Cyber Defense Search Engine

IP
69.77.208.35

Network
69.77.192.0/18

Domain(s)
gwtc.net

Device

<enterprise field>: device.class

URL

http://69.77.208.35:9990/ 301

HTTP Title
Moved Permanently

Reverse DNS
69-77-208-35.ip4.gwtc.net

ASN
AS6580

Organization
GWTC

Protocol
http

Source
datascan::redirect::5

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e539c04994c2cd8807e555472d40d7f0

HTTP Header MD5
2c561ce2561b7f6113f96cf56b362b57

HTTP Body MD5
6d74b20c6fa245a96aa940816c13f6ff

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Content-Length: 98
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Nov 2024 09:26:05 GMT
Location: https://<ip>:9990/

<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>301 Moved Permanently -- </H1></BODY>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:26:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "6d74b20c6fa245a96aa940816c13f6ff",
         "bodymmh3" : -2097937471,
         "headermd5" : "2c561ce2561b7f6113f96cf56b362b57",
         "headermmh3" : 1270230483,
         "title" : "Moved Permanently"
      },
      "length" : 291
   },
   "asn" : "AS6580",
   "city" : "Winner",
   "country" : "US",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nAccess-Control-Allow-Origin: *\r\nContent-Length: 98\r\nContent-Type: text/html; charset=utf-8\r\nDate: Thu, 21 Nov 2024 09:26:05 GMT\r\nLocation: https://<ip>:9990/\r\n\r\n<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>301 Moved Permanently -- </H1></BODY>",
   "datamd5" : "e539c04994c2cd8807e555472d40d7f0",
   "datammh3" : -274522966,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "gwtc.net"
   ],
   "forward" : "69.77.208.35",
   "geolocus" : {
      "asn" : "AS6580",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "goldenwest.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "DLRP-BBA1-POOL-01",
      "organization" : "Golden West Telecommunications Coop., Inc.",
      "subnet" : "69.77.192.0/18"
   },
   "host" : [
      "69-77-208-35"
   ],
   "hostname" : [
      "69-77-208-35.ip4.gwtc.net",
      "69.77.208.35"
   ],
   "ip" : "69.77.208.35",
   "ipv6" : "false",
   "latitude" : "43.3767",
   "location" : "43.3767,-99.8590",
   "longitude" : "-99.8590",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GWTC",
   "port" : 9990,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "reverse" : [
      "69-77-208-35.ip4.gwtc.net"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::5",
   "status" : 301,
   "subdomains" : [
      "ip4.gwtc.net"
   ],
   "subnet" : "69.77.192.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
62.213.122.230

Network
62.213.122.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://62.213.122.230:9990/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS197695

Organization
Domain names registrar REG.RU, Ltd

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 09:24:27 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:24:27.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : -1639722418,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS197695",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 09:24:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "62.213.122.230",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Domain names registrar REG.RU, Ltd",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9990,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "62.213.122.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
154.21.211.210

Network
154.21.208.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://154.21.211.210:9990/ 407

ASN
AS174

Organization
COGENT-174

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5
4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5
917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:24:27.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS174",
   "city" : "New Orleans",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS174",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cogentco.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "COGENT-154-21-16",
      "organization" : "PSINet, Inc.",
      "subnet" : "154.21.210.0/23"
   },
   "ip" : "154.21.211.210",
   "ipv6" : "false",
   "latitude" : "29.9607",
   "location" : "29.9607,-90.0754",
   "longitude" : "-90.0754",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "COGENT-174",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9990,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "154.21.208.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
45.129.127.130

Network
45.129.127.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://45.129.127.130:9990/ 407

ASN
AS30633

Organization
LEASEWEB-USA-WDC

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5
4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5
917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:24:26.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS30633",
   "city" : "Ashburn",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS30633",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "rapidseedbox.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "US-RAPIDSEEDBOX-20190313",
      "organization" : "US-RAPIDSEEDBOX-20190313",
      "subnet" : "45.129.127.0/24"
   },
   "ip" : "45.129.127.130",
   "ipv6" : "false",
   "latitude" : "39.0814",
   "location" : "39.0814,-77.6443",
   "longitude" : "-77.6443",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "LEASEWEB-USA-WDC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9990,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "45.129.127.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
123.60.127.82

Network
123.60.0.0/16

Domain(s)
hwclouds-dns.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://123.60.127.82:9990/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
ecs-123-60-127-82.compute.hwclouds-dns.com

ASN
AS55990

Organization
Huawei Cloud Service data center

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1669a0dbf3548e4bc93f696ed05e5286

HTTP Header MD5
1bcf1dcb69e0b166facc4cad91962931

HTTP Body MD5
4ea630c72fb92754153fdeee2796514a

HTTP/1.1 400 Bad Request
Server: CloudWAF
Date: Thu, 21 Nov 2024 09:24:25 GMT
Content-Type: text/html
Content-Length: 251
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>CloudWAF</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:24:25.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "4ea630c72fb92754153fdeee2796514a",
         "bodymmh3" : -1197436772,
         "headermd5" : "1bcf1dcb69e0b166facc4cad91962931",
         "headermmh3" : -518732662,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 399
   },
   "asn" : "AS55990",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: CloudWAF\r\nDate: Thu, 21 Nov 2024 09:24:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 251\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>CloudWAF</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "1669a0dbf3548e4bc93f696ed05e5286",
   "datammh3" : 517877946,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "hwclouds-dns.com"
   ],
   "geolocus" : {
      "asn" : "AS55990",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnnic.cn",
         "huawei.com",
         "hwclouds-dns.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "HWCSNET",
      "organization" : "Huawei Public Cloud Service (Huawei Software Technologies Ltd.Co)",
      "subnet" : "123.60.64.0/18"
   },
   "host" : [
      "ecs-123-60-127-82"
   ],
   "hostname" : [
      "ecs-123-60-127-82.compute.hwclouds-dns.com"
   ],
   "ip" : "123.60.127.82",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Huawei Cloud Service data center",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9990,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "ecs-123-60-127-82.compute.hwclouds-dns.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "compute.hwclouds-dns.com"
   ],
   "subnet" : "123.60.0.0/16",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
191.101.168.23

Network
191.101.168.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://191.101.168.23:9990/ 407

ASN
AS61317

Organization
Hivelocity LLC

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5
4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5
917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:24:23.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS61317",
   "city" : "Los Angeles",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "191.101.168.23",
   "ipv6" : "false",
   "latitude" : "34.0544",
   "location" : "34.0544,-118.2441",
   "longitude" : "-118.2441",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hivelocity LLC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9990,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "191.101.168.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
138.36.152.227

Network
138.36.152.0/22

Device

<enterprise field>: device.class

URL

http://138.36.152.227:9990/ 301

ASN
AS28453

Organization
GK TELECOMUNICACIONES

Protocol
http

Source
datascan::redirect::3
Product
Proxmox Virtual Environment 3.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
9ed0e3ca85983c101460b975f064974a

HTTP Header MD5
de2c54cdd1e009b0f283ed93c4545e2b

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=0
Connection: close
Date: Thu, 21 Nov 2024 09:24:05 GMT
Pragma: no-cache
Location: https://<ip>:9990/
Server: pve-api-daemon/3.0
Expires: Thu, 21 Nov 2024 09:24:05 GMT

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:24:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "de2c54cdd1e009b0f283ed93c4545e2b",
         "headermmh3" : 1257650681
      },
      "length" : 232
   },
   "asn" : "AS28453",
   "city" : "G\u00f3mez Far\u00edas",
   "country" : "MX",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nCache-Control: max-age=0\r\nConnection: close\r\nDate: Thu, 21 Nov 2024 09:24:05 GMT\r\nPragma: no-cache\r\nLocation: https://<ip>:9990/\r\nServer: pve-api-daemon/3.0\r\nExpires: Thu, 21 Nov 2024 09:24:05 GMT\r\n\r\n",
   "datamd5" : "9ed0e3ca85983c101460b975f064974a",
   "datammh3" : 1560048122,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "138.36.152.227",
   "geolocus" : {
      "asn" : "AS28453",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "MX",
      "countryname" : "Mexico",
      "domain" : [
         "hotmail.com"
      ],
      "isineu" : "false",
      "latitude" : "23.634501",
      "location" : "23.634501,-102.552784",
      "longitude" : "-102.552784",
      "netname" : "MX-GTSC3-LACNIC",
      "organization" : "GK TELECOMUNICACIONES",
      "subnet" : "138.36.152.0/22"
   },
   "hostname" : [
      "138.36.152.227"
   ],
   "ip" : "138.36.152.227",
   "ipv6" : "false",
   "latitude" : "19.7934",
   "location" : "19.7934,-103.4810",
   "longitude" : "-103.4810",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GK TELECOMUNICACIONES",
   "port" : 9990,
   "product" : "Virtual Environment",
   "productvendor" : "Proxmox",
   "productversion" : "3.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::3",
   "status" : 301,
   "subnet" : "138.36.152.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
37.34.84.121

Network
37.34.80.0/21

Device

<enterprise field>: device.class

URL

http://37.34.84.121:9990/ 407

ASN
AS996

Organization
JY-MOBILE-COMMUNICATIONS

Protocol
http

Source
datascan

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
beff904528226673ee6dbdb9e7fe6002

HTTP Header MD5
4bd5a82db187fbf06a2b7f25b880c717

HTTP Body MD5
917a0ae17b6e9db13c448d39f37c69ca

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

Proxy Authentication Required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:23:32.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "917a0ae17b6e9db13c448d39f37c69ca",
         "bodymmh3" : -1539650452,
         "headermd5" : "4bd5a82db187fbf06a2b7f25b880c717",
         "headermmh3" : 372433470
      },
      "length" : 111
   },
   "asn" : "AS996",
   "city" : "Dallas",
   "country" : "US",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"\"\r\n\r\nProxy Authentication Required",
   "datamd5" : "beff904528226673ee6dbdb9e7fe6002",
   "datammh3" : 501879459,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "37.34.84.121",
   "ipv6" : "false",
   "latitude" : "32.7889",
   "location" : "32.7889,-96.8021",
   "longitude" : "-96.8021",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "JY-MOBILE-COMMUNICATIONS",
   "port" : 9990,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "37.34.80.0/21",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
128.91.136.204

Network
128.91.0.0/16

Domain(s)
upenn.edu

Device

<enterprise field>: device.class

Operating System
FreeBSD FreeBSD

Reverse DNS
xloc-066.wxpn.upenn.edu

ASN
AS55

Organization
UPENN

Protocol
unknown

Source
datascan
Operating System
FreeBSD FreeBSD

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1e1836191f01fb73e6ee29c308ce98ef

PROTOCOL PREAMBLE:
Version: 2.8

VIDEOHUB DEVICE:
Device present: false

END PRELUDE:

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:23:28.000Z",
   "app" : {
      "length" : 87
   },
   "asn" : "AS55",
   "city" : "Philadelphia",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "PROTOCOL PREAMBLE:\nVersion: 2.8\n\nVIDEOHUB DEVICE:\nDevice present: false\n\nEND PRELUDE:\n\n",
   "datamd5" : "1e1836191f01fb73e6ee29c308ce98ef",
   "datammh3" : 1405974319,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "upenn.edu"
   ],
   "geolocus" : {
      "asn" : "AS55",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "upenn.edu"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "UPENN",
      "organization" : "University of Pennsylvania",
      "subnet" : "128.91.0.0/16"
   },
   "host" : [
      "xloc-066"
   ],
   "hostname" : [
      "xloc-066.wxpn.upenn.edu"
   ],
   "ip" : "128.91.136.204",
   "ipv6" : "false",
   "latitude" : "39.9597",
   "location" : "39.9597,-75.1995",
   "longitude" : "-75.1995",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UPENN",
   "os" : "FreeBSD",
   "osvendor" : "FreeBSD",
   "port" : 9990,
   "protocol" : "unknown",
   "reverse" : [
      "xloc-066.wxpn.upenn.edu"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subdomains" : [
      "wxpn.upenn.edu"
   ],
   "subnet" : "128.91.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "edu"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
34.173.132.73

Network
34.168.0.0/13

Domain(s)
googleusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://34.173.132.73:9990/ 404

Reverse DNS
73.132.173.34.bc.googleusercontent.com

ASN
AS396982

Organization
GOOGLE-CLOUD-PLATFORM

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
83d07b842b1ed2327b161b1279847633

HTTP Header MD5
f7430cdb1622717dcc6c0bf53b71e7b3

HTTP Body MD5
595e88012a6521aae3e12cbebe76eb9e

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Thu, 21 Nov 2024 09:23:20 GMT
Content-Length: 19
Connection: close

404 page not found

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:23:20.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "595e88012a6521aae3e12cbebe76eb9e",
         "bodymmh3" : -138391155,
         "headermd5" : "f7430cdb1622717dcc6c0bf53b71e7b3",
         "headermmh3" : 774832469
      },
      "length" : 195
   },
   "asn" : "AS396982",
   "city" : "Council Bluffs",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 404 Not Found\r\nContent-Type: text/plain; charset=utf-8\r\nX-Content-Type-Options: nosniff\r\nDate: Thu, 21 Nov 2024 09:23:20 GMT\r\nContent-Length: 19\r\nConnection: close\r\n\r\n404 page not found\n",
   "datamd5" : "83d07b842b1ed2327b161b1279847633",
   "datammh3" : 1090285471,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "googleusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS396982",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "google.com",
         "googleusercontent.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "GOOGL-2",
      "organization" : "Google LLC",
      "subnet" : "34.172.0.0/15"
   },
   "host" : [
      73
   ],
   "hostname" : [
      "73.132.173.34.bc.googleusercontent.com"
   ],
   "ip" : "34.173.132.73",
   "ipv6" : "false",
   "latitude" : "41.2591",
   "location" : "41.2591,-95.8517",
   "longitude" : "-95.8517",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GOOGLE-CLOUD-PLATFORM",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9990,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "reverse" : [
      "73.132.173.34.bc.googleusercontent.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 404,
   "subdomains" : [
      "132.173.34.bc.googleusercontent.com",
      "173.34.bc.googleusercontent.com",
      "34.bc.googleusercontent.com",
      "bc.googleusercontent.com"
   ],
   "subnet" : "34.168.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 121,535 in 0.077 second(s)

69.77.208.35:9990 (tcp/http) - last seen on 2024-11-21 at 09:26:06 UTC

62.213.122.230:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:27 UTC

154.21.211.210:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:27 UTC

45.129.127.130:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:26 UTC

123.60.127.82:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:25 UTC

191.101.168.23:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:23 UTC

138.36.152.227:9990 (tcp/http) - last seen on 2024-11-21 at 09:24:05 UTC

37.34.84.121:9990 (tcp/http) - last seen on 2024-11-21 at 09:23:32 UTC

128.91.136.204:9990 (tcp/unknown) - last seen on 2024-11-21 at 09:23:28 UTC

34.173.132.73:9990 (tcp/http) - last seen on 2024-11-21 at 09:23:20 UTC