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
59.75.38.122

Network
59.64.0.0/12

Device

<enterprise field>: device.class

URL

http://59.75.38.122:7678/ 302

ASN
AS4538

Organization
China Education and Research Network Center

Protocol
http

Source
datascan

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
96d7aced4477a5334c7de4616620bcc7

HTTP Header MD5
17494da67b263d49a356f29516833bab

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:48:21.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.254.3"
         ],
         "url" : [
            "http://192.168.254.3"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "17494da67b263d49a356f29516833bab",
         "headermmh3" : 1664562682
      },
      "length" : 153
   },
   "asn" : "AS4538",
   "country" : "CN",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: DrcomServer1.0\r\nLocation: http://192.168.254.3\r\nCache-Control: no-cache\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "96d7aced4477a5334c7de4616620bcc7",
   "datammh3" : 1446480259,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cernet.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "XAR-CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "59.75.32.0/21"
   },
   "ip" : "59.75.38.122",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 7678,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "59.64.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
154.209.100.222

Network
154.209.96.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://154.209.100.222:7678/ 302

HTTP Title
302 Found

ASN
AS132839

Organization
POWER LINE DATACENTER

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
fec523b9aa4f35bf1e9de0046045ced3

HTTP Header MD5
d7becab03a8905d978f0985d2d16182f

HTTP Body MD5
29b5f7615598c74df0019844c163d80c

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 07 Nov 2024 05:47:34 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://<ip>/
Strict-Transport-Security: max-age=31536000

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:47:34.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "29b5f7615598c74df0019844c163d80c",
         "bodymmh3" : -23674247,
         "headermd5" : "d7becab03a8905d978f0985d2d16182f",
         "headermmh3" : -1077902621,
         "title" : "302 Found"
      },
      "length" : 359
   },
   "asn" : "AS132839",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:47:34 GMT\r\nContent-Type: text/html\r\nContent-Length: 138\r\nConnection: close\r\nLocation: https://<ip>/\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "fec523b9aa4f35bf1e9de0046045ced3",
   "datammh3" : 576449098,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS132839",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "cloudinnovation.org"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "Digital_Core_Technology_Co_Ltd",
      "organization" : "Digital Core Technology Co., Ltd",
      "subnet" : "154.209.96.0/19"
   },
   "ip" : "154.209.100.222",
   "ipv6" : "false",
   "latitude" : "22.2578",
   "location" : "22.2578,114.1657",
   "longitude" : "114.1657",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "POWER LINE DATACENTER",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7678,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "154.209.96.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
39.129.176.123

Network
39.128.0.0/14

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://39.129.176.123:7678/ 302

HTTP Title
Object moved

ASN
AS9808

Organization
China Mobile Communications Group Co., Ltd.

Protocol
http

Source
datascan
Operating System
Microsoft Windows

HTTP Component(s)
Microsoft ASP.NET 4.0.30319

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
76c1fa31cbed1af38acb095440e8d4d3

HTTP Header MD5
430209a19bdd01fe1abb836d5592a44d

HTTP Body MD5
25b80cf9d3e39e920338d0f68fa37306

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Account/Login?ReturnUrl=/
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Date: Thu, 07 Nov 2024 05:37:26 GMT
Connection: close
Content-Length: 143

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/Account/Login?ReturnUrl=/">here</a>.</h2>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:37:27.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "25b80cf9d3e39e920338d0f68fa37306",
         "bodymmh3" : -1607197760,
         "component" : [
            {
               "product" : "ASP.NET",
               "productvendor" : "Microsoft",
               "productversion" : "4.0.30319"
            }
         ],
         "headermd5" : "430209a19bdd01fe1abb836d5592a44d",
         "headermmh3" : 1930417965,
         "title" : "Object moved"
      },
      "length" : 425
   },
   "asn" : "AS9808",
   "city" : "Kunming",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nLocation: /Account/Login?ReturnUrl=/\r\nX-AspNet-Version: 4.0.30319\r\nX-Powered-By: ASP.NET\r\nX-Frame-Options: SAMEORIGIN\r\nDate: Thu, 07 Nov 2024 05:37:26 GMT\r\nConnection: close\r\nContent-Length: 143\r\n\r\n<html><head><title>Object moved</title></head><body>\r\n<h2>Object moved to <a href=\"/Account/Login?ReturnUrl=/\">here</a>.</h2>\r\n</body></html>\r\n",
   "datamd5" : "76c1fa31cbed1af38acb095440e8d4d3",
   "datammh3" : 1203505526,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinamobile.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CMNET",
      "organization" : "China Mobile",
      "subnet" : "39.129.0.0/16"
   },
   "ip" : "39.129.176.123",
   "ipv6" : "false",
   "latitude" : "25.0088",
   "location" : "25.0088,102.6513",
   "longitude" : "102.6513",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Mobile Communications Group Co., Ltd.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 7678,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "39.128.0.0/14",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
133.130.91.154

Alternative IP(s)
2400:8500:1301:740:133:130:91:154

Network
133.130.64.0/18

Domain(s)
cnode.io

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://133.130.91.154:7678/ 302

HTTP Title
302 Found

Reverse DNS
v133-130-91-154.a020.g.tyo1.static.cnode.io

ASN
AS7506

Organization
GMO Internet,Inc

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.14.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
4f9e75836482fd87eecb05b7728e6b01

HTTP Header MD5
935ae8a017676cb92664e8d279572ee0

HTTP Body MD5
602c1b9891c3be7844f8d51d248440ea

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 07 Nov 2024 05:30:45 GMT
Content-Type: text/html
Content-Length: 170
Connection: close
Location: https://<ip>/__proxy_error__/497.html

<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:45.000Z",
   "alternativeip" : [
      "2400:8500:1301:740:133:130:91:154"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "602c1b9891c3be7844f8d51d248440ea",
         "bodymmh3" : 959249276,
         "headermd5" : "935ae8a017676cb92664e8d279572ee0",
         "headermmh3" : 1904843099,
         "title" : "302 Found"
      },
      "length" : 386
   },
   "asn" : "AS7506",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: nginx/1.14.0 (Ubuntu)\r\nDate: Thu, 07 Nov 2024 05:30:45 GMT\r\nContent-Type: text/html\r\nContent-Length: 170\r\nConnection: close\r\nLocation: https://<ip>/__proxy_error__/497.html\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx/1.14.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "4f9e75836482fd87eecb05b7728e6b01",
   "datammh3" : 656937095,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cnode.io"
   ],
   "geolocus" : {
      "asn" : "AS7506",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "interq.or.jp",
         "nic.ad.jp"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "JPNIC-NET-JP-ERX",
      "organization" : "Japan Network Information Center",
      "subnet" : "133.130.64.0/18"
   },
   "host" : [
      "v133-130-91-154"
   ],
   "hostname" : [
      "v133-130-91-154.a020.g.tyo1.static.cnode.io"
   ],
   "ip" : "133.130.91.154",
   "ipv6" : "false",
   "latitude" : "35.6897",
   "location" : "35.6897,139.6895",
   "longitude" : "139.6895",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GMO Internet,Inc",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 7678,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "reverse" : [
      "v133-130-91-154.a020.g.tyo1.static.cnode.io"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "a020.g.tyo1.static.cnode.io",
      "g.tyo1.static.cnode.io",
      "static.cnode.io",
      "tyo1.static.cnode.io"
   ],
   "subnet" : "133.130.64.0/18",
   "tld" : [
      "io"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
156.56.7.6

Network
156.56.0.0/16

Domain(s)
indiana.edu

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://156.56.7.6:7678/ 302

Reverse DNS
phoenix.uits.indiana.edu

ASN
AS87

Organization
INDIANA-AS

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

HTTP Component(s)
Atlassian Confluence Oracle Java

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1625694c587cd601197fb35f20511ece

HTTP Header MD5
2dc1e159d50343e36aa92b49adbad2ef

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 07 Nov 2024 05:28:20 UTC
Cache-Control: no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Confluence-Request-Time: 1697032431875
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Location: /login.action?os_destination=%2Findex.action&permissionViolation=true
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Set-Cookie: JSESSIONID=FD2CA9E2B09E9FEE2EC126FA48BF694B; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:28:20.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            },
            {
               "productvendor" : "Atlassian",
               "product" : "Confluence"
            }
         ],
         "headermd5" : "2dc1e159d50343e36aa92b49adbad2ef",
         "headermmh3" : 1817958595
      },
      "length" : 620
   },
   "asn" : "AS87",
   "city" : "Washington",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:28:20 UTC\r\nCache-Control: no-store\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nX-Confluence-Request-Time: 1697032431875\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'\r\nLocation: /login.action?os_destination=%2Findex.action&permissionViolation=true\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Length: 0\r\nSet-Cookie: JSESSIONID=FD2CA9E2B09E9FEE2EC126FA48BF694B; Path=/; Secure; HttpOnly\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\r\n\r\n",
   "datamd5" : "1625694c587cd601197fb35f20511ece",
   "datammh3" : 1837928346,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "indiana.edu"
   ],
   "geolocus" : {
      "asn" : "AS87",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "gigapop.net",
         "iu.edu"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "IUED",
      "organization" : "Indiana University",
      "subnet" : "156.56.0.0/16"
   },
   "host" : [
      "phoenix"
   ],
   "hostname" : [
      "phoenix.uits.indiana.edu"
   ],
   "ip" : "156.56.7.6",
   "ipv6" : "false",
   "latitude" : "38.6529",
   "location" : "38.6529,-87.1699",
   "longitude" : "-87.1699",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "INDIANA-AS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7678,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "phoenix.uits.indiana.edu"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "uits.indiana.edu"
   ],
   "subnet" : "156.56.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "edu"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
154.201.240.142

Network
154.201.128.0/17

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://154.201.240.142:7678/ 302

HTTP Title
302 Found

ASN
AS132839

Organization
POWER LINE DATACENTER

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
fec523b9aa4f35bf1e9de0046045ced3

HTTP Header MD5
d7becab03a8905d978f0985d2d16182f

HTTP Body MD5
29b5f7615598c74df0019844c163d80c

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 07 Nov 2024 05:27:32 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://<ip>/
Strict-Transport-Security: max-age=31536000

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:27:32.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "29b5f7615598c74df0019844c163d80c",
         "bodymmh3" : -23674247,
         "headermd5" : "d7becab03a8905d978f0985d2d16182f",
         "headermmh3" : 136544217,
         "title" : "302 Found"
      },
      "length" : 359
   },
   "asn" : "AS132839",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:27:32 GMT\r\nContent-Type: text/html\r\nContent-Length: 138\r\nConnection: close\r\nLocation: https://<ip>/\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "fec523b9aa4f35bf1e9de0046045ced3",
   "datammh3" : 576449098,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS132839",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "cloudinnovation.org"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "Digital_Core_Technology_Co_Ltd",
      "organization" : "Digital Core Technology Co., Ltd",
      "subnet" : "154.201.128.0/17"
   },
   "ip" : "154.201.240.142",
   "ipv6" : "false",
   "latitude" : "34.0544",
   "location" : "34.0544,-118.2440",
   "longitude" : "-118.2440",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "POWER LINE DATACENTER",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7678,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "154.201.128.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
172.247.208.4

Network
172.247.192.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://172.247.208.4:7678/ 302

HTTP Title
302 Found

ASN
AS40065

Organization
CNSERVERS

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
OpenResty OpenResty

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7be874fdef406ca4e3be4ef82d0c85b0

HTTP Header MD5
f4d978c54ddbbdbf3b1588a8eef27a50

HTTP Body MD5
72bb92c6b139c34867ea2ed28b37e423

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 07 Nov 2024 04:44:53 GMT
Content-Type: text/html
Content-Length: 142
Connection: close
Location: https://<ip>/
Strict-Transport-Security: max-age=31536000

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>openresty</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:44:53.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "72bb92c6b139c34867ea2ed28b37e423",
         "bodymmh3" : -2012374589,
         "headermd5" : "f4d978c54ddbbdbf3b1588a8eef27a50",
         "headermmh3" : -861996125,
         "title" : "302 Found"
      },
      "length" : 367
   },
   "asn" : "AS40065",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: openresty\r\nDate: Thu, 07 Nov 2024 04:44:53 GMT\r\nContent-Type: text/html\r\nContent-Length: 142\r\nConnection: close\r\nLocation: https://<ip>/\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "7be874fdef406ca4e3be4ef82d0c85b0",
   "datammh3" : -980438086,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS40065",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "ceranetworks.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "GDI-INVEST-03",
      "organization" : "CloudRadium L.L.C",
      "subnet" : "172.247.208.0/21"
   },
   "ip" : "172.247.208.4",
   "ipv6" : "false",
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CNSERVERS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7678,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "172.247.192.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
90.84.234.168

Network
90.84.224.0/20

Domain(s)
orangero.net

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://90.84.234.168:7678/ 302

HTTP Title
Object moved

Reverse DNS
90-84-234-168.orangero.net

ASN
AS8953

Organization
Orange Romania S.A.

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft IIS 10.0

HTTP Component(s)
Microsoft ASP.NET 4.0.30319

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
9729c657d096aac77c496042d10e2e5a

HTTP Header MD5
3b64aef1e3899f44dd5f23daa1319520

HTTP Body MD5
90a90f59e3d3b96848bf3830d50e988e

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /pages/Login.aspx
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=o4gjscih2xuqhacxsmlkazp4; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 04:25:41 GMT
Connection: close
Content-Length: 134

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/pages/Login.aspx">here</a>.</h2>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:25:42.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "90a90f59e3d3b96848bf3830d50e988e",
         "bodymmh3" : 1921024755,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "productversion" : "4.0.30319",
               "product" : "ASP.NET"
            }
         ],
         "headermd5" : "3b64aef1e3899f44dd5f23daa1319520",
         "headermmh3" : -968615115,
         "title" : "Object moved"
      },
      "length" : 494
   },
   "asn" : "AS8953",
   "city" : "Bosanci",
   "country" : "RO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nLocation: /pages/Login.aspx\r\nServer: Microsoft-IIS/10.0\r\nSet-Cookie: ASP.NET_SessionId=o4gjscih2xuqhacxsmlkazp4; path=/; HttpOnly; SameSite=Lax\r\nX-AspNet-Version: 4.0.30319\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 04:25:41 GMT\r\nConnection: close\r\nContent-Length: 134\r\n\r\n<html><head><title>Object moved</title></head><body>\r\n<h2>Object moved to <a href=\"/pages/Login.aspx\">here</a>.</h2>\r\n</body></html>\r\n",
   "datamd5" : "9729c657d096aac77c496042d10e2e5a",
   "datammh3" : -1677734824,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "orangero.net"
   ],
   "geolocus" : {
      "asn" : "AS8953",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "RO",
      "countryname" : "Romania",
      "domain" : [
         "orange.com",
         "orangero.net"
      ],
      "isineu" : "true",
      "latitude" : "45.943161",
      "location" : "45.943161,24.96676",
      "longitude" : "24.96676",
      "netname" : "RO-ORANGE",
      "organization" : "Orange Romania Network",
      "subnet" : "90.84.224.0/20"
   },
   "host" : [
      "90-84-234-168"
   ],
   "hostname" : [
      "90-84-234-168.orangero.net"
   ],
   "ip" : "90.84.234.168",
   "ipv6" : "false",
   "latitude" : "47.5839",
   "location" : "47.5839,26.3166",
   "longitude" : "26.3166",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Orange Romania S.A.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 7678,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "90-84-234-168.orangero.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "90.84.224.0/20",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
185.135.76.205

Network
185.135.72.0/21

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://185.135.76.205:7678/ 302

HTTP Title
302 Found

ASN
AS132825

Organization
MYTEK TRADING PTY LTD

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.23.0

HTTP Component(s)
GeoServer GeoServer

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
77fff245479ebac7cb761e559b1ea33d

HTTP Header MD5
7b54338a53a71649b70ea9b131f36142

HTTP Body MD5
313466a1cb86c02fb0d54750ae2c91dc

HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Thu, 07 Nov 2024 04:07:09 UTC
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: /geoserver/web/
Access-Control-Allow-Credentials: False
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, Origin, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, OPTION

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.23.0</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:07:09.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "313466a1cb86c02fb0d54750ae2c91dc",
         "bodymmh3" : -360064107,
         "component" : [
            {
               "productvendor" : "GeoServer",
               "product" : "GeoServer"
            }
         ],
         "headermd5" : "7b54338a53a71649b70ea9b131f36142",
         "headermmh3" : 1876616101,
         "title" : "302 Found"
      },
      "length" : 512
   },
   "asn" : "AS132825",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.23.0\r\nDate: Thu, 07 Nov 2024 04:07:09 UTC\r\nContent-Type: text/html\r\nContent-Length: 145\r\nConnection: keep-alive\r\nLocation: /geoserver/web/\r\nAccess-Control-Allow-Credentials: False\r\nAccess-Control-Allow-Headers: Content-Type, Accept, Authorization, Origin, User-Agent\r\nAccess-Control-Allow-Methods: GET, POST, PUT, PATCH, OPTION\r\n\r\n<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx/1.23.0</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "77fff245479ebac7cb761e559b1ea33d",
   "datammh3" : -1957578169,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "185.135.76.205",
   "ipv6" : "false",
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MYTEK TRADING PTY LTD",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7678,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.23.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "185.135.72.0/21",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 2,722 in 0.254 second(s)

154.209.108.74:7678 (tcp/http) - last seen on 2024-11-07 at 05:48:48 UTC

59.75.38.122:7678 (tcp/http) - last seen on 2024-11-07 at 05:48:21 UTC

154.209.100.222:7678 (tcp/http) - last seen on 2024-11-07 at 05:47:34 UTC

39.129.176.123:7678 (tcp/http) - last seen on 2024-11-07 at 05:37:27 UTC

133.130.91.154:7678 (tcp/http) - last seen on 2024-11-07 at 05:30:45 UTC

156.56.7.6:7678 (tcp/http) - last seen on 2024-11-07 at 05:28:20 UTC

154.201.240.142:7678 (tcp/http) - last seen on 2024-11-07 at 05:27:32 UTC

172.247.208.4:7678 (tcp/http) - last seen on 2024-11-07 at 04:44:53 UTC

90.84.234.168:7678 (tcp/http) - last seen on 2024-11-07 at 04:25:42 UTC

185.135.76.205:7678 (tcp/http) - last seen on 2024-11-07 at 04:07:09 UTC