Cyber Defense Search Engine

IP
76.82.65.137

Network
76.82.64.0/18

Domain(s)
spectrum.com

Device

<enterprise field>: device.class

URL

http://76.82.65.137:4040/login.view;jsessionid=1dzzy9dv0j7o0? 200

HTTP Title
Subsonic

Reverse DNS
syn-076-082-065-137.res.spectrum.com

ASN
AS20001

Organization
TWC-20001-PACWEST

Protocol
http

Source
datascan::redirect::1
Product
Mortbay Jetty 6.1.x

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
49350c0741cf2790be6e0327e79650e9

HTTP Header MD5
bf65a84e096c3775511bffc8b6119276

HTTP Body MD5
2a5cae381212999d68f61cf0dcf7546b

HTTP/1.1 200 OK
Content-Language: en
Content-Type: text/html; charset=utf-8
Connection: close
Server: Jetty(6.1.x)


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html><head>
    









<title>Subsonic</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<link rel="icon" type="image/png" href="/icons/favicon.png;jsessionid=1dzzy9dv0j7o0"/>
<link rel="stylesheet" href="/fonts/fonts.css;jsessionid=1dzzy9dv0j7o0" type="text/css">
<link rel="stylesheet" href="/style/barents.css;jsessionid=1dzzy9dv0j7o0?v=6.1" type="text/css">
<link rel="stylesheet" href="/style/font-awesome-4.5.0/css/font-awesome.min.css;jsessionid=1dzzy9dv0j7o0">
<script type="text/javascript" src="/script/mousetrap-1.5.3.js;jsessionid=1dzzy9dv0j7o0"></script>
<script type="text/javascript">

    Mousetrap.bind('space', function() { getPlayerWindow().keyboardShortcut("togglePlayPause"); return false });
    Mousetrap.bind('left', function() { getPlayerWindow().keyboardShortcut("previous") });
    Mousetrap.bind('right', function() { getPlayerWindow().keyboardShortcut("next") });
    Mousetrap.bind('shift+left', function() { getPlayerWindow().keyboardShortcut("seekBackward") });
    Mousetrap.bind('shift+right', function() { getPlayerWindow().keyboardShortcut("seekForward") });
    Mousetrap.bind('-', function() { getPlayerWindow().keyboardShortcut("volumeDown") });
    Mousetrap.bind('*', function() { getPlayerWindow().keyboardShortcut("star") });
    Mousetrap.bind('plus', function() { getPlayerWindow().keyboardShortcut("volumeUp") });
    Mousetrap.bind('m', function() { parent.frames.upper.keyboardShortcut("toggleSideBar") });
    Mousetrap.bind('q', function() { parent.frames.playQueue.keyboardShortcut("togglePlayQueue") });
    Mousetrap.bind('l', function() { parent.frames.main.keyboardShortcut("toggleViewAsList") });
    Mousetrap.bind('g h', function() { parent.frames.upper.keyboardShortcut("showHome") });
    Mousetrap.bind('g i', function() { parent.frames.upper.keyboardShortcut("showIndex") });
    Mousetrap.bind('g p', function() { parent.frames.upper.keyboardShortcut("showPlaylists") });
    Mousetrap.bind('g o', function() { parent.frames.upper.keyboardShortcut("showPodcasts") });
    Mousetrap.bind('g s', function() { parent.frames.upper.keyboardShortcut("showSettings") });
    Mousetrap.bind('g d', function() { parent.frames.upper.keyboardShortcut("showInternetRadio") });
    Mousetrap.bind('g b', function() { parent.frames.upper.keyboardShortcut("showBookmarks") });
    Mousetrap.bind('g t', function() { parent.frames.upper.keyboardShortcut("showStarred") });
    Mousetrap.bind('g r', function() { parent.frames.upper.keyboardShortcut("showMore") });
    Mousetrap.bind('g a', function() { parent.frames.upper.keyboardShortcut("showAbout") });
    Mousetrap.bind('/', function() { parent.frames.upper.keyboardShortcut("search"); return false });
    Mousetrap.bind('?', function() { parent.frames.upper.keyboardShortcut("showMore", "shortcuts")});

    var indices = "abcdefghijklmnopqrstuvwxyz";
    for (var i = 0, len = indices.length; i < len; i++) {
        var target = indices.substring(i, i + 1);
        createKeyboardShortcutForIndex(target);
    }

    function getPlayerWindow() {
        if (parent.frames.main == null) {
            return window;
        }
        if (parent.frames.main.location.href.indexOf("videoPlayer.view") == -1) {
            return parent.frames.playQueue;
        }
        return parent.frames.main;
    }

    function createKeyboardShortcutForIndex(index) {
        Mousetrap.bind("i " + index, function() {
            parent.frames.upper.keyboardShortcut("showIndex", index.toUpperCase());
        });
    }

</script>


    <script type="text/javascript">
        if (window != window.top) {
            top.location.href = location.href;
        }
    </script>

</head>
<body class="mainframe bgcolor1" onload="document.getElementById('j_username').focus()">

<form action="/j_acegi_security_check;jsessionid=1dzzy9dv0j7o0" method="POST">
    <div class="bgcolor2 dropshadow" align="center" style="padding:20px 50px 20px 50px; margin-top:100px;margin-left:50px;margin-right:50px">

        <div style="margin-bottom:1em;max-width:50em;text-align:left;"></div>

        <table>
        <tr>
            <td colspan="2" align="center" style="padding-bottom:10px">
                <img src="/icons/subsonic_logo.png;jsessionid=1dzzy9dv0j7o0" style="height:50px; vertical-align:middle" alt="">
                <span style="font-size:20px; font-weight:400; vertical-align:middle; padding-left:3px">Subsonic</span>
            </td>
        </tr>
        <tr>
            <td align="left" style="padding-right:10px">Username</td>
            <td align="left"><input type="text" id="j_username" name="j_username" style="width:12em" tabindex="1"></td>
        </tr>

        <tr>
            <td align="left" style="padding-bottom:10px">Password</td>
            <td align="left" style="padding-bottom:10px"><input type="password" name="j_password" style="width:12em" tabindex="2"></td>
        </tr>

        <tr>
            <td align="left"><input name="submit" type="submit" value="Log in" tabindex="4"></td>
            <td align="left" class="detail">
                <input type="checkbox" name="_acegi_security_remember_me" id="remember" class="checkbox" tabindex="3">
                <label for="remember">Remember me</label>
            </td>
        </tr>
            <tr>
                <td></td>
                <td align="left" class="detail"><a href="recover.view">Forgotten your password?</a></td>
            </tr>
            
            
            

        </table>

        

    </div>
</form>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:41:10.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/loose.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "2a5cae381212999d68f61cf0dcf7546b",
         "bodymmh3" : -815286268,
         "headermd5" : "bf65a84e096c3775511bffc8b6119276",
         "headermmh3" : 959458220,
         "title" : "Subsonic"
      },
      "length" : 5924
   },
   "asn" : "AS20001",
   "city" : "Van Nuys",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Language: en\r\nContent-Type: text/html; charset=utf-8\r\nConnection: close\r\nServer: Jetty(6.1.x)\r\n\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\r\n\r\n<html><head>\r\n    \r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n<title>Subsonic</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\r\n\r\n<link rel=\"icon\" type=\"image/png\" href=\"/icons/favicon.png;jsessionid=1dzzy9dv0j7o0\"/>\r\n<link rel=\"stylesheet\" href=\"/fonts/fonts.css;jsessionid=1dzzy9dv0j7o0\" type=\"text/css\">\r\n<link rel=\"stylesheet\" href=\"/style/barents.css;jsessionid=1dzzy9dv0j7o0?v=6.1\" type=\"text/css\">\r\n<link rel=\"stylesheet\" href=\"/style/font-awesome-4.5.0/css/font-awesome.min.css;jsessionid=1dzzy9dv0j7o0\">\r\n<script type=\"text/javascript\" src=\"/script/mousetrap-1.5.3.js;jsessionid=1dzzy9dv0j7o0\"></script>\r\n<script type=\"text/javascript\">\r\n\r\n    Mousetrap.bind('space', function() { getPlayerWindow().keyboardShortcut(\"togglePlayPause\"); return false });\r\n    Mousetrap.bind('left', function() { getPlayerWindow().keyboardShortcut(\"previous\") });\r\n    Mousetrap.bind('right', function() { getPlayerWindow().keyboardShortcut(\"next\") });\r\n    Mousetrap.bind('shift+left', function() { getPlayerWindow().keyboardShortcut(\"seekBackward\") });\r\n    Mousetrap.bind('shift+right', function() { getPlayerWindow().keyboardShortcut(\"seekForward\") });\r\n    Mousetrap.bind('-', function() { getPlayerWindow().keyboardShortcut(\"volumeDown\") });\r\n    Mousetrap.bind('*', function() { getPlayerWindow().keyboardShortcut(\"star\") });\r\n    Mousetrap.bind('plus', function() { getPlayerWindow().keyboardShortcut(\"volumeUp\") });\r\n    Mousetrap.bind('m', function() { parent.frames.upper.keyboardShortcut(\"toggleSideBar\") });\r\n    Mousetrap.bind('q', function() { parent.frames.playQueue.keyboardShortcut(\"togglePlayQueue\") });\r\n    Mousetrap.bind('l', function() { parent.frames.main.keyboardShortcut(\"toggleViewAsList\") });\r\n    Mousetrap.bind('g h', function() { parent.frames.upper.keyboardShortcut(\"showHome\") });\r\n    Mousetrap.bind('g i', function() { parent.frames.upper.keyboardShortcut(\"showIndex\") });\r\n    Mousetrap.bind('g p', function() { parent.frames.upper.keyboardShortcut(\"showPlaylists\") });\r\n    Mousetrap.bind('g o', function() { parent.frames.upper.keyboardShortcut(\"showPodcasts\") });\r\n    Mousetrap.bind('g s', function() { parent.frames.upper.keyboardShortcut(\"showSettings\") });\r\n    Mousetrap.bind('g d', function() { parent.frames.upper.keyboardShortcut(\"showInternetRadio\") });\r\n    Mousetrap.bind('g b', function() { parent.frames.upper.keyboardShortcut(\"showBookmarks\") });\r\n    Mousetrap.bind('g t', function() { parent.frames.upper.keyboardShortcut(\"showStarred\") });\r\n    Mousetrap.bind('g r', function() { parent.frames.upper.keyboardShortcut(\"showMore\") });\r\n    Mousetrap.bind('g a', function() { parent.frames.upper.keyboardShortcut(\"showAbout\") });\r\n    Mousetrap.bind('/', function() { parent.frames.upper.keyboardShortcut(\"search\"); return false });\r\n    Mousetrap.bind('?', function() { parent.frames.upper.keyboardShortcut(\"showMore\", \"shortcuts\")});\r\n\r\n    var indices = \"abcdefghijklmnopqrstuvwxyz\";\r\n    for (var i = 0, len = indices.length; i < len; i++) {\r\n        var target = indices.substring(i, i + 1);\r\n        createKeyboardShortcutForIndex(target);\r\n    }\r\n\r\n    function getPlayerWindow() {\r\n        if (parent.frames.main == null) {\r\n            return window;\r\n        }\r\n        if (parent.frames.main.location.href.indexOf(\"videoPlayer.view\") == -1) {\r\n            return parent.frames.playQueue;\r\n        }\r\n        return parent.frames.main;\r\n    }\r\n\r\n    function createKeyboardShortcutForIndex(index) {\r\n        Mousetrap.bind(\"i \" + index, function() {\r\n            parent.frames.upper.keyboardShortcut(\"showIndex\", index.toUpperCase());\r\n        });\r\n    }\r\n\r\n</script>\r\n\r\n\r\n    <script type=\"text/javascript\">\r\n        if (window != window.top) {\r\n            top.location.href = location.href;\r\n        }\r\n    </script>\r\n\r\n</head>\r\n<body class=\"mainframe bgcolor1\" onload=\"document.getElementById('j_username').focus()\">\r\n\r\n<form action=\"/j_acegi_security_check;jsessionid=1dzzy9dv0j7o0\" method=\"POST\">\r\n    <div class=\"bgcolor2 dropshadow\" align=\"center\" style=\"padding:20px 50px 20px 50px; margin-top:100px;margin-left:50px;margin-right:50px\">\r\n\r\n        <div style=\"margin-bottom:1em;max-width:50em;text-align:left;\"></div>\r\n\r\n        <table>\r\n        <tr>\r\n            <td colspan=\"2\" align=\"center\" style=\"padding-bottom:10px\">\r\n                <img src=\"/icons/subsonic_logo.png;jsessionid=1dzzy9dv0j7o0\" style=\"height:50px; vertical-align:middle\" alt=\"\">\r\n                <span style=\"font-size:20px; font-weight:400; vertical-align:middle; padding-left:3px\">Subsonic</span>\r\n            </td>\r\n        </tr>\r\n        <tr>\r\n            <td align=\"left\" style=\"padding-right:10px\">Username</td>\r\n            <td align=\"left\"><input type=\"text\" id=\"j_username\" name=\"j_username\" style=\"width:12em\" tabindex=\"1\"></td>\r\n        </tr>\r\n\r\n        <tr>\r\n            <td align=\"left\" style=\"padding-bottom:10px\">Password</td>\r\n            <td align=\"left\" style=\"padding-bottom:10px\"><input type=\"password\" name=\"j_password\" style=\"width:12em\" tabindex=\"2\"></td>\r\n        </tr>\r\n\r\n        <tr>\r\n            <td align=\"left\"><input name=\"submit\" type=\"submit\" value=\"Log in\" tabindex=\"4\"></td>\r\n            <td align=\"left\" class=\"detail\">\r\n                <input type=\"checkbox\" name=\"_acegi_security_remember_me\" id=\"remember\" class=\"checkbox\" tabindex=\"3\">\r\n                <label for=\"remember\">Remember me</label>\r\n            </td>\r\n        </tr>\r\n            <tr>\r\n                <td></td>\r\n                <td align=\"left\" class=\"detail\"><a href=\"recover.view\">Forgotten your password?</a></td>\r\n            </tr>\r\n            \r\n            \r\n            \r\n\r\n        </table>\r\n\r\n        \r\n\r\n    </div>\r\n</form>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "49350c0741cf2790be6e0327e79650e9",
   "datammh3" : 497658577,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "spectrum.com"
   ],
   "forward" : "76.82.65.137",
   "geolocus" : {
      "asn" : "AS20001",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "charter.com",
         "charter.net",
         "spectrum.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "RRWE",
      "organization" : "Charter Communications Inc",
      "subnet" : "76.82.0.0/15"
   },
   "host" : [
      "syn-076-082-065-137"
   ],
   "hostname" : [
      "76.82.65.137",
      "syn-076-082-065-137.res.spectrum.com"
   ],
   "ip" : "76.82.65.137",
   "ipv6" : "false",
   "latitude" : "34.1794",
   "location" : "34.1794,-118.4313",
   "longitude" : "-118.4313",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TWC-20001-PACWEST",
   "port" : 4040,
   "product" : "Jetty",
   "productvendor" : "Mortbay",
   "productversion" : "6.1.x",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "syn-076-082-065-137.res.spectrum.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::1",
   "status" : 200,
   "subdomains" : [
      "res.spectrum.com"
   ],
   "subnet" : "76.82.64.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/login.view;jsessionid=1dzzy9dv0j7o0?"
}

IP
195.88.198.247

Network
195.88.198.0/23

Domain(s)
su408.ru

Device

<enterprise field>: device.class

URL

http://195.88.198.247:4040/ 301

HTTP Title
Resource can be reach on other place

Reverse DNS
mail.su408.ru

ASN
AS49156

Organization
Izhline Ltd.

Protocol
http

Source
datascan::redirect::1

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7c8a5dc3dc68b0b3c15341cf9221248b

HTTP Header MD5
069fee52bb0f53cb7365a1d7bb890f4d

HTTP Body MD5
64e2afd99c566ab074f0e30f627126b9

HTTP/1.1 301 Moved permanently
Connection: Close
Content-Length: 314
Content-Type: text/html
Date: Thu, 21 Nov 2024 08:40:56 GMT
Location: https://<ip>:4040/
X-UA-Compatible: IE=edge

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Resource can be reach on other place</title>
</head>
<body>
<p>Use following link to obtain <a href="https://<ip>:4040/">requested resource</a></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:41:09.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64e2afd99c566ab074f0e30f627126b9",
         "bodymmh3" : -1892820458,
         "headermd5" : "069fee52bb0f53cb7365a1d7bb890f4d",
         "headermmh3" : -1304102856,
         "title" : "Resource can be reach on other place"
      },
      "length" : 496
   },
   "asn" : "AS49156",
   "country" : "RU",
   "data" : "HTTP/1.1 301 Moved permanently\r\nConnection: Close\r\nContent-Length: 314\r\nContent-Type: text/html\r\nDate: Thu, 21 Nov 2024 08:40:56 GMT\r\nLocation: https://<ip>:4040/\r\nX-UA-Compatible: IE=edge\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>Resource can be reach on other place</title>\n</head>\n<body>\n<p>Use following link to obtain <a href=\"https://<ip>:4040/\">requested resource</a></p>\n</body>\n</html>\n",
   "datamd5" : "7c8a5dc3dc68b0b3c15341cf9221248b",
   "datammh3" : 680111204,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "su408.ru"
   ],
   "forward" : "195.88.198.247",
   "host" : [
      "mail"
   ],
   "hostname" : [
      "195.88.198.247",
      "mail.su408.ru"
   ],
   "ip" : "195.88.198.247",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Izhline Ltd.",
   "port" : 4040,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved permanently",
   "reverse" : [
      "mail.su408.ru"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::1",
   "status" : 301,
   "subnet" : "195.88.198.0/23",
   "tld" : [
      "ru"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
1.229.241.174

Network
1.229.224.0/19

Device

<enterprise field>: device.class

URL

http://1.229.241.174:4040/login/login.cgi 200

ASN
AS9318

Organization
SK Broadband Co Ltd

Protocol
http

Source
datascan::redirect::1
Product
httpd httpd

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0648e0e5eb3085c4f5cd95c72e62c499

HTTP Header MD5
2e3cf0b3cd7ae8f605f24e9da2872e1d

HTTP Body MD5
2698d7734e050c8e1627921006e4cddb

HTTP/1.0 200 OK
Date: Thu, 21 Nov 2024 08:41:07 GMT
Server: Httpd/1.0
Connection: close
Content-type: text/html; charset=utf-8

<html><script> top.location = "/sess-bin/login_session.cgi"; //session_timeout </script></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:41:08.000Z",
   "app" : {
      "extract" : {
         "file" : [
            "login_session.cgi"
         ]
      },
      "http" : {
         "bodymd5" : "2698d7734e050c8e1627921006e4cddb",
         "bodymmh3" : 1764082122,
         "headermd5" : "2e3cf0b3cd7ae8f605f24e9da2872e1d",
         "headermmh3" : -275503895
      },
      "length" : 227
   },
   "asn" : "AS9318",
   "city" : "Nowon-gu",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nDate: Thu, 21 Nov 2024 08:41:07 GMT\r\nServer: Httpd/1.0\r\nConnection: close\r\nContent-type: text/html; charset=utf-8\n\n<html><script> top.location = \"/sess-bin/login_session.cgi\"; //session_timeout </script></html>",
   "datamd5" : "0648e0e5eb3085c4f5cd95c72e62c499",
   "datammh3" : -594127593,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "1.229.241.174",
   "geolocus" : {
      "asn" : "AS9318",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "nic.or.kr",
         "skbroadband.com"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "broadNnet",
      "organization" : "SK Broadband Co Ltd",
      "subnet" : "1.229.224.0/19"
   },
   "hostname" : [
      "1.229.241.174"
   ],
   "ip" : "1.229.241.174",
   "ipv6" : "false",
   "latitude" : "37.6636",
   "location" : "37.6636,127.0512",
   "longitude" : "127.0512",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SK Broadband Co Ltd",
   "port" : 4040,
   "product" : "httpd",
   "productvendor" : "httpd",
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::1",
   "status" : 200,
   "subnet" : "1.229.224.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/login/login.cgi"
}

IP
109.190.208.75

Network
109.190.0.0/16

Device

<enterprise field>: device.class

URL

http://109.190.208.75:4040/ 301

HTTP Title
Resource can be reach on other place

ASN
AS35540

Organization
OVH SAS

Protocol
http

Source
datascan::redirect::1

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7c8a5dc3dc68b0b3c15341cf9221248b

HTTP Header MD5
069fee52bb0f53cb7365a1d7bb890f4d

HTTP Body MD5
64e2afd99c566ab074f0e30f627126b9

HTTP/1.1 301 Moved permanently
Connection: Close
Content-Length: 314
Content-Type: text/html
Date: Thu, 21 Nov 2024 08:41:53 GMT
Location: https://<ip>:4040/
X-UA-Compatible: IE=edge

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Resource can be reach on other place</title>
</head>
<body>
<p>Use following link to obtain <a href="https://<ip>:4040/">requested resource</a></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:41:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64e2afd99c566ab074f0e30f627126b9",
         "bodymmh3" : -1892820458,
         "headermd5" : "069fee52bb0f53cb7365a1d7bb890f4d",
         "headermmh3" : -1555122062,
         "title" : "Resource can be reach on other place"
      },
      "length" : 496
   },
   "asn" : "AS35540",
   "city" : "Issy-les-Moulineaux",
   "country" : "FR",
   "data" : "HTTP/1.1 301 Moved permanently\r\nConnection: Close\r\nContent-Length: 314\r\nContent-Type: text/html\r\nDate: Thu, 21 Nov 2024 08:41:53 GMT\r\nLocation: https://<ip>:4040/\r\nX-UA-Compatible: IE=edge\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>Resource can be reach on other place</title>\n</head>\n<body>\n<p>Use following link to obtain <a href=\"https://<ip>:4040/\">requested resource</a></p>\n</body>\n</html>\n",
   "datamd5" : "7c8a5dc3dc68b0b3c15341cf9221248b",
   "datammh3" : 680111204,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "109.190.208.75",
   "geolocus" : {
      "asn" : "AS35540",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "ovh.fr",
         "ovh.net"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "OVH-DSL",
      "organization" : "OVH Telecom",
      "subnet" : "109.190.0.0/16"
   },
   "hostname" : [
      "109.190.208.75"
   ],
   "ip" : "109.190.208.75",
   "ipv6" : "false",
   "latitude" : "48.8232",
   "location" : "48.8232,2.2780",
   "longitude" : "2.2780",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "OVH SAS",
   "port" : 4040,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved permanently",
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::1",
   "status" : 301,
   "subnet" : "109.190.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
195.14.194.10

Network
195.14.192.0/18

Domain(s)
netcologne.de

Device

<enterprise field>: device.class

URL

http://195.14.194.10:4040/ 301

HTTP Title
Resource can be reach on other place

Reverse DNS
static-195-14-194-10.netcologne.de

ASN
AS8422

Organization
NetCologne Gesellschaft fur Telekommunikation mbH

Protocol
http

Source
datascan::redirect::5
Product
Kerio Control 9.3.1 patch 3

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
19b3db37614ec5d228647bfaf55c6010

HTTP Header MD5
c3eedf4103104cdfb951df5cc10045c1

HTTP Body MD5
64e2afd99c566ab074f0e30f627126b9

HTTP/1.1 301 Moved permanently
Connection: Close
Content-Length: 313
Content-Type: text/html
Date: Thu, 21 Nov 2024 08:35:29 GMT
Location: https://<ip>:4040/
Server: Kerio Connect 9.3.1 patch 3
X-UA-Compatible: IE=edge

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Resource can be reach on other place</title>
</head>
<body>
<p>Use following link to obtain <a href="https://<ip>:4040/">requested resource</a></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:40:12.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64e2afd99c566ab074f0e30f627126b9",
         "bodymmh3" : -1892820458,
         "headermd5" : "c3eedf4103104cdfb951df5cc10045c1",
         "headermmh3" : 83319544,
         "title" : "Resource can be reach on other place"
      },
      "length" : 533
   },
   "asn" : "AS8422",
   "city" : "Cologne",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved permanently\r\nConnection: Close\r\nContent-Length: 313\r\nContent-Type: text/html\r\nDate: Thu, 21 Nov 2024 08:35:29 GMT\r\nLocation: https://<ip>:4040/\r\nServer: Kerio Connect 9.3.1 patch 3\r\nX-UA-Compatible: IE=edge\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>Resource can be reach on other place</title>\n</head>\n<body>\n<p>Use following link to obtain <a href=\"https://<ip>:4040/\">requested resource</a></p>\n</body>\n</html>\n",
   "datamd5" : "19b3db37614ec5d228647bfaf55c6010",
   "datammh3" : -796823079,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "netcologne.de"
   ],
   "forward" : "195.14.194.10",
   "host" : [
      "static-195-14-194-10"
   ],
   "hostname" : [
      "195.14.194.10",
      "static-195-14-194-10.netcologne.de"
   ],
   "ip" : "195.14.194.10",
   "ipv6" : "false",
   "latitude" : "50.9475",
   "location" : "50.9475,6.9288",
   "longitude" : "6.9288",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "NetCologne Gesellschaft fur Telekommunikation mbH",
   "port" : 4040,
   "product" : "Control",
   "productvendor" : "Kerio",
   "productversion" : "9.3.1",
   "productversionpatch" : "patch 3",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved permanently",
   "reverse" : [
      "static-195-14-194-10.netcologne.de"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::5",
   "status" : 301,
   "subnet" : "195.14.192.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "de"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
109.202.30.190

Network
109.202.16.0/20

Domain(s)
stroitex.ru

Device

<enterprise field>: device.class

URL

http://109.202.30.190:4040/ 301

HTTP Title
Resource can be reach on other place

Reverse DNS
mail.stroitex.ru

ASN
AS25549

Organization
JSC Avantel

Protocol
http

Source
datascan::redirect::2

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7c8a5dc3dc68b0b3c15341cf9221248b

HTTP Header MD5
069fee52bb0f53cb7365a1d7bb890f4d

HTTP Body MD5
64e2afd99c566ab074f0e30f627126b9

HTTP/1.1 301 Moved permanently
Connection: Close
Content-Length: 314
Content-Type: text/html
Date: Thu, 21 Nov 2024 08:40:05 GMT
Location: https://<ip>:4040/
X-UA-Compatible: IE=edge

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Resource can be reach on other place</title>
</head>
<body>
<p>Use following link to obtain <a href="https://<ip>:4040/">requested resource</a></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:40:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64e2afd99c566ab074f0e30f627126b9",
         "bodymmh3" : -1892820458,
         "headermd5" : "069fee52bb0f53cb7365a1d7bb890f4d",
         "headermmh3" : 2114727658,
         "title" : "Resource can be reach on other place"
      },
      "length" : 496
   },
   "asn" : "AS25549",
   "city" : "Novosibirsk",
   "country" : "RU",
   "data" : "HTTP/1.1 301 Moved permanently\r\nConnection: Close\r\nContent-Length: 314\r\nContent-Type: text/html\r\nDate: Thu, 21 Nov 2024 08:40:05 GMT\r\nLocation: https://<ip>:4040/\r\nX-UA-Compatible: IE=edge\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>Resource can be reach on other place</title>\n</head>\n<body>\n<p>Use following link to obtain <a href=\"https://<ip>:4040/\">requested resource</a></p>\n</body>\n</html>\n",
   "datamd5" : "7c8a5dc3dc68b0b3c15341cf9221248b",
   "datammh3" : 680111204,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "stroitex.ru"
   ],
   "forward" : "109.202.30.190",
   "host" : [
      "mail"
   ],
   "hostname" : [
      "109.202.30.190",
      "mail.stroitex.ru"
   ],
   "ip" : "109.202.30.190",
   "ipv6" : "false",
   "latitude" : "54.9022",
   "location" : "54.9022,83.0335",
   "longitude" : "83.0335",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "JSC Avantel",
   "port" : 4040,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved permanently",
   "reverse" : [
      "mail.stroitex.ru"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 301,
   "subnet" : "109.202.16.0/20",
   "tld" : [
      "ru"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
195.4.133.32

Network
195.4.128.0/19

Domain(s)
ck-mail.org

Device

<enterprise field>: device.class

URL

http://195.4.133.32:4040/ 301

HTTP Title
Resource can be reach on other place

Reverse DNS
mail.ck-mail.org

ASN
AS60175

Organization
Wortmann Ag

Protocol
http

Source
datascan::redirect::5
Product
Kerio Control 10.0.4

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
4189aae5dead5752bec51f8fe1b5f56f

HTTP Header MD5
df9031ae399ab444f3f243007d869329

HTTP Body MD5
64e2afd99c566ab074f0e30f627126b9

HTTP/1.1 301 Moved permanently
Connection: Close
Content-Length: 312
Content-Type: text/html
Date: Thu, 21 Nov 2024 08:39:05 GMT
Location: https://<ip>:4040/
Server: Kerio Connect 10.0.4
X-UA-Compatible: IE=edge

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Resource can be reach on other place</title>
</head>
<body>
<p>Use following link to obtain <a href="https://<ip>:4040/">requested resource</a></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:39:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64e2afd99c566ab074f0e30f627126b9",
         "bodymmh3" : -1892820458,
         "headermd5" : "df9031ae399ab444f3f243007d869329",
         "headermmh3" : -2139321827,
         "title" : "Resource can be reach on other place"
      },
      "length" : 526
   },
   "asn" : "AS60175",
   "city" : "H\u00f6chberg",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved permanently\r\nConnection: Close\r\nContent-Length: 312\r\nContent-Type: text/html\r\nDate: Thu, 21 Nov 2024 08:39:05 GMT\r\nLocation: https://<ip>:4040/\r\nServer: Kerio Connect 10.0.4\r\nX-UA-Compatible: IE=edge\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>Resource can be reach on other place</title>\n</head>\n<body>\n<p>Use following link to obtain <a href=\"https://<ip>:4040/\">requested resource</a></p>\n</body>\n</html>\n",
   "datamd5" : "4189aae5dead5752bec51f8fe1b5f56f",
   "datammh3" : -869960113,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ck-mail.org"
   ],
   "forward" : "195.4.133.32",
   "host" : [
      "mail"
   ],
   "hostname" : [
      "195.4.133.32",
      "mail.ck-mail.org"
   ],
   "ip" : "195.4.133.32",
   "ipv6" : "false",
   "latitude" : "49.7895",
   "location" : "49.7895,9.8784",
   "longitude" : "9.8784",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Wortmann Ag",
   "port" : 4040,
   "product" : "Control",
   "productvendor" : "Kerio",
   "productversion" : "10.0.4",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved permanently",
   "reverse" : [
      "mail.ck-mail.org"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::5",
   "status" : 301,
   "subnet" : "195.4.128.0/19",
   "tld" : [
      "org"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
87.140.60.170

Network
87.136.0.0/13

Domain(s)
t-ipconnect.de

Device

<enterprise field>: device.class

URL

http://87.140.60.170:4040/ 301

HTTP Title
Resource can be reach on other place

Reverse DNS
p578c3caa.dip0.t-ipconnect.de

ASN
AS3320

Organization
Deutsche Telekom AG

Protocol
http

Source
datascan::redirect::5
Product
Kerio Control 10.0.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
d431bf1c87ac75db76931fba53725094

HTTP Header MD5
9374c886ef6fccad507f27e71bf58dbd

HTTP Body MD5
64e2afd99c566ab074f0e30f627126b9

HTTP/1.1 301 Moved permanently
Connection: Close
Content-Length: 313
Content-Type: text/html
Date: Thu, 21 Nov 2024 08:39:04 GMT
Location: https://<ip>:4040/
Server: Kerio Connect 10.0.6
X-UA-Compatible: IE=edge

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Resource can be reach on other place</title>
</head>
<body>
<p>Use following link to obtain <a href="https://<ip>:4040/">requested resource</a></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:39:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64e2afd99c566ab074f0e30f627126b9",
         "bodymmh3" : -1892820458,
         "headermd5" : "9374c886ef6fccad507f27e71bf58dbd",
         "headermmh3" : 1130083824,
         "title" : "Resource can be reach on other place"
      },
      "length" : 526
   },
   "asn" : "AS3320",
   "city" : "Bad Homburg",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved permanently\r\nConnection: Close\r\nContent-Length: 313\r\nContent-Type: text/html\r\nDate: Thu, 21 Nov 2024 08:39:04 GMT\r\nLocation: https://<ip>:4040/\r\nServer: Kerio Connect 10.0.6\r\nX-UA-Compatible: IE=edge\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>Resource can be reach on other place</title>\n</head>\n<body>\n<p>Use following link to obtain <a href=\"https://<ip>:4040/\">requested resource</a></p>\n</body>\n</html>\n",
   "datamd5" : "d431bf1c87ac75db76931fba53725094",
   "datammh3" : 2085899304,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "t-ipconnect.de"
   ],
   "forward" : "87.140.60.170",
   "host" : [
      "p578c3caa"
   ],
   "hostname" : [
      "87.140.60.170",
      "p578c3caa.dip0.t-ipconnect.de"
   ],
   "ip" : "87.140.60.170",
   "ipv6" : "false",
   "latitude" : "50.2272",
   "location" : "50.2272,8.6084",
   "longitude" : "8.6084",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Deutsche Telekom AG",
   "port" : 4040,
   "product" : "Control",
   "productvendor" : "Kerio",
   "productversion" : "10.0.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved permanently",
   "reverse" : [
      "p578c3caa.dip0.t-ipconnect.de"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::5",
   "status" : 301,
   "subdomains" : [
      "dip0.t-ipconnect.de"
   ],
   "subnet" : "87.136.0.0/13",
   "tld" : [
      "de"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
90.146.23.195

Network
90.146.0.0/16

Domain(s)
boa-effect.com

Device

<enterprise field>: device.class

URL

http://90.146.23.195:4040/ 301

HTTP Title
Resource can be reach on other place

Reverse DNS
mail.boa-effect.com

ASN
AS12605

Organization
LIWEST Kabelmedien GmbH

Protocol
http

Source
datascan::redirect::2
Product
Kerio Control 10.0.5

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
cfb7945347896e6689cee6cfa126e3d5

HTTP Header MD5
684934ca0de3eaee0ec279b4d722b65a

HTTP Body MD5
64e2afd99c566ab074f0e30f627126b9

HTTP/1.1 301 Moved permanently
Connection: Close
Content-Length: 313
Content-Type: text/html
Date: Thu, 21 Nov 2024 08:38:07 GMT
Location: https://<ip>:4040/
Server: Kerio Connect 10.0.5
X-UA-Compatible: IE=edge

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Resource can be reach on other place</title>
</head>
<body>
<p>Use following link to obtain <a href="https://<ip>:4040/">requested resource</a></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:38:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64e2afd99c566ab074f0e30f627126b9",
         "bodymmh3" : -1892820458,
         "headermd5" : "684934ca0de3eaee0ec279b4d722b65a",
         "headermmh3" : 1990697557,
         "title" : "Resource can be reach on other place"
      },
      "length" : 526
   },
   "asn" : "AS12605",
   "city" : "Linz",
   "country" : "AT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved permanently\r\nConnection: Close\r\nContent-Length: 313\r\nContent-Type: text/html\r\nDate: Thu, 21 Nov 2024 08:38:07 GMT\r\nLocation: https://<ip>:4040/\r\nServer: Kerio Connect 10.0.5\r\nX-UA-Compatible: IE=edge\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>Resource can be reach on other place</title>\n</head>\n<body>\n<p>Use following link to obtain <a href=\"https://<ip>:4040/\">requested resource</a></p>\n</body>\n</html>\n",
   "datamd5" : "cfb7945347896e6689cee6cfa126e3d5",
   "datammh3" : 191377409,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "boa-effect.com"
   ],
   "forward" : "90.146.23.195",
   "geolocus" : {
      "asn" : "AS12605",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "AT",
      "countryname" : "Austria",
      "domain" : [
         "liwest.at",
         "teamliwest.at"
      ],
      "isineu" : "true",
      "latitude" : "47.516231",
      "location" : "47.516231,14.550072",
      "longitude" : "14.550072",
      "netname" : "AT-LIWEST-DOCSIS",
      "organization" : "LIWEST",
      "subnet" : "90.146.0.0/16"
   },
   "host" : [
      "mail"
   ],
   "hostname" : [
      "90.146.23.195",
      "mail.boa-effect.com"
   ],
   "ip" : "90.146.23.195",
   "ipv6" : "false",
   "latitude" : "48.3074",
   "location" : "48.3074,14.2850",
   "longitude" : "14.2850",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "LIWEST Kabelmedien GmbH",
   "port" : 4040,
   "product" : "Control",
   "productvendor" : "Kerio",
   "productversion" : "10.0.5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved permanently",
   "reverse" : [
      "mail.boa-effect.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 301,
   "subnet" : "90.146.0.0/16",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
213.183.253.194

Network
213.183.252.0/22

Domain(s)
as20985.net

Device

<enterprise field>: device.class

URL

http://213.183.253.194:4040/ 301

HTTP Title
Resource can be reach on other place

Reverse DNS
host-213-183-253-194.rev.as20985.net

ASN
AS20985

Organization
ArtX LLC

Protocol
http

Source
datascan::redirect::3
Product
Kerio Control 9.2.8 patch 1

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
207afba81c66c59a2d8036b2af1f3a88

HTTP Header MD5
460c5c2d5233235fc2384bcf67a8b138

HTTP Body MD5
64e2afd99c566ab074f0e30f627126b9

HTTP/1.1 301 Moved permanently
Connection: Close
Content-Length: 315
Content-Type: text/html
Date: Thu, 21 Nov 2024 08:37:08 GMT
Location: https://<ip>:4040/
Server: Kerio Connect 9.2.8 patch 1
X-UA-Compatible: IE=edge

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Resource can be reach on other place</title>
</head>
<body>
<p>Use following link to obtain <a href="https://<ip>:4040/">requested resource</a></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:37:09.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64e2afd99c566ab074f0e30f627126b9",
         "bodymmh3" : -1892820458,
         "headermd5" : "460c5c2d5233235fc2384bcf67a8b138",
         "headermmh3" : 329022040,
         "title" : "Resource can be reach on other place"
      },
      "length" : 533
   },
   "asn" : "AS20985",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved permanently\r\nConnection: Close\r\nContent-Length: 315\r\nContent-Type: text/html\r\nDate: Thu, 21 Nov 2024 08:37:08 GMT\r\nLocation: https://<ip>:4040/\r\nServer: Kerio Connect 9.2.8 patch 1\r\nX-UA-Compatible: IE=edge\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>Resource can be reach on other place</title>\n</head>\n<body>\n<p>Use following link to obtain <a href=\"https://<ip>:4040/\">requested resource</a></p>\n</body>\n</html>\n",
   "datamd5" : "207afba81c66c59a2d8036b2af1f3a88",
   "datammh3" : 1556558720,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "as20985.net"
   ],
   "forward" : "213.183.253.194",
   "host" : [
      "host-213-183-253-194"
   ],
   "hostname" : [
      "213.183.253.194",
      "host-213-183-253-194.rev.as20985.net"
   ],
   "ip" : "213.183.253.194",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ArtX LLC",
   "port" : 4040,
   "product" : "Control",
   "productvendor" : "Kerio",
   "productversion" : "9.2.8",
   "productversionpatch" : "patch 1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved permanently",
   "reverse" : [
      "host-213-183-253-194.rev.as20985.net"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::3",
   "status" : 301,
   "subdomains" : [
      "rev.as20985.net"
   ],
   "subnet" : "213.183.252.0/22",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 254,061 in 0.109 second(s)

76.82.65.137:4040 (tcp/http) - last seen on 2024-11-21 at 08:41:10 UTC

195.88.198.247:4040 (tcp/http) - last seen on 2024-11-21 at 08:41:09 UTC

1.229.241.174:4040 (tcp/http) - last seen on 2024-11-21 at 08:41:08 UTC

109.190.208.75:4040 (tcp/http) - last seen on 2024-11-21 at 08:41:07 UTC

195.14.194.10:4040 (tcp/http) - last seen on 2024-11-21 at 08:40:12 UTC

109.202.30.190:4040 (tcp/http) - last seen on 2024-11-21 at 08:40:05 UTC

195.4.133.32:4040 (tcp/http) - last seen on 2024-11-21 at 08:39:05 UTC

87.140.60.170:4040 (tcp/http) - last seen on 2024-11-21 at 08:39:05 UTC

90.146.23.195:4040 (tcp/http) - last seen on 2024-11-21 at 08:38:07 UTC

213.183.253.194:4040 (tcp/http) - last seen on 2024-11-21 at 08:37:09 UTC