Cyber Defense Search Engine

IP
176.122.23.175

Network
176.122.20.0/22

Device

<enterprise field>: device.class

ASN
AS48096

Organization
Enterprise Cloud Ltd.

Protocol
smb

Source
datascan::smb3

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1a5a17b92f0545e32b2b48e2f4c2a886
```
\x83\x00\x00\x01\x8f
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:32:12.000Z",
   "app" : {
      "length" : 5
   },
   "asn" : "AS48096",
   "country" : "RU",
   "data" : "\\x83\\x00\\x00\\x01\\x8f",
   "datamd5" : "1a5a17b92f0545e32b2b48e2f4c2a886",
   "datammh3" : -1043747254,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "176.122.23.175",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Enterprise Cloud Ltd.",
   "port" : 139,
   "protocol" : "smb",
   "seen_date" : "2024-11-07",
   "source" : "datascan::smb3",
   "subnet" : "176.122.20.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
188.227.74.34

Network
188.227.72.0/22

Device

<enterprise field>: device.class

ASN
AS48096

Organization
Enterprise Cloud Ltd.

Protocol
smb

Source
datascan::smb3

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1a5a17b92f0545e32b2b48e2f4c2a886
```
\x83\x00\x00\x01\x8f
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:32:12.000Z",
   "app" : {
      "length" : 5
   },
   "asn" : "AS48096",
   "city" : "St Petersburg",
   "country" : "RU",
   "data" : "\\x83\\x00\\x00\\x01\\x8f",
   "datamd5" : "1a5a17b92f0545e32b2b48e2f4c2a886",
   "datammh3" : -1043747254,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS48096",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "RU",
      "countryname" : "Russia",
      "domain" : [
         "it-grad.ru",
         "severen.net",
         "severen.ru"
      ],
      "isineu" : "false",
      "latitude" : "61.52401",
      "location" : "61.52401,105.318756",
      "longitude" : "105.318756",
      "netname" : "it-grad-1-net",
      "organization" : "IT-Grad Ltd",
      "subnet" : "188.227.72.0/22"
   },
   "ip" : "188.227.74.34",
   "ipv6" : "false",
   "latitude" : "59.9417",
   "location" : "59.9417,30.3096",
   "longitude" : "30.3096",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Enterprise Cloud Ltd.",
   "port" : 139,
   "protocol" : "smb",
   "seen_date" : "2024-11-07",
   "source" : "datascan::smb3",
   "subnet" : "188.227.72.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
176.122.23.175

Network
176.122.20.0/22

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS48096

Organization
Enterprise Cloud Ltd.

Protocol
smb

Source
datascan
Operating System
Microsoft Windows

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
406fd1050a7200a5839230a4db104db8
```
\x83\x00\x00\x01\x82
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:53:16.000Z",
   "app" : {
      "length" : 5
   },
   "asn" : "AS48096",
   "country" : "RU",
   "data" : "\\x83\\x00\\x00\\x01\\x82",
   "datamd5" : "406fd1050a7200a5839230a4db104db8",
   "datammh3" : -1148168695,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "176.122.23.175",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Enterprise Cloud Ltd.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 139,
   "protocol" : "smb",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "176.122.20.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
188.227.74.34

Network
188.227.72.0/22

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS48096

Organization
Enterprise Cloud Ltd.

Protocol
smb

Source
datascan
Operating System
Microsoft Windows

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
406fd1050a7200a5839230a4db104db8
```
\x83\x00\x00\x01\x82
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:34:59.000Z",
   "app" : {
      "length" : 5
   },
   "asn" : "AS48096",
   "city" : "St Petersburg",
   "country" : "RU",
   "data" : "\\x83\\x00\\x00\\x01\\x82",
   "datamd5" : "406fd1050a7200a5839230a4db104db8",
   "datammh3" : -1148168695,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS48096",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "RU",
      "countryname" : "Russia",
      "domain" : [
         "it-grad.ru",
         "severen.net",
         "severen.ru"
      ],
      "isineu" : "false",
      "latitude" : "61.52401",
      "location" : "61.52401,105.318756",
      "longitude" : "105.318756",
      "netname" : "it-grad-1-net",
      "organization" : "IT-Grad Ltd",
      "subnet" : "188.227.72.0/22"
   },
   "ip" : "188.227.74.34",
   "ipv6" : "false",
   "latitude" : "59.9417",
   "location" : "59.9417,30.3096",
   "longitude" : "30.3096",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Enterprise Cloud Ltd.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 139,
   "protocol" : "smb",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "188.227.72.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
188.227.16.31

Alternative IP(s)
188.114.96.2 188.114.97.2 2a06:98c1:3120:0:0:0:0:2 2a06:98c1:3121:0:0:0:0:2 89.208.197.56

Network
188.227.16.0/22

Domain(s)
art-mg.ru feliksov.ru

Device

<enterprise field>: device.class

Reverse DNS
art-mg.ru feliksov.ru

ASN
AS48096

Organization
Enterprise Cloud Ltd.

Protocol
smb

Source
datascan::smb3

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1a5a17b92f0545e32b2b48e2f4c2a886
```
\x83\x00\x00\x01\x8f
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:32:13.000Z",
   "alternativeip" : [
      "188.114.96.2",
      "188.114.97.2",
      "2a06:98c1:3120:0:0:0:0:2",
      "2a06:98c1:3121:0:0:0:0:2",
      "89.208.197.56"
   ],
   "app" : {
      "length" : 5
   },
   "asn" : "AS48096",
   "country" : "RU",
   "data" : "\\x83\\x00\\x00\\x01\\x8f",
   "datamd5" : "1a5a17b92f0545e32b2b48e2f4c2a886",
   "datammh3" : -1043747254,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "art-mg.ru",
      "feliksov.ru"
   ],
   "hostname" : [
      "art-mg.ru",
      "feliksov.ru"
   ],
   "ip" : "188.227.16.31",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Enterprise Cloud Ltd.",
   "port" : 139,
   "protocol" : "smb",
   "reverse" : [
      "art-mg.ru",
      "feliksov.ru"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan::smb3",
   "subnet" : "188.227.16.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ru"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
188.227.16.31

Alternative IP(s)
188.114.96.2 188.114.97.2 2a06:98c1:3120:0:0:0:0:2 2a06:98c1:3121:0:0:0:0:2 89.208.197.56

Network
188.227.16.0/22

Domain(s)
art-mg.ru feliksov.ru

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

Reverse DNS
feliksov.ru art-mg.ru

ASN
AS48096

Organization
Enterprise Cloud Ltd.

Protocol
smb

Source
datascan
Operating System
Microsoft Windows

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
406fd1050a7200a5839230a4db104db8
```
\x83\x00\x00\x01\x82
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T02:50:02.000Z",
   "alternativeip" : [
      "188.114.96.2",
      "188.114.97.2",
      "2a06:98c1:3120:0:0:0:0:2",
      "2a06:98c1:3121:0:0:0:0:2",
      "89.208.197.56"
   ],
   "app" : {
      "length" : 5
   },
   "asn" : "AS48096",
   "country" : "RU",
   "data" : "\\x83\\x00\\x00\\x01\\x82",
   "datamd5" : "406fd1050a7200a5839230a4db104db8",
   "datammh3" : -1148168695,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "art-mg.ru",
      "feliksov.ru"
   ],
   "hostname" : [
      "art-mg.ru",
      "feliksov.ru"
   ],
   "ip" : "188.227.16.31",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Enterprise Cloud Ltd.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 139,
   "protocol" : "smb",
   "reverse" : [
      "feliksov.ru",
      "art-mg.ru"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "188.227.16.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ru"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
188.72.77.163

Network
188.72.76.0/23

Device

<enterprise field>: device.class

ASN
AS48096

Organization
Enterprise Cloud Ltd.

Protocol
smb

Source
datascan::smb3

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b68aa9e42398b95872a3d6c750a956ee

\x00\x00\x00I\xfeSMB@\x00\x00\x00\x0d\x00\x00\xc0\x00\x00\x01\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00	\x00\x00\x00\x00\x00\x00\x00\x00

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T00:32:23.000Z",
   "app" : {
      "length" : 77
   },
   "asn" : "AS48096",
   "country" : "RU",
   "data" : "\\x00\\x00\\x00I\\xfeSMB@\\x00\\x00\\x00\\x0d\\x00\\x00\\xc0\\x00\\x00\\x01\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\t\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00",
   "datamd5" : "b68aa9e42398b95872a3d6c750a956ee",
   "datammh3" : -140368424,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS48096",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "RU",
      "countryname" : "Russia",
      "domain" : [
         "1cloud.ru",
         "it-grad.ru"
      ],
      "isineu" : "false",
      "latitude" : "61.52401",
      "location" : "61.52401,105.318756",
      "longitude" : "105.318756",
      "netname" : "ITG-1CLOUD-SPB",
      "organization" : "ITG-1CLOUD-SPB",
      "subnet" : "188.72.76.0/23"
   },
   "ip" : "188.72.77.163",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Enterprise Cloud Ltd.",
   "port" : 139,
   "protocol" : "smb",
   "seen_date" : "2024-11-07",
   "source" : "datascan::smb3",
   "subnet" : "188.72.76.0/23",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
188.72.77.163

Network
188.72.76.0/23

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS48096

Organization
Enterprise Cloud Ltd.

Protocol
smb

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
4c4aff2e5de757833006d7f55c3f2127
```
\x82\x00\x00\x00
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T23:37:09.000Z",
   "app" : {
      "length" : 4
   },
   "asn" : "AS48096",
   "country" : "RU",
   "data" : "\\x82\\x00\\x00\\x00",
   "datamd5" : "4c4aff2e5de757833006d7f55c3f2127",
   "datammh3" : 1244046860,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS48096",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "RU",
      "countryname" : "Russia",
      "domain" : [
         "1cloud.ru",
         "it-grad.ru"
      ],
      "isineu" : "false",
      "latitude" : "61.52401",
      "location" : "61.52401,105.318756",
      "longitude" : "105.318756",
      "netname" : "ITG-1CLOUD-SPB",
      "organization" : "ITG-1CLOUD-SPB",
      "subnet" : "188.72.76.0/23"
   },
   "ip" : "188.72.77.163",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Enterprise Cloud Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 139,
   "protocol" : "smb",
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "subnet" : "188.72.76.0/23",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
185.158.155.3

Network
185.158.152.0/22

Device

<enterprise field>: device.class

ASN
AS48096

Organization
Enterprise Cloud Ltd.

Protocol
smb

Source
datascan::smb3

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1a5a17b92f0545e32b2b48e2f4c2a886
```
\x83\x00\x00\x01\x8f
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T21:32:40.000Z",
   "app" : {
      "length" : 5
   },
   "asn" : "AS48096",
   "country" : "RU",
   "data" : "\\x83\\x00\\x00\\x01\\x8f",
   "datamd5" : "1a5a17b92f0545e32b2b48e2f4c2a886",
   "datammh3" : -1043747254,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "185.158.155.3",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Enterprise Cloud Ltd.",
   "port" : 139,
   "protocol" : "smb",
   "seen_date" : "2024-11-06",
   "source" : "datascan::smb3",
   "subnet" : "185.158.152.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
78.140.221.134

Network
78.140.220.0/22

Device

<enterprise field>: device.class

ASN
AS48096

Organization
Enterprise Cloud Ltd.

Protocol
smb

Source
datascan::smb3

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1a5a17b92f0545e32b2b48e2f4c2a886
```
\x83\x00\x00\x01\x8f
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T21:32:13.000Z",
   "app" : {
      "length" : 5
   },
   "asn" : "AS48096",
   "country" : "RU",
   "data" : "\\x83\\x00\\x00\\x01\\x8f",
   "datamd5" : "1a5a17b92f0545e32b2b48e2f4c2a886",
   "datammh3" : -1043747254,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "78.140.221.134",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Enterprise Cloud Ltd.",
   "port" : 139,
   "protocol" : "smb",
   "seen_date" : "2024-11-06",
   "source" : "datascan::smb3",
   "subnet" : "78.140.220.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

Returning 10 result(s) out of 1,054 in 0.057 second(s)

176.122.23.175:139 (tcp/smb) - last seen on 2024-11-07 at 04:32:12 UTC

188.227.74.34:139 (tcp/smb) - last seen on 2024-11-07 at 04:32:12 UTC

176.122.23.175:139 (tcp/smb) - last seen on 2024-11-07 at 03:53:16 UTC

188.227.74.34:139 (tcp/smb) - last seen on 2024-11-07 at 03:34:59 UTC

188.227.16.31:139 (tcp/smb) - last seen on 2024-11-07 at 03:32:13 UTC

188.227.16.31:139 (tcp/smb) - last seen on 2024-11-07 at 02:50:02 UTC

188.72.77.163:139 (tcp/smb) - last seen on 2024-11-07 at 00:32:23 UTC

188.72.77.163:139 (tcp/smb) - last seen on 2024-11-06 at 23:37:09 UTC

185.158.155.3:139 (tcp/smb) - last seen on 2024-11-06 at 21:32:40 UTC

78.140.221.134:139 (tcp/smb) - last seen on 2024-11-06 at 21:32:13 UTC