IP

59.75.40.48

Network

59.64.0.0/12

Device

<enterprise field>: device.class

URL

http://59.75.40.48:212/ 302

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Data MD5

96d7aced4477a5334c7de4616620bcc7

HTTP Header MD5

17494da67b263d49a356f29516833bab

HTTP Body MD5

d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:26:46.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.254.3"
         ],
         "url" : [
            "http://192.168.254.3"
         ]
      },
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "17494da67b263d49a356f29516833bab",
         "headermmh3" : 1664562682
      },
      "length" : 153
   },
   "asn" : "AS4538",
   "country" : "CN",
   "data" : "HTTP/1.1 302 Moved Temporarily\r\nServer: DrcomServer1.0\r\nLocation: http://192.168.254.3\r\nCache-Control: no-cache\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "96d7aced4477a5334c7de4616620bcc7",
   "datammh3" : 1446480259,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cernet.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "XAR-CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "59.75.40.0/26"
   },
   "ip" : "59.75.40.48",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 212,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Temporarily",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "59.64.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

171.237.236.243

Alternative IP(s)

125.235.4.59

Network

171.237.0.0/16

Domain(s)

viettel.vn

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://171.237.236.243:212/ 200

Reverse DNS

dynamic-ip-adsl.viettel.vn

ASN

AS7552

Organization

Viettel Group

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

43f617e14b1cb912245557db598906db

HTTP Header MD5

f620e9aa6fa885cb3ba70c96073f3028

HTTP Body MD5

13b8369f911fb613be01e0f8564c9b79

HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 12:26:18 GMT
Server: Webs
X-Frame-Options: SAMEORIGIN
ETag: "0-c4d-1e0"
Content-Length: 480
Content-Type: text/html
Connection: close
Last-Modified: Sun, 30 Sep 2018 02:37:15 GMT

<!doctype html>
<html>
<head>
	<title></title>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta http-equiv="X-UA-Compatible" content="IE=edge" >
	<meta http-equiv="Pragma" content="no-cache" />
	<meta http-equiv="Cache-Control" content="no-cache, must-revalidate" />
	<meta http-equiv="Expires" content="0" />
</head>
<body>
</body>
<script>
	window.location.href = "/doc/page/login.asp?_" + (new Date()).getTime();
</script>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:26:20.000Z",
   "alternativeip" : [
      "125.235.4.59"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "13b8369f911fb613be01e0f8564c9b79",
         "bodymmh3" : 1400196417,
         "header" : [
            {
               "name" : "ETag",
               "value" : "0-c4d-1e0"
            },
            {
               "value" : "Sun, 30 Sep 2018 02:37:15 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "f620e9aa6fa885cb3ba70c96073f3028",
         "headermmh3" : -1073139831
      },
      "length" : 709
   },
   "asn" : "AS7552",
   "city" : "Hanoi",
   "country" : "VN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 12:26:18 GMT\r\nServer: Webs\r\nX-Frame-Options: SAMEORIGIN\r\nETag: \"0-c4d-1e0\"\r\nContent-Length: 480\r\nContent-Type: text/html\r\nConnection: close\r\nLast-Modified: Sun, 30 Sep 2018 02:37:15 GMT\r\n\r\n\ufeff<!doctype html>\r\n<html>\r\n<head>\r\n\t<title></title>\r\n\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" >\r\n\t<meta http-equiv=\"Pragma\" content=\"no-cache\" />\r\n\t<meta http-equiv=\"Cache-Control\" content=\"no-cache, must-revalidate\" />\r\n\t<meta http-equiv=\"Expires\" content=\"0\" />\r\n</head>\r\n<body>\r\n</body>\r\n<script>\r\n\twindow.location.href = \"/doc/page/login.asp?_\" + (new Date()).getTime();\r\n</script>\r\n</html>",
   "datamd5" : "43f617e14b1cb912245557db598906db",
   "datammh3" : -1984802626,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "viettel.vn"
   ],
   "geolocus" : {
      "asn" : "AS7552",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "VN",
      "countryname" : "Vietnam",
      "domain" : [
         "viettel.com.vn",
         "viettel.vn",
         "vnnic.vn"
      ],
      "isineu" : "false",
      "latitude" : "14.058324",
      "location" : "14.058324,108.277199",
      "longitude" : "108.277199",
      "netname" : "VIETTEL-VN",
      "organization" : "VIETTEL-VN",
      "subnet" : "171.232.0.0/13"
   },
   "host" : [
      "dynamic-ip-adsl"
   ],
   "hostname" : [
      "dynamic-ip-adsl.viettel.vn"
   ],
   "ip" : "171.237.236.243",
   "ipv6" : "false",
   "latitude" : "21.0292",
   "location" : "21.0292,105.8526",
   "longitude" : "105.8526",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Viettel Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 212,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "dynamic-ip-adsl.viettel.vn"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "171.237.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "vn"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

101.34.149.157

Network

101.34.0.0/15

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

ASN

AS45090

Organization

Shenzhen Tencent Computer Systems Company Limited

Protocol

ftp

Source

datascan

Operating System

Microsoft Windows

Product

SolarWinds Serv-U 15.4.2

CPE(s)

<enterprise field>: cpe

Data MD5

33657eedb6acd132e203667bb77a4e88

220 Serv-U FTP Server v15.4.2 ready...
530 Not logged in.
530 Not logged in.
530 Not logged in.
530 Not logged in.
530 Not logged in.
331 User name okay, please send complete E-mail address as password.
530 Sorry, no ANONYMOUS access allowed.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:25:16.000Z",
   "app" : {
      "ftp" : {
         "anonymous" : "false"
      },
      "length" : 249
   },
   "asn" : "AS45090",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220 Serv-U FTP Server v15.4.2 ready...\r\n530 Not logged in.\r\n530 Not logged in.\r\n530 Not logged in.\r\n530 Not logged in.\r\n530 Not logged in.\r\n331 User name okay, please send complete E-mail address as password.\n530 Sorry, no ANONYMOUS access allowed.\n",
   "datamd5" : "33657eedb6acd132e203667bb77a4e88",
   "datammh3" : -1564030821,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS45090",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "tencent.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "TENCENT-CN",
      "organization" : "Tencent Cloud Computing (Beijing) Co., Ltd",
      "subnet" : "101.34.0.0/15"
   },
   "ip" : "101.34.149.157",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Shenzhen Tencent Computer Systems Company Limited",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 212,
   "product" : "Serv-U",
   "productvendor" : "SolarWinds",
   "productversion" : "15.4.2",
   "protocol" : "ftp",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "101.34.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

95.82.185.127

Network

95.82.128.0/18

Domain(s)

nbox.cz

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://95.82.185.127:212/ 200

Reverse DNS

ip4-95-82-185-127.cust.nbox.cz

ASN

AS31246

Organization

O2 Czech Republic, a.s.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

WebServer WebServer

CPE(s)

<enterprise field>: cpe

Data MD5

1bb8fa07f809815047f6d68be4ea5b2f

HTTP Header MD5

8172940b138d0c7d8a7d125dfcde7faa

HTTP Body MD5

13b8369f911fb613be01e0f8564c9b79

Favicon MD5

89b932fcc47cf4ca3faadb0cfdef89cf

Favicon MMH3

999357577

HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 04:49:52 GMT
Server: webserver
ETag: "c73-1e0-5addc867"
Content-Length: 480
Content-Type: text/html
Connection: close
Last-Modified: Mon, 23 Apr 2018 11:49:59 GMT

<!doctype html>
<html>
<head>
	<title></title>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta http-equiv="X-UA-Compatible" content="IE=edge" >
	<meta http-equiv="Pragma" content="no-cache" />
	<meta http-equiv="Cache-Control" content="no-cache, must-revalidate" />
	<meta http-equiv="Expires" content="0" />
</head>
<body>
</body>
<script>
	window.location.href = "/doc/page/login.asp?_" + (new Date()).getTime();
</script>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:21:56.000Z",
   "app" : {
      "favicon" : {
         "image" : "AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkJCSYJCQksmQkJL/kJCS/5CQkv+QkJL/kJCS/5CQkv+QkJL/kJCS/5CQkv+QkJL/kJCS25CQknIAAAAAkpKUb6Cgov/ExMr/0tLY/9LS2P/S0tj/0tLY/9LS2P/S0tj/0tLY/9LS2P/S0tj/0tLY/8nJzv+np6r/kpKUkJWVlti/v8D/xsbI/8bGyP/CwsT/jo6Q/11dXv8vLy//KCgp/1FRUv+OjpD/wMDC/8bGyP/Gxsj/xcXH/5iYmf+YmJn/x8fI/8fHyP/Dw8T/aGhp/xISEv8HBwf/FxcV/x4eHP8JCQn/CAgI/z09Pf/CwsL/x8fI/8fHyP+goKH/m5ud/8jIyf/IyMn/kJCQ/xEREf8YGBf/R0dG/2BgZf9/fYT/pqaj/1paVf8CAgL/X19g/8jIyf/IyMn/o6Ol/5+fof/Kysv/w8PD/yEgIf8XFxf/NDQ0/ygpLP8SECj/Cwk5/0VEdP+rqLT/b3Fs/wAAAP+jo6T/ysrL/6enqP+ioqT/zMzN/4ODhP8TExP/IiIi/wwNDf8AAAD/AAAm/ywpcP8rKW//JiNp/5eWnP8sLCn/OTk6/8zMzf+pqav/pqao/8/Pz/9ZWVn/Ghoa/xUUE/8mIA7/FxQQ/wAAMP9xbb3/jYnQ/wsLTP9CQWP/UFBK/wUFBf/Pz8//ra2v/6urrf/T09T/XV1d/xsbHv8iHxL/s5tV/0E4H/9wY0L/LSg1/wICPv8AADD/Hx5C/0pKRv8HBwb/09PU/7KytP+vr7H/3t7f/4iIif8nJyv/FhQL/8etXf+mkU7/V04y/y0pF/8AAAD/AAAM/ycmNP80NDP/Kysr/97e3/+3t7n/srK0/+Pj5P/Fxcb/SkpL/wMFBf+WgkT/07Vj/6+WUv9HPSH/BQQA/wUFBf82Njb/FRUU/4qKi//j4+T/u7u8/7a2uP/o6Or/6Ojq/4+Pj/84ODv/AAAA/415Qf+xmFT/SD4i/wYFBf8dHR3/JiYm/ysrK//l5ef/6Ojq/7+/wf+5ubz/7u7w/+7u8P/p6ev/l5eY/z9AQf8JCw7/AAAC/wcHCP8XFxf/Hx8f/0tLTP/f3+D/7u7w/+7u8P/CwsX/vLy/2+vr7f/z8/X/8/P1//Pz9f/ExMb/hYWG/0xMTv8/QUH/aGho/6Ojpf/z8/X/8/P1//Pz9f/y8vT/wMDD/7+/wXLNzc//7u7x//b2+f/29vn/9vb5//b2+f/29vn/9vb5//b2+f/29vn/9vb5//b2+f/x8fT/1NTX/7+/wZAAAAAAwcHDcsHBw9vBwcP/wcHD/8HBw//BwcP/wcHD/8HBw//BwcP/wcHD/8HBw//BwcP/wcHD6sHBw4EAAAAAgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAEAAA==",
         "imagemd5" : "89b932fcc47cf4ca3faadb0cfdef89cf",
         "imagemmh3" : 999357577,
         "length" : 1150,
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "13b8369f911fb613be01e0f8564c9b79",
         "bodymmh3" : 1400196417,
         "header" : [
            {
               "value" : "c73-1e0-5addc867",
               "name" : "ETag"
            },
            {
               "name" : "Last-Modified",
               "value" : "Mon, 23 Apr 2018 11:49:59 GMT"
            }
         ],
         "headermd5" : "8172940b138d0c7d8a7d125dfcde7faa",
         "headermmh3" : -393048383
      },
      "length" : 692
   },
   "asn" : "AS31246",
   "city" : "Brno",
   "country" : "CZ",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 04:49:52 GMT\r\nServer: webserver\r\nETag: \"c73-1e0-5addc867\"\r\nContent-Length: 480\r\nContent-Type: text/html\r\nConnection: close\r\nLast-Modified: Mon, 23 Apr 2018 11:49:59 GMT\r\n\r\n\ufeff<!doctype html>\r\n<html>\r\n<head>\r\n\t<title></title>\r\n\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" >\r\n\t<meta http-equiv=\"Pragma\" content=\"no-cache\" />\r\n\t<meta http-equiv=\"Cache-Control\" content=\"no-cache, must-revalidate\" />\r\n\t<meta http-equiv=\"Expires\" content=\"0\" />\r\n</head>\r\n<body>\r\n</body>\r\n<script>\r\n\twindow.location.href = \"/doc/page/login.asp?_\" + (new Date()).getTime();\r\n</script>\r\n</html>",
   "datamd5" : "1bb8fa07f809815047f6d68be4ea5b2f",
   "datammh3" : -1757886075,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "nbox.cz"
   ],
   "host" : [
      "ip4-95-82-185-127"
   ],
   "hostname" : [
      "ip4-95-82-185-127.cust.nbox.cz"
   ],
   "ip" : "95.82.185.127",
   "ipv6" : "false",
   "latitude" : "49.2125",
   "location" : "49.2125,16.7118",
   "longitude" : "16.7118",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "O2 Czech Republic, a.s.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 212,
   "product" : "WebServer",
   "productvendor" : "WebServer",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ip4-95-82-185-127.cust.nbox.cz"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "cust.nbox.cz"
   ],
   "subnet" : "95.82.128.0/18",
   "tld" : [
      "cz"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

<access denied by policy>

Network

<access denied by policy>

Domain(s)

<access denied by policy>

Operating System

<access denied by policy> <access denied by policy> <access denied by policy>

Reverse DNS

<access denied by policy>

ASN

<access denied by policy>

Organization

<access denied by policy>

Protocol

<access denied by policy>

Source

<access denied by policy>

Operating System

<access denied by policy> <access denied by policy> <access denied by policy>

Product

<access denied by policy> <access denied by policy> <access denied by policy>

CPE(s)

<enterprise field>: cpe

Data MD5

<access denied by policy>

<access denied by policy>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:17:30.000Z",
   "app" : "<enterprise field>: app",
   "asn" : "<access denied by policy>",
   "city" : "<access denied by policy>",
   "country" : "<access denied by policy>",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<access denied by policy>",
   "datamd5" : "<access denied by policy>",
   "datammh3" : "<access denied by policy>",
   "device" : "<enterprise field>: device",
   "domain" : "<access denied by policy>",
   "geolocus" : "<enterprise field>: geolocus",
   "host" : "<access denied by policy>",
   "hostname" : "<access denied by policy>",
   "ip" : "<access denied by policy>",
   "ipv6" : "<access denied by policy>",
   "latitude" : "<access denied by policy>",
   "location" : "<access denied by policy>",
   "longitude" : "<access denied by policy>",
   "node" : "<enterprise field>: node",
   "organization" : "<access denied by policy>",
   "os" : "<access denied by policy>",
   "osdistribution" : "<access denied by policy>",
   "osvendor" : "<access denied by policy>",
   "port" : "<access denied by policy>",
   "product" : "<access denied by policy>",
   "productvendor" : "<access denied by policy>",
   "productversion" : "<access denied by policy>",
   "protocol" : "<access denied by policy>",
   "protocolversion" : "<access denied by policy>",
   "reverse" : "<access denied by policy>",
   "seen_date" : "<access denied by policy>",
   "source" : "<access denied by policy>",
   "subnet" : "<access denied by policy>",
   "tag" : "<enterprise field>: tag",
   "tld" : "<access denied by policy>",
   "tls" : "<access denied by policy>",
   "transport" : "<access denied by policy>",
   "url" : "<access denied by policy>"
}

IP

211.83.10.20

Network

211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.10.20:212/ 200

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Product

Apache HTTP Server

CPE(s)

<enterprise field>: cpe

Data MD5

171c471731f10ea1d30a1d2d1553e77c

HTTP Header MD5

97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5

bc505528f05edb40be8b16b06e383a95

HTTP/1.1 200 ok
Server: Apache
Content-Length:  220
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:212/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:16:15.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.100.100.114",
            "211.83.41.225"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "bc505528f05edb40be8b16b06e383a95",
         "bodymmh3" : -177049619,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : -1266196829
      },
      "length" : 310
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  220\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:212/'</script>\r\n\r\n",
   "datamd5" : "171c471731f10ea1d30a1d2d1553e77c",
   "datammh3" : -1691420556,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.10.20",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 212,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

13.244.61.231

Network

13.244.0.0/14

Domain(s)

amazonaws.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://13.244.61.231:212/ 200

Reverse DNS

ec2-13-244-61-231.af-south-1.compute.amazonaws.com

ASN

AS16509

Organization

AMAZON-02

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

f192c778ba9971cccb2fcec90e21e379

HTTP Header MD5

9f060a9cb1b31c417a3a68e629ae97e3

HTTP Body MD5

852141068209c03fdeb5dacc5a9c52e3

HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 05:16:15 GMT
Server: nginx
Content-Length: 69
Content-Type: text/html

<html><body><script>top.location='/p/login/';</script></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:16:15.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "852141068209c03fdeb5dacc5a9c52e3",
         "bodymmh3" : -1124668290,
         "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
         "headermmh3" : -666941050
      },
      "length" : 204
   },
   "asn" : "AS16509",
   "city" : "Cape Town",
   "country" : "ZA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:16:15 GMT\r\nServer: nginx\r\nContent-Length: 69\r\nContent-Type: text/html\r\n\r\n<html><body><script>top.location='/p/login/';</script></body></html>\n",
   "datamd5" : "f192c778ba9971cccb2fcec90e21e379",
   "datammh3" : -1092385355,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "ZA",
      "countryname" : "South Africa",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "-30.559482",
      "location" : "-30.559482,22.937506",
      "longitude" : "22.937506",
      "netname" : "AMAZON-CPT",
      "organization" : "Amazon Data Services South Africa",
      "subnet" : "13.244.0.0/14"
   },
   "host" : [
      "ec2-13-244-61-231"
   ],
   "hostname" : [
      "ec2-13-244-61-231.af-south-1.compute.amazonaws.com"
   ],
   "ip" : "13.244.61.231",
   "ipv6" : "false",
   "latitude" : "-34.0486",
   "location" : "-34.0486,18.4811",
   "longitude" : "18.4811",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-13-244-61-231.af-south-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "af-south-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "13.244.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

217.173.12.37

Network

217.173.0.0/20

Domain(s)

promax.media.pl

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://217.173.12.37:212/ 200

HTTP Title

Home Assistant

Reverse DNS

static-ip-217-173-12-37.promax.media.pl

ASN

AS31423

Organization

Przedsiebiorstwo PROMAX Spolka Jawna Zofia Formanek-Okroj, Wieslaw Okroj

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

cf8bf45e70d9f26cb257199a037f695d

HTTP Header MD5

d41ff784e252b14fcd8398d21bab18cd

HTTP Body MD5

a262fab107a79948856ba3b3ea7f015f

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: 
X-Frame-Options: SAMEORIGIN
Content-Length: 4148
Date: Thu, 07 Nov 2024 05:15:05 GMT
Connection: close

<!DOCTYPE html><html><head><title>Home Assistant</title><meta charset="utf-8"><link rel="manifest" href="/manifest.json" crossorigin="use-credentials"><link rel="icon" href="/static/icons/favicon.ico"><link rel="modulepreload" href="/frontend_latest/core.7weG3TqZ_G4.js" crossorigin="use-credentials"><link rel="modulepreload" href="/frontend_latest/app.hoOvmAWTvos.js" crossorigin="use-credentials"><link rel="mask-icon" href="/static/icons/mask-icon.svg" color="#18bcf2"><link rel="apple-touch-icon" href="/static/icons/favicon-apple-180x180.png"><meta name="apple-itunes-app" content="app-id=1099568401"><meta name="apple-mobile-web-app-capable" content="yes"><meta name="apple-mobile-web-app-status-bar-style" content="default"><meta name="apple-mobile-web-app-title" content="Home Assistant"><meta name="msapplication-config" content="/static/icons/browserconfig.xml"><meta name="mobile-web-app-capable" content="yes"><meta name="application-name" content="Home Assistant"><meta name="referrer" content="same-origin"><meta name="theme-color" content="#03A9F4"><meta name="color-scheme" content="dark light"><meta name="viewport" content="width=device-width,user-scalable=no,viewport-fit=cover,initial-scale=1"><style>body{font-family:Roboto,Noto,Noto Sans,sans-serif;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;font-weight:400;margin:0;padding:0;height:100%}</style><style>html{background-color:var(--primary-background-color,#fafafa);color:var(--primary-text-color,#212121);height:100vh}@media (prefers-color-scheme:dark){html{background-color:var(--primary-background-color,#111);color:var(--primary-text-color,#e1e1e1)}}#ha-launch-screen{height:100%;display:flex;flex-direction:column;justify-content:center;align-items:center}#ha-launch-screen svg{width:112px;flex-shrink:0}#ha-launch-screen .ha-launch-screen-spacer{flex:1}</style></head><body><div id="ha-launch-screen"><div class="ha-launch-screen-spacer"></div><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 240 240"><path fill="#18BCF2" d="M240 224.762a15 15 0 0 1-15 15H15a15 15 0 0 1-15-15v-90c0-8.25 4.77-19.769 10.61-25.609l98.78-98.7805c5.83-5.83 15.38-5.83 21.21 0l98.79 98.7895c5.83 5.83 10.61 17.36 10.61 25.61v90-.01Z"/><path fill="#F2F4F9" d="m107.27 239.762-40.63-40.63c-2.09.72-4.32 1.13-6.64 1.13-11.3 0-20.5-9.2-20.5-20.5s9.2-20.5 20.5-20.5 20.5 9.2 20.5 20.5c0 2.33-.41 4.56-1.13 6.65l31.63 31.63v-115.88c-6.8-3.3395-11.5-10.3195-11.5-18.3895 0-11.3 9.2-20.5 20.5-20.5s20.5 9.2 20.5 20.5c0 8.07-4.7 15.05-11.5 18.3895v81.27l31.46-31.46c-.62-1.96-.96-4.04-.96-6.2 0-11.3 9.2-20.5 20.5-20.5s20.5 9.2 20.5 20.5-9.2 20.5-20.5 20.5c-2.5 0-4.88-.47-7.09-1.29L129 208.892v30.88z"/></svg><div id="ha-launch-screen-info-box" class="ha-launch-screen-spacer"></div></div><home-assistant></home-assistant><script>function _ls(e,n){var t=document.createElement("script");return n&&(t.crossOrigin="use-credentials"),t.src=e,document.head.appendChild(t)}window.polymerSkipLoadingFontRoboto=!0,"customElements"in window&&"content"in document.createElement("template")||_ls("/static/polyfills/webcomponents-bundle.js",!0);var isS11_12=/(?:.*(?:iPhone|iPad).*OS (?:11|12)_\d)|(?:.*Version\/(?:11|12)(?:\.\d+)*.*Safari\/)/.test(navigator.userAgent)</script><script>if(-1===navigator.userAgent.indexOf("Android")&&-1===navigator.userAgent.indexOf("CrOS")){function _pf(o,t){var n=document.createElement("link");n.rel="preload",n.as="font",n.type="font/woff2",n.href=o,n.crossOrigin="anonymous",document.head.appendChild(n)}_pf("/static/fonts/roboto/Roboto-Regular.woff2"),_pf("/static/fonts/roboto/Roboto-Medium.woff2")}</script><script crossorigin="use-credentials">isS11_12||(import("/frontend_latest/core.7weG3TqZ_G4.js"),import("/frontend_latest/app.hoOvmAWTvos.js"),window.customPanelJS="/frontend_latest/custom-panel.vu021XGc2bY.js",window.latestJS=!0)</script><script>import("/hacsfiles/iconset.js");</script><script>window.latestJS||(window.customPanelJS="/frontend_es5/custom-panel.WwdeKO22kSA.js",_ls("/frontend_es5/core.kNwngVH_Or0.js",!0),_ls("/frontend_es5/app.pUwB40KH5Zk.js",!0))</script><script>if (!window.latestJS) {}</script></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:15:05.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "file" : [
            "manifest.json",
            "browserconfig.xml"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/2000/svg"
         ]
      },
      "http" : {
         "bodymd5" : "a262fab107a79948856ba3b3ea7f015f",
         "bodymmh3" : -2011092130,
         "headermd5" : "d41ff784e252b14fcd8398d21bab18cd",
         "headermmh3" : 312276934,
         "title" : "Home Assistant"
      },
      "length" : 4387
   },
   "asn" : "AS31423",
   "city" : "Ostr\u00f3w Wielkopolski",
   "country" : "PL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=utf-8\r\nReferrer-Policy: no-referrer\r\nX-Content-Type-Options: nosniff\r\nServer: \r\nX-Frame-Options: SAMEORIGIN\r\nContent-Length: 4148\r\nDate: Thu, 07 Nov 2024 05:15:05 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html><html><head><title>Home Assistant</title><meta charset=\"utf-8\"><link rel=\"manifest\" href=\"/manifest.json\" crossorigin=\"use-credentials\"><link rel=\"icon\" href=\"/static/icons/favicon.ico\"><link rel=\"modulepreload\" href=\"/frontend_latest/core.7weG3TqZ_G4.js\" crossorigin=\"use-credentials\"><link rel=\"modulepreload\" href=\"/frontend_latest/app.hoOvmAWTvos.js\" crossorigin=\"use-credentials\"><link rel=\"mask-icon\" href=\"/static/icons/mask-icon.svg\" color=\"#18bcf2\"><link rel=\"apple-touch-icon\" href=\"/static/icons/favicon-apple-180x180.png\"><meta name=\"apple-itunes-app\" content=\"app-id=1099568401\"><meta name=\"apple-mobile-web-app-capable\" content=\"yes\"><meta name=\"apple-mobile-web-app-status-bar-style\" content=\"default\"><meta name=\"apple-mobile-web-app-title\" content=\"Home Assistant\"><meta name=\"msapplication-config\" content=\"/static/icons/browserconfig.xml\"><meta name=\"mobile-web-app-capable\" content=\"yes\"><meta name=\"application-name\" content=\"Home Assistant\"><meta name=\"referrer\" content=\"same-origin\"><meta name=\"theme-color\" content=\"#03A9F4\"><meta name=\"color-scheme\" content=\"dark light\"><meta name=\"viewport\" content=\"width=device-width,user-scalable=no,viewport-fit=cover,initial-scale=1\"><style>body{font-family:Roboto,Noto,Noto Sans,sans-serif;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;font-weight:400;margin:0;padding:0;height:100%}</style><style>html{background-color:var(--primary-background-color,#fafafa);color:var(--primary-text-color,#212121);height:100vh}@media (prefers-color-scheme:dark){html{background-color:var(--primary-background-color,#111);color:var(--primary-text-color,#e1e1e1)}}#ha-launch-screen{height:100%;display:flex;flex-direction:column;justify-content:center;align-items:center}#ha-launch-screen svg{width:112px;flex-shrink:0}#ha-launch-screen .ha-launch-screen-spacer{flex:1}</style></head><body><div id=\"ha-launch-screen\"><div class=\"ha-launch-screen-spacer\"></div><svg xmlns=\"http://www.w3.org/2000/svg\" viewBox=\"0 0 240 240\"><path fill=\"#18BCF2\" d=\"M240 224.762a15 15 0 0 1-15 15H15a15 15 0 0 1-15-15v-90c0-8.25 4.77-19.769 10.61-25.609l98.78-98.7805c5.83-5.83 15.38-5.83 21.21 0l98.79 98.7895c5.83 5.83 10.61 17.36 10.61 25.61v90-.01Z\"/><path fill=\"#F2F4F9\" d=\"m107.27 239.762-40.63-40.63c-2.09.72-4.32 1.13-6.64 1.13-11.3 0-20.5-9.2-20.5-20.5s9.2-20.5 20.5-20.5 20.5 9.2 20.5 20.5c0 2.33-.41 4.56-1.13 6.65l31.63 31.63v-115.88c-6.8-3.3395-11.5-10.3195-11.5-18.3895 0-11.3 9.2-20.5 20.5-20.5s20.5 9.2 20.5 20.5c0 8.07-4.7 15.05-11.5 18.3895v81.27l31.46-31.46c-.62-1.96-.96-4.04-.96-6.2 0-11.3 9.2-20.5 20.5-20.5s20.5 9.2 20.5 20.5-9.2 20.5-20.5 20.5c-2.5 0-4.88-.47-7.09-1.29L129 208.892v30.88z\"/></svg><div id=\"ha-launch-screen-info-box\" class=\"ha-launch-screen-spacer\"></div></div><home-assistant></home-assistant><script>function _ls(e,n){var t=document.createElement(\"script\");return n&&(t.crossOrigin=\"use-credentials\"),t.src=e,document.head.appendChild(t)}window.polymerSkipLoadingFontRoboto=!0,\"customElements\"in window&&\"content\"in document.createElement(\"template\")||_ls(\"/static/polyfills/webcomponents-bundle.js\",!0);var isS11_12=/(?:.*(?:iPhone|iPad).*OS (?:11|12)_\\d)|(?:.*Version\\/(?:11|12)(?:\\.\\d+)*.*Safari\\/)/.test(navigator.userAgent)</script><script>if(-1===navigator.userAgent.indexOf(\"Android\")&&-1===navigator.userAgent.indexOf(\"CrOS\")){function _pf(o,t){var n=document.createElement(\"link\");n.rel=\"preload\",n.as=\"font\",n.type=\"font/woff2\",n.href=o,n.crossOrigin=\"anonymous\",document.head.appendChild(n)}_pf(\"/static/fonts/roboto/Roboto-Regular.woff2\"),_pf(\"/static/fonts/roboto/Roboto-Medium.woff2\")}</script><script crossorigin=\"use-credentials\">isS11_12||(import(\"/frontend_latest/core.7weG3TqZ_G4.js\"),import(\"/frontend_latest/app.hoOvmAWTvos.js\"),window.customPanelJS=\"/frontend_latest/custom-panel.vu021XGc2bY.js\",window.latestJS=!0)</script><script>import(\"/hacsfiles/iconset.js\");</script><script>window.latestJS||(window.customPanelJS=\"/frontend_es5/custom-panel.WwdeKO22kSA.js\",_ls(\"/frontend_es5/core.kNwngVH_Or0.js\",!0),_ls(\"/frontend_es5/app.pUwB40KH5Zk.js\",!0))</script><script>if (!window.latestJS) {}</script></body></html>",
   "datamd5" : "cf8bf45e70d9f26cb257199a037f695d",
   "datammh3" : 976034175,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "promax.media.pl"
   ],
   "host" : [
      "static-ip-217-173-12-37"
   ],
   "hostname" : [
      "static-ip-217-173-12-37.promax.media.pl"
   ],
   "ip" : "217.173.12.37",
   "ipv6" : "false",
   "latitude" : "51.6448",
   "location" : "51.6448,17.8151",
   "longitude" : "17.8151",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Przedsiebiorstwo PROMAX Spolka Jawna Zofia Formanek-Okroj, Wieslaw Okroj",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 212,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "static-ip-217-173-12-37.promax.media.pl"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "217.173.0.0/20",
   "tld" : [
      "media.pl"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

14.177.6.229

Alternative IP(s)

203.162.0.78

Network

14.176.0.0/13

Domain(s)

vnpt.vn

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

Reverse DNS

static.vnpt.vn

ASN

AS45899

Organization

VNPT Corp

Protocol

unknown

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

1d76ddadd8bba24b035aa9769ceac88b

_\xed\xdf\x92\x8de\x80f\x8fD\xb7\x86\xf4\x0b\x7f\xee\xbf\xb1\x89$d\x7fO\x1d\x19L\xffM\x9c\x8b~-\xc8JwHMI\xc6\xe8\x00\x8c\x0e\xeb\x8e\x9f\xb9Z\x0c\x15\x94dX\xd3\xd9OF\x13\x9a\x89\xcf\x03\xbb\x17B\xda\xaa\xf3V\xf1k\x15\xe3e\xa4P7\x13\xae6\xec\xe0\xcbfz\xb1Q\xde\xfa{\xd5_\xcb\xefp\xc4\x12\x01:\xfa\x1e\xba\x83\xe2>\x95!\xf7\xe0\xc6n\x87Z<\xf5+\x1a~\x1a\xf3	\xce\xad+\xc4\x8e\xd2R\xb9\x01Ah\xb8

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:09:14.000Z",
   "alternativeip" : [
      "203.162.0.78"
   ],
   "app" : {
      "length" : 133
   },
   "asn" : "AS45899",
   "city" : "Hanoi",
   "country" : "VN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "_\\xed\\xdf\\x92\\x8de\\x80f\\x8fD\\xb7\\x86\\xf4\\x0b\\x7f\\xee\\xbf\\xb1\\x89$d\\x7fO\\x1d\\x19L\\xffM\\x9c\\x8b~-\\xc8JwHMI\\xc6\\xe8\\x00\\x8c\\x0e\\xeb\\x8e\\x9f\\xb9Z\\x0c\\x15\\x94dX\\xd3\\xd9OF\\x13\\x9a\\x89\\xcf\\x03\\xbb\\x17B\\xda\\xaa\\xf3V\\xf1k\\x15\\xe3e\\xa4P7\\x13\\xae6\\xec\\xe0\\xcbfz\\xb1Q\\xde\\xfa{\\xd5_\\xcb\\xefp\\xc4\\x12\\x01:\\xfa\\x1e\\xba\\x83\\xe2>\\x95!\\xf7\\xe0\\xc6n\\x87Z<\\xf5+\\x1a~\\x1a\\xf3\t\\xce\\xad+\\xc4\\x8e\\xd2R\\xb9\\x01Ah\\xb8",
   "datamd5" : "1d76ddadd8bba24b035aa9769ceac88b",
   "datammh3" : -1065622110,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "vnpt.vn"
   ],
   "geolocus" : {
      "asn" : "AS45899",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "VN",
      "countryname" : "Vietnam",
      "domain" : [
         "vnnic.vn",
         "vnpt.vn"
      ],
      "isineu" : "false",
      "latitude" : "14.058324",
      "location" : "14.058324,108.277199",
      "longitude" : "108.277199",
      "netname" : "VNPT-VN",
      "organization" : "VNPT",
      "subnet" : "14.160.0.0/11"
   },
   "host" : [
      "static"
   ],
   "hostname" : [
      "static.vnpt.vn"
   ],
   "ip" : "14.177.6.229",
   "ipv6" : "false",
   "latitude" : "21.0292",
   "location" : "21.0292,105.8526",
   "longitude" : "105.8526",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "VNPT Corp",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 212,
   "protocol" : "unknown",
   "reverse" : [
      "static.vnpt.vn"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "14.176.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "vn"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

35.180.126.89

Network

35.176.0.0/13

Domain(s)

amazonaws.com

Device

<enterprise field>: device.class

Operating System

Linux Linux ubuntu

URL

http://35.180.126.89:212/ 200

HTTP Title

Master Solutions Alarme pour les buralistes

Reverse DNS

ec2-35-180-126-89.eu-west-3.compute.amazonaws.com

ASN

AS16509

Organization

AMAZON-02

Protocol

http

Source

datascan

Operating System

Linux Linux ubuntu

HTTP Component(s)

PHP PHP 5.5.9

CPE(s)

<enterprise field>: cpe

Data MD5

0ccb73247582506b6e7d38d7340a3ff6

HTTP Header MD5

c1889c1dab3394b6068e4eb5d3a427d5

HTTP Body MD5

38ed09d5ef775805e0685e216ca71dec

HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 05:09:02 GMT
Server: cpsrvd/11.44.3.0
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Content-Length: 821
Content-Type: text/html
Set-Cookie: csrftoken=uOEHXlRMp5PJjTn5pKAa

<html><head><link rel="icon" href="/favicon_0fc8c271-36f5-4787-af9d-976ecc35fa22.ico"><title>Master Solutions Alarme pour les buralistes</title></head><body><h1>8jm4kwn4ankoyrmneq60zl</h1><p>d7w51vy10igesnihuotvx1yo</p><h3>miqop17en665zi0izhvl4kwloprw4h</h3><h3>m6144v8nc7gj3kedui3g</h3><p>3tvsx6xt6nnfa</p><h2>wy7xsrvmaq</h2><h3>ahl5yq4ezgmhf0rs</h3><span>c2g9n13nwzl</span><h3>te6ux2lv7ypbyl6c</h3><span>k4fk2ywumbu7pamnkfmh57p</span><h2>c2g6xh0jjfaz7g4z6jcs</h2><p>vj8gvtsydz6sdkfuu95omrmu</p><h3>g1crqggsg9nj9nmb5262g9zaz5ao</h3><h3>shyjgc0yh44</h3><h2>jspdke6vr4k6br</h2><div>unt0kdes1u3iaonn7dw5n7a</div><h2>kp20xpyexn1nur8j3</h2><span>nq7lrb72lc04m11i0g2ufkum3w8sv</span><div>xgbr6xam02d</div><h2>rhxmmnjbuk</h2><h2>me7f96s</h2><span>n41fnncxs</span><h1>qy7ydpb6k</h1><span>bhlpdb09ajoc2wadpyh</span></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:09:03.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "11.44.3.0"
         ]
      },
      "http" : {
         "bodymd5" : "38ed09d5ef775805e0685e216ca71dec",
         "bodymmh3" : 284804998,
         "component" : [
            {
               "product" : "PHP",
               "productversion" : "5.5.9",
               "productvendor" : "PHP"
            }
         ],
         "headermd5" : "c1889c1dab3394b6068e4eb5d3a427d5",
         "headermmh3" : -583643736,
         "title" : "Master Solutions Alarme pour les buralistes"
      },
      "length" : 1049
   },
   "asn" : "AS16509",
   "city" : "Paris",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:09:02 GMT\r\nServer: cpsrvd/11.44.3.0\r\nX-Powered-By: PHP/5.5.9-1ubuntu4.21\r\nContent-Length: 821\r\nContent-Type: text/html\r\nSet-Cookie: csrftoken=uOEHXlRMp5PJjTn5pKAa\r\n\r\n<html><head><link rel=\"icon\" href=\"/favicon_0fc8c271-36f5-4787-af9d-976ecc35fa22.ico\"><title>Master Solutions Alarme pour les buralistes</title></head><body><h1>8jm4kwn4ankoyrmneq60zl</h1><p>d7w51vy10igesnihuotvx1yo</p><h3>miqop17en665zi0izhvl4kwloprw4h</h3><h3>m6144v8nc7gj3kedui3g</h3><p>3tvsx6xt6nnfa</p><h2>wy7xsrvmaq</h2><h3>ahl5yq4ezgmhf0rs</h3><span>c2g9n13nwzl</span><h3>te6ux2lv7ypbyl6c</h3><span>k4fk2ywumbu7pamnkfmh57p</span><h2>c2g6xh0jjfaz7g4z6jcs</h2><p>vj8gvtsydz6sdkfuu95omrmu</p><h3>g1crqggsg9nj9nmb5262g9zaz5ao</h3><h3>shyjgc0yh44</h3><h2>jspdke6vr4k6br</h2><div>unt0kdes1u3iaonn7dw5n7a</div><h2>kp20xpyexn1nur8j3</h2><span>nq7lrb72lc04m11i0g2ufkum3w8sv</span><div>xgbr6xam02d</div><h2>rhxmmnjbuk</h2><h2>me7f96s</h2><span>n41fnncxs</span><h1>qy7ydpb6k</h1><span>bhlpdb09ajoc2wadpyh</span></body></html>",
   "datamd5" : "0ccb73247582506b6e7d38d7340a3ff6",
   "datammh3" : 1768572202,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "AMAZON-CDG",
      "organization" : "Amazon Data Services France",
      "subnet" : "35.180.0.0/16"
   },
   "host" : [
      "ec2-35-180-126-89"
   ],
   "hostname" : [
      "ec2-35-180-126-89.eu-west-3.compute.amazonaws.com"
   ],
   "ip" : "35.180.126.89",
   "ipv6" : "false",
   "latitude" : "48.8323",
   "location" : "48.8323,2.4075",
   "longitude" : "2.4075",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux",
   "osdistribution" : "ubuntu",
   "osvendor" : "Linux",
   "port" : 212,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-35-180-126-89.eu-west-3.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-west-3.compute.amazonaws.com"
   ],
   "subnet" : "35.176.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}