Returning 10 result(s) out of 121,535 in 0.077 second(s)

  • 69.77.208.35:9990 (tcp/http) - last seen on 2024-11-21 at 09:26:06 UTC

    • IP
      69.77.208.35
      Network
      69.77.192.0/18
      Domain(s)
      gwtc.net
      Device

      <enterprise field>: device.class

      URL

      http://69.77.208.35:9990/ 301

      HTTP Title
      Moved Permanently
      Reverse DNS
      69-77-208-35.ip4.gwtc.net
      ASN
      AS6580
      Organization
      GWTC
      Protocol
      http
      Source
      datascan::redirect::5
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e539c04994c2cd8807e555472d40d7f0
      HTTP Header MD5
      2c561ce2561b7f6113f96cf56b362b57
      HTTP Body MD5
      6d74b20c6fa245a96aa940816c13f6ff
    • HTTP/1.1 301 Moved Permanently
      Access-Control-Allow-Origin: *
      Content-Length: 98
      Content-Type: text/html; charset=utf-8
      Date: Thu, 21 Nov 2024 09:26:05 GMT
      Location: https://<ip>:9990/
      
      <HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>301 Moved Permanently -- </H1></BODY>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:26:06.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "6d74b20c6fa245a96aa940816c13f6ff",
               "bodymmh3" : -2097937471,
               "headermd5" : "2c561ce2561b7f6113f96cf56b362b57",
               "headermmh3" : 1270230483,
               "title" : "Moved Permanently"
            },
            "length" : 291
         },
         "asn" : "AS6580",
         "city" : "Winner",
         "country" : "US",
         "data" : "HTTP/1.1 301 Moved Permanently\r\nAccess-Control-Allow-Origin: *\r\nContent-Length: 98\r\nContent-Type: text/html; charset=utf-8\r\nDate: Thu, 21 Nov 2024 09:26:05 GMT\r\nLocation: https://<ip>:9990/\r\n\r\n<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>301 Moved Permanently -- </H1></BODY>",
         "datamd5" : "e539c04994c2cd8807e555472d40d7f0",
         "datammh3" : -274522966,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "gwtc.net"
         ],
         "forward" : "69.77.208.35",
         "geolocus" : {
            "asn" : "AS6580",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "goldenwest.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "DLRP-BBA1-POOL-01",
            "organization" : "Golden West Telecommunications Coop., Inc.",
            "subnet" : "69.77.192.0/18"
         },
         "host" : [
            "69-77-208-35"
         ],
         "hostname" : [
            "69-77-208-35.ip4.gwtc.net",
            "69.77.208.35"
         ],
         "ip" : "69.77.208.35",
         "ipv6" : "false",
         "latitude" : "43.3767",
         "location" : "43.3767,-99.8590",
         "longitude" : "-99.8590",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "GWTC",
         "port" : 9990,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Moved Permanently",
         "reverse" : [
            "69-77-208-35.ip4.gwtc.net"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan::redirect::5",
         "status" : 301,
         "subdomains" : [
            "ip4.gwtc.net"
         ],
         "subnet" : "69.77.192.0/18",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "net"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 62.213.122.230:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:27 UTC

    • IP
      62.213.122.230
      Network
      62.213.122.0/24
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://62.213.122.230:9990/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS197695
      Organization
      Domain names registrar REG.RU, Ltd
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0c1820e0d381850a77897bf32978a1f0
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      ea425366a98dfc499c0cbeedb9a4f02a
    • HTTP/1.1 400 Bad Request
      Server: nginx
      Date: Thu, 21 Nov 2024 09:24:27 GMT
      Content-Type: text/html
      Content-Length: 248
      Connection: close
      
      <html>
      <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <center>The plain HTTP request was sent to HTTPS port</center>
      <hr><center>nginx</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:24:27.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
               "bodymmh3" : 1153229498,
               "headermd5" : "a629a0fe278971ad61801ba6975ba467",
               "headermmh3" : -1639722418,
               "title" : "400 The plain HTTP request was sent to HTTPS port"
            },
            "length" : 393
         },
         "asn" : "AS197695",
         "country" : "RU",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 09:24:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
         "datammh3" : 190190724,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "ip" : "62.213.122.230",
         "ipv6" : "false",
         "latitude" : "55.7386",
         "location" : "55.7386,37.6068",
         "longitude" : "37.6068",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Domain names registrar REG.RU, Ltd",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 9990,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "62.213.122.0/24",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 154.21.211.210:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:27 UTC

    • IP
      154.21.211.210
      Network
      154.21.208.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://154.21.211.210:9990/ 407

      ASN
      AS174
      Organization
      COGENT-174
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      beff904528226673ee6dbdb9e7fe6002
      HTTP Header MD5
      4bd5a82db187fbf06a2b7f25b880c717
      HTTP Body MD5
      917a0ae17b6e9db13c448d39f37c69ca
    • HTTP/1.1 407 Proxy Authentication Required
      Proxy-Authenticate: Basic realm=""
      
      Proxy Authentication Required
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:24:27.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
               "bodymmh3" : -1539650452,
               "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
               "headermmh3" : 372433470
            },
            "length" : 111
         },
         "asn" : "AS174",
         "city" : "New Orleans",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
         "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
         "datammh3" : 501879459,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS174",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "cogentco.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "COGENT-154-21-16",
            "organization" : "PSINet, Inc.",
            "subnet" : "154.21.210.0/23"
         },
         "ip" : "154.21.211.210",
         "ipv6" : "false",
         "latitude" : "29.9607",
         "location" : "29.9607,-90.0754",
         "longitude" : "-90.0754",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "COGENT-174",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 9990,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Proxy Authentication Required",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 407,
         "subnet" : "154.21.208.0/20",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 45.129.127.130:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:26 UTC

    • IP
      45.129.127.130
      Network
      45.129.127.0/24
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://45.129.127.130:9990/ 407

      ASN
      AS30633
      Organization
      LEASEWEB-USA-WDC
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      beff904528226673ee6dbdb9e7fe6002
      HTTP Header MD5
      4bd5a82db187fbf06a2b7f25b880c717
      HTTP Body MD5
      917a0ae17b6e9db13c448d39f37c69ca
    • HTTP/1.1 407 Proxy Authentication Required
      Proxy-Authenticate: Basic realm=""
      
      Proxy Authentication Required
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:24:26.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
               "bodymmh3" : -1539650452,
               "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
               "headermmh3" : 372433470
            },
            "length" : 111
         },
         "asn" : "AS30633",
         "city" : "Ashburn",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
         "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
         "datammh3" : 501879459,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS30633",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "rapidseedbox.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "US-RAPIDSEEDBOX-20190313",
            "organization" : "US-RAPIDSEEDBOX-20190313",
            "subnet" : "45.129.127.0/24"
         },
         "ip" : "45.129.127.130",
         "ipv6" : "false",
         "latitude" : "39.0814",
         "location" : "39.0814,-77.6443",
         "longitude" : "-77.6443",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "LEASEWEB-USA-WDC",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 9990,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Proxy Authentication Required",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 407,
         "subnet" : "45.129.127.0/24",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 123.60.127.82:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:25 UTC

    • IP
      123.60.127.82
      Network
      123.60.0.0/16
      Domain(s)
      hwclouds-dns.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://123.60.127.82:9990/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      Reverse DNS
      ecs-123-60-127-82.compute.hwclouds-dns.com
      ASN
      AS55990
      Organization
      Huawei Cloud Service data center
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      1669a0dbf3548e4bc93f696ed05e5286
      HTTP Header MD5
      1bcf1dcb69e0b166facc4cad91962931
      HTTP Body MD5
      4ea630c72fb92754153fdeee2796514a
    • HTTP/1.1 400 Bad Request
      Server: CloudWAF
      Date: Thu, 21 Nov 2024 09:24:25 GMT
      Content-Type: text/html
      Content-Length: 251
      Connection: close
      
      <html>
      <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <center>The plain HTTP request was sent to HTTPS port</center>
      <hr><center>CloudWAF</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:24:25.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "4ea630c72fb92754153fdeee2796514a",
               "bodymmh3" : -1197436772,
               "headermd5" : "1bcf1dcb69e0b166facc4cad91962931",
               "headermmh3" : -518732662,
               "title" : "400 The plain HTTP request was sent to HTTPS port"
            },
            "length" : 399
         },
         "asn" : "AS55990",
         "city" : "Shanghai",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: CloudWAF\r\nDate: Thu, 21 Nov 2024 09:24:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 251\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>CloudWAF</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "1669a0dbf3548e4bc93f696ed05e5286",
         "datammh3" : 517877946,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "hwclouds-dns.com"
         ],
         "geolocus" : {
            "asn" : "AS55990",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "cnnic.cn",
               "huawei.com",
               "hwclouds-dns.com"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "HWCSNET",
            "organization" : "Huawei Public Cloud Service (Huawei Software Technologies Ltd.Co)",
            "subnet" : "123.60.64.0/18"
         },
         "host" : [
            "ecs-123-60-127-82"
         ],
         "hostname" : [
            "ecs-123-60-127-82.compute.hwclouds-dns.com"
         ],
         "ip" : "123.60.127.82",
         "ipv6" : "false",
         "latitude" : "31.2222",
         "location" : "31.2222,121.4581",
         "longitude" : "121.4581",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Huawei Cloud Service data center",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 9990,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "reverse" : [
            "ecs-123-60-127-82.compute.hwclouds-dns.com"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 400,
         "subdomains" : [
            "compute.hwclouds-dns.com"
         ],
         "subnet" : "123.60.0.0/16",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 191.101.168.23:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:23 UTC

    • IP
      191.101.168.23
      Network
      191.101.168.0/24
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://191.101.168.23:9990/ 407

      ASN
      AS61317
      Organization
      Hivelocity LLC
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      beff904528226673ee6dbdb9e7fe6002
      HTTP Header MD5
      4bd5a82db187fbf06a2b7f25b880c717
      HTTP Body MD5
      917a0ae17b6e9db13c448d39f37c69ca
    • HTTP/1.1 407 Proxy Authentication Required
      Proxy-Authenticate: Basic realm=""
      
      Proxy Authentication Required
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:24:23.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
               "bodymmh3" : -1539650452,
               "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
               "headermmh3" : 372433470
            },
            "length" : 111
         },
         "asn" : "AS61317",
         "city" : "Los Angeles",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
         "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
         "datammh3" : 501879459,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "ip" : "191.101.168.23",
         "ipv6" : "false",
         "latitude" : "34.0544",
         "location" : "34.0544,-118.2441",
         "longitude" : "-118.2441",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Hivelocity LLC",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 9990,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Proxy Authentication Required",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 407,
         "subnet" : "191.101.168.0/24",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 138.36.152.227:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:05 UTC

    • IP
      138.36.152.227
      Network
      138.36.152.0/22
      Device

      <enterprise field>: device.class

      URL

      http://138.36.152.227:9990/ 301

      ASN
      AS28453
      Organization
      GK TELECOMUNICACIONES
      Protocol
      http
      Source
      datascan::redirect::3
    • Product
      Proxmox Virtual Environment 3.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      9ed0e3ca85983c101460b975f064974a
      HTTP Header MD5
      de2c54cdd1e009b0f283ed93c4545e2b
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e
    • HTTP/1.1 301 Moved Permanently
      Cache-Control: max-age=0
      Connection: close
      Date: Thu, 21 Nov 2024 09:24:05 GMT
      Pragma: no-cache
      Location: https://<ip>:9990/
      Server: pve-api-daemon/3.0
      Expires: Thu, 21 Nov 2024 09:24:05 GMT
      
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:24:05.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
               "bodymmh3" : -1,
               "headermd5" : "de2c54cdd1e009b0f283ed93c4545e2b",
               "headermmh3" : 1257650681
            },
            "length" : 232
         },
         "asn" : "AS28453",
         "city" : "G\u00f3mez Far\u00edas",
         "country" : "MX",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 301 Moved Permanently\r\nCache-Control: max-age=0\r\nConnection: close\r\nDate: Thu, 21 Nov 2024 09:24:05 GMT\r\nPragma: no-cache\r\nLocation: https://<ip>:9990/\r\nServer: pve-api-daemon/3.0\r\nExpires: Thu, 21 Nov 2024 09:24:05 GMT\r\n\r\n",
         "datamd5" : "9ed0e3ca85983c101460b975f064974a",
         "datammh3" : 1560048122,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "forward" : "138.36.152.227",
         "geolocus" : {
            "asn" : "AS28453",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "MX",
            "countryname" : "Mexico",
            "domain" : [
               "hotmail.com"
            ],
            "isineu" : "false",
            "latitude" : "23.634501",
            "location" : "23.634501,-102.552784",
            "longitude" : "-102.552784",
            "netname" : "MX-GTSC3-LACNIC",
            "organization" : "GK TELECOMUNICACIONES",
            "subnet" : "138.36.152.0/22"
         },
         "hostname" : [
            "138.36.152.227"
         ],
         "ip" : "138.36.152.227",
         "ipv6" : "false",
         "latitude" : "19.7934",
         "location" : "19.7934,-103.4810",
         "longitude" : "-103.4810",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "GK TELECOMUNICACIONES",
         "port" : 9990,
         "product" : "Virtual Environment",
         "productvendor" : "Proxmox",
         "productversion" : "3.0",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Moved Permanently",
         "seen_date" : "2024-11-21",
         "source" : "datascan::redirect::3",
         "status" : 301,
         "subnet" : "138.36.152.0/22",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 37.34.84.121:9990 (tcp/http) - last seen on 2024-11-21 at 09:23:32 UTC

    • IP
      37.34.84.121
      Network
      37.34.80.0/21
      Device

      <enterprise field>: device.class

      URL

      http://37.34.84.121:9990/ 407

      ASN
      AS996
      Organization
      JY-MOBILE-COMMUNICATIONS
      Protocol
      http
      Source
      datascan
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      beff904528226673ee6dbdb9e7fe6002
      HTTP Header MD5
      4bd5a82db187fbf06a2b7f25b880c717
      HTTP Body MD5
      917a0ae17b6e9db13c448d39f37c69ca
    • HTTP/1.1 407 Proxy Authentication Required
      Proxy-Authenticate: Basic realm=""
      
      Proxy Authentication Required
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:23:32.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
               "bodymmh3" : -1539650452,
               "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
               "headermmh3" : 372433470
            },
            "length" : 111
         },
         "asn" : "AS996",
         "city" : "Dallas",
         "country" : "US",
         "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
         "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
         "datammh3" : 501879459,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "ip" : "37.34.84.121",
         "ipv6" : "false",
         "latitude" : "32.7889",
         "location" : "32.7889,-96.8021",
         "longitude" : "-96.8021",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "JY-MOBILE-COMMUNICATIONS",
         "port" : 9990,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Proxy Authentication Required",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 407,
         "subnet" : "37.34.80.0/21",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 128.91.136.204:9990 (tcp/unknown) - last seen on 2024-11-21 at 09:23:28 UTC

    • IP
      128.91.136.204
      Network
      128.91.0.0/16
      Domain(s)
      upenn.edu
      Device

      <enterprise field>: device.class

      Operating System
      FreeBSD FreeBSD
      Reverse DNS
      xloc-066.wxpn.upenn.edu
      ASN
      AS55
      Organization
      UPENN
      Protocol
      unknown
      Source
      datascan
    • Operating System
      FreeBSD FreeBSD
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      1e1836191f01fb73e6ee29c308ce98ef
    • PROTOCOL PREAMBLE:
      Version: 2.8
      
      VIDEOHUB DEVICE:
      Device present: false
      
      END PRELUDE:
      
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:23:28.000Z",
         "app" : {
            "length" : 87
         },
         "asn" : "AS55",
         "city" : "Philadelphia",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "PROTOCOL PREAMBLE:\nVersion: 2.8\n\nVIDEOHUB DEVICE:\nDevice present: false\n\nEND PRELUDE:\n\n",
         "datamd5" : "1e1836191f01fb73e6ee29c308ce98ef",
         "datammh3" : 1405974319,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "upenn.edu"
         ],
         "geolocus" : {
            "asn" : "AS55",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "upenn.edu"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "UPENN",
            "organization" : "University of Pennsylvania",
            "subnet" : "128.91.0.0/16"
         },
         "host" : [
            "xloc-066"
         ],
         "hostname" : [
            "xloc-066.wxpn.upenn.edu"
         ],
         "ip" : "128.91.136.204",
         "ipv6" : "false",
         "latitude" : "39.9597",
         "location" : "39.9597,-75.1995",
         "longitude" : "-75.1995",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "UPENN",
         "os" : "FreeBSD",
         "osvendor" : "FreeBSD",
         "port" : 9990,
         "protocol" : "unknown",
         "reverse" : [
            "xloc-066.wxpn.upenn.edu"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "subdomains" : [
            "wxpn.upenn.edu"
         ],
         "subnet" : "128.91.0.0/16",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "edu"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 34.173.132.73:9990 (tcp/http) - last seen on 2024-11-21 at 09:23:20 UTC

    • IP
      34.173.132.73
      Network
      34.168.0.0/13
      Domain(s)
      googleusercontent.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://34.173.132.73:9990/ 404

      Reverse DNS
      73.132.173.34.bc.googleusercontent.com
      ASN
      AS396982
      Organization
      GOOGLE-CLOUD-PLATFORM
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      83d07b842b1ed2327b161b1279847633
      HTTP Header MD5
      f7430cdb1622717dcc6c0bf53b71e7b3
      HTTP Body MD5
      595e88012a6521aae3e12cbebe76eb9e
    • HTTP/1.1 404 Not Found
      Content-Type: text/plain; charset=utf-8
      X-Content-Type-Options: nosniff
      Date: Thu, 21 Nov 2024 09:23:20 GMT
      Content-Length: 19
      Connection: close
      
      404 page not found
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:23:20.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "595e88012a6521aae3e12cbebe76eb9e",
               "bodymmh3" : -138391155,
               "headermd5" : "f7430cdb1622717dcc6c0bf53b71e7b3",
               "headermmh3" : 774832469
            },
            "length" : 195
         },
         "asn" : "AS396982",
         "city" : "Council Bluffs",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 404 Not Found\r\nContent-Type: text/plain; charset=utf-8\r\nX-Content-Type-Options: nosniff\r\nDate: Thu, 21 Nov 2024 09:23:20 GMT\r\nContent-Length: 19\r\nConnection: close\r\n\r\n404 page not found\n",
         "datamd5" : "83d07b842b1ed2327b161b1279847633",
         "datammh3" : 1090285471,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "googleusercontent.com"
         ],
         "geolocus" : {
            "asn" : "AS396982",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "google.com",
               "googleusercontent.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "GOOGL-2",
            "organization" : "Google LLC",
            "subnet" : "34.172.0.0/15"
         },
         "host" : [
            73
         ],
         "hostname" : [
            "73.132.173.34.bc.googleusercontent.com"
         ],
         "ip" : "34.173.132.73",
         "ipv6" : "false",
         "latitude" : "41.2591",
         "location" : "41.2591,-95.8517",
         "longitude" : "-95.8517",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "GOOGLE-CLOUD-PLATFORM",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 9990,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Not Found",
         "reverse" : [
            "73.132.173.34.bc.googleusercontent.com"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 404,
         "subdomains" : [
            "132.173.34.bc.googleusercontent.com",
            "173.34.bc.googleusercontent.com",
            "34.bc.googleusercontent.com",
            "bc.googleusercontent.com"
         ],
         "subnet" : "34.168.0.0/13",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }