ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 4 result(s) out of 4 in 0.092 second(s)

  • 41.212.56.92:3780 (tcp/http) - last seen on 2024-11-21 at 08:59:07 UTC

    • IP
      41.212.56.92
      Network
      41.212.0.0/17
      Domain(s)
      wananchi.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://41.212.56.92:3780/ 200

      Reverse DNS
      41.212.56.92.wananchi.com
      ASN
      AS15399
      Organization
      WANANCHI
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      c03ea71cf5d488ef183005e3486689bd
      HTTP Header MD5
      fd8e0a765092d70d012b61df4ef95edf
      HTTP Body MD5
      167b799d5d5294a1c72f3865f37e43c3
      Favicon MD5
      89b932fcc47cf4ca3faadb0cfdef89cf
      Favicon MMH3
      999357577 
    • HTTP/1.1 200 OK
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
X-Content-Type-Options: nosniff
Date: Thu, 21 Nov 2024 11:52:33 GMT
ETag: 1732183705
Content-Length: 481
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 19 Jun 2023 06:07:25 GMT
Connection: close
Accept-Ranges: bytes

<!doctype html>
<html>
<head>
	<title></title>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta http-equiv="X-UA-Compatible" content="IE=edge" >
	<meta http-equiv="Pragma" content="no-cache" />
	<meta http-equiv="Cache-Control" content="no-cache, must-revalidate" />
	<meta http-equiv="Expires" content="0" />
</head>
<body>
</body>
<script>
	window.location.href = "./doc/page/login.asp?_" + (new Date()).getTime();
</script>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:59:07.000Z",
   "app" : {
      "favicon" : {
         "image" : "AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkJCSYJCQksmQkJL/kJCS/5CQkv+QkJL/kJCS/5CQkv+QkJL/kJCS/5CQkv+QkJL/kJCS25CQknIAAAAAkpKUb6Cgov/ExMr/0tLY/9LS2P/S0tj/0tLY/9LS2P/S0tj/0tLY/9LS2P/S0tj/0tLY/8nJzv+np6r/kpKUkJWVlti/v8D/xsbI/8bGyP/CwsT/jo6Q/11dXv8vLy//KCgp/1FRUv+OjpD/wMDC/8bGyP/Gxsj/xcXH/5iYmf+YmJn/x8fI/8fHyP/Dw8T/aGhp/xISEv8HBwf/FxcV/x4eHP8JCQn/CAgI/z09Pf/CwsL/x8fI/8fHyP+goKH/m5ud/8jIyf/IyMn/kJCQ/xEREf8YGBf/R0dG/2BgZf9/fYT/pqaj/1paVf8CAgL/X19g/8jIyf/IyMn/o6Ol/5+fof/Kysv/w8PD/yEgIf8XFxf/NDQ0/ygpLP8SECj/Cwk5/0VEdP+rqLT/b3Fs/wAAAP+jo6T/ysrL/6enqP+ioqT/zMzN/4ODhP8TExP/IiIi/wwNDf8AAAD/AAAm/ywpcP8rKW//JiNp/5eWnP8sLCn/OTk6/8zMzf+pqav/pqao/8/Pz/9ZWVn/Ghoa/xUUE/8mIA7/FxQQ/wAAMP9xbb3/jYnQ/wsLTP9CQWP/UFBK/wUFBf/Pz8//ra2v/6urrf/T09T/XV1d/xsbHv8iHxL/s5tV/0E4H/9wY0L/LSg1/wICPv8AADD/Hx5C/0pKRv8HBwb/09PU/7KytP+vr7H/3t7f/4iIif8nJyv/FhQL/8etXf+mkU7/V04y/y0pF/8AAAD/AAAM/ycmNP80NDP/Kysr/97e3/+3t7n/srK0/+Pj5P/Fxcb/SkpL/wMFBf+WgkT/07Vj/6+WUv9HPSH/BQQA/wUFBf82Njb/FRUU/4qKi//j4+T/u7u8/7a2uP/o6Or/6Ojq/4+Pj/84ODv/AAAA/415Qf+xmFT/SD4i/wYFBf8dHR3/JiYm/ysrK//l5ef/6Ojq/7+/wf+5ubz/7u7w/+7u8P/p6ev/l5eY/z9AQf8JCw7/AAAC/wcHCP8XFxf/Hx8f/0tLTP/f3+D/7u7w/+7u8P/CwsX/vLy/2+vr7f/z8/X/8/P1//Pz9f/ExMb/hYWG/0xMTv8/QUH/aGho/6Ojpf/z8/X/8/P1//Pz9f/y8vT/wMDD/7+/wXLNzc//7u7x//b2+f/29vn/9vb5//b2+f/29vn/9vb5//b2+f/29vn/9vb5//b2+f/x8fT/1NTX/7+/wZAAAAAAwcHDcsHBw9vBwcP/wcHD/8HBw//BwcP/wcHD/8HBw//BwcP/wcHD/8HBw//BwcP/wcHD6sHBw4EAAAAAgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAEAAA==",
         "imagemd5" : "89b932fcc47cf4ca3faadb0cfdef89cf",
         "imagemmh3" : 999357577,
         "length" : 1150,
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "167b799d5d5294a1c72f3865f37e43c3",
         "bodymmh3" : -370724244,
         "header" : [
            {
               "value" : 1732183705,
               "name" : "ETag"
            },
            {
               "name" : "Last-Modified",
               "value" : "Mon, 19 Jun 2023 06:07:25 GMT"
            }
         ],
         "headermd5" : "fd8e0a765092d70d012b61df4ef95edf",
         "headermmh3" : -863626206
      },
      "length" : 806
   },
   "asn" : "AS15399",
   "city" : "Nairobi",
   "country" : "KE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nVary: Accept-Encoding\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Type: text/html\r\nX-Content-Type-Options: nosniff\r\nDate: Thu, 21 Nov 2024 11:52:33 GMT\r\nETag: 1732183705\r\nContent-Length: 481\r\nX-XSS-Protection: 1; mode=block\r\nLast-Modified: Mon, 19 Jun 2023 06:07:25 GMT\r\nConnection: close\r\nAccept-Ranges: bytes\r\n\r\n\ufeff<!doctype html>\r\n<html>\r\n<head>\r\n\t<title></title>\r\n\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" >\r\n\t<meta http-equiv=\"Pragma\" content=\"no-cache\" />\r\n\t<meta http-equiv=\"Cache-Control\" content=\"no-cache, must-revalidate\" />\r\n\t<meta http-equiv=\"Expires\" content=\"0\" />\r\n</head>\r\n<body>\r\n</body>\r\n<script>\r\n\twindow.location.href = \"./doc/page/login.asp?_\" + (new Date()).getTime();\r\n</script>\r\n</html>",
   "datamd5" : "c03ea71cf5d488ef183005e3486689bd",
   "datammh3" : 734548108,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "wananchi.com"
   ],
   "geolocus" : {
      "asn" : "AS15399",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "KE-WG-INFR",
      "organization" : "Wananchi Group (K) LTD",
      "subnet" : "41.212.0.0/17"
   },
   "host" : [
      41
   ],
   "hostname" : [
      "41.212.56.92.wananchi.com"
   ],
   "ip" : "41.212.56.92",
   "ipv6" : "false",
   "latitude" : "-1.2841",
   "location" : "-1.2841,36.8155",
   "longitude" : "36.8155",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "WANANCHI",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3780,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "41.212.56.92.wananchi.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "212.56.92.wananchi.com",
      "56.92.wananchi.com",
      "92.wananchi.com"
   ],
   "subnet" : "41.212.0.0/17",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 197.237.29.30:3780 (tcp/http) - last seen on 2024-11-10 at 15:19:41 UTC

    • IP
      197.237.29.30
      Network
      197.237.0.0/16
      Domain(s)
      wananchi.com
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor

      Operating System
      Mikrotik RouterOS
      URL

      http://197.237.29.30:3780/ 200

      HTTP Title
      RouterOS router configuration page
      Reverse DNS
      197.237.29.30.wananchi.com
      ASN
      AS15399
      Organization
      WANANCHI
      Protocol
      http
      Source
      datascan
    • Operating System
      Mikrotik RouterOS
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      8ad49b69ea3b0d04b006da428f0037c4
      HTTP Header MD5
      508070579d3bda9d98e9ba0408c62fd3
      HTTP Body MD5
      91e377f29922ef39edb4a61b5a49def2 
    • HTTP/1.1 200 OK
Connection: close
Content-Length: 7066
Content-Type: text/html
Date: Sun, 10 Nov 2024 15:19:40 GMT
Expires: 0

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="icon" href="/favicon.png"/>
<title>RouterOS router configuration page</title>
<style type="text/css">
body {
font-family: Verdana, Geneva, sans-serif;
font-size: 11px;
}
img {border: none}
img:hover {opacity: 0.8;}
h1 {
font-size: 1.7em;
display: inline;
margin-bottom: 10px;
}
fieldset {
margin-top: 20px;
background: #fff;
padding: 20px;
border: 1px solid #c1c1c1; 
}
#container {
width: 70%;
margin: 10% auto;
}
#box {
background-color: #fff; 
-moz-border-radius: 7px; 
-webkit-border-radius: 7px; 
border: 1px solid #c1c1c1; 
padding: 30px;
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffff', endColorstr='#f3f3f3'); /* for IE */
background: -webkit-gradient(linear, left top, left bottom, from(#fff), to(#f3f3f3)); /* for webkit browsers */
background: -moz-linear-gradient(top,  #fff,  #f3f3f3); /* for firefox 3.6+ */
}
.floater {float: left; margin-right: 10px;}
.floater label {display: block; text-align: center;}

#login {
    margin: 2em 0 4em 0;
}
#login h2 {
    font-weight: normal;
    font-size: 14px;
    margin: 0 0 0.5em 1em;
}
#login td {
    padding: 0 4px 0 0;
}
#login td.label {
    text-align: right;
}
#login td.toolbar {
    padding: 0 0 0 1em;
    vertical-align: top;
}
#login ul.toolbar {
    margin: 0;
}
#login input {
    margin: 2px;
    padding: 2px;
    border: 1px solid #888;
    box-shadow: 1px 1px 3px rgba(0,0,0,0.3);
    -webkit-box-shadow: 1px 1px 3px rgba(0,0,0,0.3);
    -moz-box-shadow: 1px 1px 3px rgba(0,0,0,0.3);
}
#error {
    display:none;
    color:red;
    padding: 1em 0 0 0;
}
ul.toolbar {
    font-size: 11px;
    text-align: left;
    list-style-type: none;
    padding: 0;
    margin: 2px 0 4px 2px;
}
ul.toolbar li {
    float: left;
    vertical-align: middle;
}
ul.toolbar a {
    float: none;
    display: block;
    margin: 2px 4px 2px 0;
    padding: 5px;

    background: #ddd;
    border: 1px solid #888;
    border-radius: 3px;
    -moz-border-radius: 3px;
    box-shadow:
        1px 1px 2px rgba(255,255,255,0.8) inset,
	0 10px 10px -5px rgba(255,255,255,0.5) inset, /* top gradient */
	1px 1px 2px rgba(0,0,0,0.2); /* shadow */
    -webkit-box-shadow:
        1px 1px 2px rgba(255,255,255,0.8) inset,
	0 10px 10px -5px rgba(255,255,255,0.5) inset,
	1px 1px 2px rgba(0,0,0,0.2);
    -moz-box-shadow:
        1px 1px 2px rgba(255,255,255,0.8) inset,
	0 10px 10px -5px rgba(255,255,255,0.5) inset,
	1px 1px 2px rgba(0,0,0,0.2);
    color: #000;

    text-decoration: none;
    text-align: center;
    white-space: nowrap;
    cursor: inherit;
    min-width: 4em;

    -webkit-transition: background 0.2s linear, box-shadow 0.2s ease-out;
    -moz-transition: background 0.2s linear, box-shadow 0.2s ease-out;
}
ul.toolbar a:hover {
    background: #eee;
}
ul.toolbar a:active {
    background: #aaa;
    box-shadow: 1px 1px 2px #999 inset;
    -webkit-box-shadow: 1px 1px 2px #999 inset;
    -moz-box-shadow: 1px 1px 2px #999 inset;
}
</style>
<script>
function get(id) {
    return document.getElementById(id);
}
function trim(str) {
    return str.replace(/^\s+|\s+$/g, '');
}
function login(user, pwd, autologin) {
    var expires = new Date();
    expires.setTime(expires.getTime() + (30 * 24 * 60 * 60 * 1000));
    document.cookie = 'username=' + user +
        '; expires=' + expires.toGMTString() + '; path=/';

    window.name = (autologin ? 'autologin=' : 'login=') + user + '|' + pwd;
    window.location.replace('/webfig/' + window.location.hash);
}
function dologin() {
    login(get('name').value, get('password').value);
}
function loaded() {
    var p = window.name.split('=');
    if (p[0] == 'error' && p[1]) {
        var err = get('error');
        err.appendChild(document.createTextNode(p[1]));
        err.style.display = 'block';
    } else if (p[0] != 'noautologin' || p[1] != 1) {
        var user = '';
        if (user) {
            login(user, '', true);
            return;
        }
    }
    window.name = '';

    document.onkeydown = function(e) {
        e = e || event;
        if (e.keyCode == 13) {
            dologin();
            return false;
        }
        return true;
    };

    var username = null;
    var cookies = document.cookie.split(';');
    for (var i in cookies) {
	var c = trim(cookies[i]).split('=');
	if (c[0] == 'username') {
	    username = c[1];
	    break;
	}
    }
    
    if (username != null) {
	get('name').value = username;
	get('password').focus();
    } else {
        get('name').value = 'admin';
	get('name').focus();
    }
}
</script>
</head>

<body onload="loaded()">

<div id="container">

    <div id="box">
    <a href="http://mikrotik.com"><img src="mikrotik_logo.png" style="float: right;" /></a>

    <br style="clear: both;"/>
    
		<h1>RouterOS v6.49.4</h1>
        
        <p>You have connected to a router. Administrative access only. If this device is not in your possession, please contact your local network administrator. </p>
        
      <table id="login">
	<tr><td colspan="3"><h2>WebFig Login:</h2>
        <tr><td class="label">Login: <td><input id="name" type="text" tabindex="1">
	 <td class="toolbar" rowspan="2">
         <ul class="toolbar">
	   <li><a onclick="dologin()" ondragstart="return false;"><span>Login</span></a></li>
         </ul>
         <tr><td class="label">Password: <td><input id="password" type="password" tabindex="2">
	<tr><td colspan="3">
	    <div id="error"></div>
      </table>
            
            <fieldset>
            <div class="floater"> 
            	<a href="http://www.mikrotik.com/download/winbox.exe"><img src="winbox.png"/></a><br/>
                <label>Winbox</label>
            </div>
            
            <div class="floater"> 
            	<a href="telnet://192.168.100.141"><img src="console.png"/></a><br/>
                <label>Telnet</label>
            </div>

            
            
            <div class="floater"> 
            	<a href="/graphs"><img src="green.png"/></a><br/>
                <label>Graphs</label>
            </div>
           
            
            <div class="floater"> 
            	<a href="/help/license.html"><img src="license.png"/></a><br/>
                <label>License</label>
            </div>
            
			<div class="floater"> 
            	<a href="http://wiki.mikrotik.com"><img src="help.png"/></a><br/>
                <label>Help</label>
            </div>

</fieldset>
           
            <br style="clear: both"/> 
                            <div style="float: right">&copy; mikrotik</div>

    </div>
</div>

</div>

</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-10T15:19:41.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "mikrotik.com",
            "w3.org"
         ],
         "file" : [
            "winbox.exe"
         ],
         "hostname" : [
            "mikrotik.com",
            "wiki.mikrotik.com",
            "www.mikrotik.com",
            "www.w3.org"
         ],
         "ip" : [
            "192.168.100.141"
         ],
         "url" : [
            "http://mikrotik.com",
            "http://wiki.mikrotik.com",
            "http://www.mikrotik.com/download/winbox.exe",
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "91e377f29922ef39edb4a61b5a49def2",
         "bodymmh3" : -610354996,
         "headermd5" : "508070579d3bda9d98e9ba0408c62fd3",
         "headermmh3" : -1084583266,
         "title" : "RouterOS router configuration page"
      },
      "length" : 7200
   },
   "asn" : "AS15399",
   "city" : "Nairobi",
   "country" : "KE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Length: 7066\r\nContent-Type: text/html\r\nDate: Sun, 10 Nov 2024 15:19:40 GMT\r\nExpires: 0\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n<link rel=\"icon\" href=\"/favicon.png\"/>\r\n<title>RouterOS router configuration page</title>\r\n<style type=\"text/css\">\r\nbody {\r\nfont-family: Verdana, Geneva, sans-serif;\r\nfont-size: 11px;\r\n}\r\nimg {border: none}\r\nimg:hover {opacity: 0.8;}\r\nh1 {\r\nfont-size: 1.7em;\r\ndisplay: inline;\r\nmargin-bottom: 10px;\r\n}\r\nfieldset {\r\nmargin-top: 20px;\r\nbackground: #fff;\r\npadding: 20px;\r\nborder: 1px solid #c1c1c1; \r\n}\r\n#container {\r\nwidth: 70%;\r\nmargin: 10% auto;\r\n}\r\n#box {\r\nbackground-color: #fff; \r\n-moz-border-radius: 7px; \r\n-webkit-border-radius: 7px; \r\nborder: 1px solid #c1c1c1; \r\npadding: 30px;\r\nfilter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffff', endColorstr='#f3f3f3'); /* for IE */\r\nbackground: -webkit-gradient(linear, left top, left bottom, from(#fff), to(#f3f3f3)); /* for webkit browsers */\r\nbackground: -moz-linear-gradient(top,  #fff,  #f3f3f3); /* for firefox 3.6+ */\r\n}\r\n.floater {float: left; margin-right: 10px;}\r\n.floater label {display: block; text-align: center;}\r\n\r\n#login {\r\n    margin: 2em 0 4em 0;\r\n}\r\n#login h2 {\r\n    font-weight: normal;\r\n    font-size: 14px;\r\n    margin: 0 0 0.5em 1em;\r\n}\r\n#login td {\r\n    padding: 0 4px 0 0;\r\n}\r\n#login td.label {\r\n    text-align: right;\r\n}\r\n#login td.toolbar {\r\n    padding: 0 0 0 1em;\r\n    vertical-align: top;\r\n}\r\n#login ul.toolbar {\r\n    margin: 0;\r\n}\r\n#login input {\r\n    margin: 2px;\r\n    padding: 2px;\r\n    border: 1px solid #888;\r\n    box-shadow: 1px 1px 3px rgba(0,0,0,0.3);\r\n    -webkit-box-shadow: 1px 1px 3px rgba(0,0,0,0.3);\r\n    -moz-box-shadow: 1px 1px 3px rgba(0,0,0,0.3);\r\n}\r\n#error {\r\n    display:none;\r\n    color:red;\r\n    padding: 1em 0 0 0;\r\n}\r\nul.toolbar {\r\n    font-size: 11px;\r\n    text-align: left;\r\n    list-style-type: none;\r\n    padding: 0;\r\n    margin: 2px 0 4px 2px;\r\n}\r\nul.toolbar li {\r\n    float: left;\r\n    vertical-align: middle;\r\n}\r\nul.toolbar a {\r\n    float: none;\r\n    display: block;\r\n    margin: 2px 4px 2px 0;\r\n    padding: 5px;\r\n\r\n    background: #ddd;\r\n    border: 1px solid #888;\r\n    border-radius: 3px;\r\n    -moz-border-radius: 3px;\r\n    box-shadow:\r\n        1px 1px 2px rgba(255,255,255,0.8) inset,\r\n\t0 10px 10px -5px rgba(255,255,255,0.5) inset, /* top gradient */\r\n\t1px 1px 2px rgba(0,0,0,0.2); /* shadow */\r\n    -webkit-box-shadow:\r\n        1px 1px 2px rgba(255,255,255,0.8) inset,\r\n\t0 10px 10px -5px rgba(255,255,255,0.5) inset,\r\n\t1px 1px 2px rgba(0,0,0,0.2);\r\n    -moz-box-shadow:\r\n        1px 1px 2px rgba(255,255,255,0.8) inset,\r\n\t0 10px 10px -5px rgba(255,255,255,0.5) inset,\r\n\t1px 1px 2px rgba(0,0,0,0.2);\r\n    color: #000;\r\n\r\n    text-decoration: none;\r\n    text-align: center;\r\n    white-space: nowrap;\r\n    cursor: inherit;\r\n    min-width: 4em;\r\n\r\n    -webkit-transition: background 0.2s linear, box-shadow 0.2s ease-out;\r\n    -moz-transition: background 0.2s linear, box-shadow 0.2s ease-out;\r\n}\r\nul.toolbar a:hover {\r\n    background: #eee;\r\n}\r\nul.toolbar a:active {\r\n    background: #aaa;\r\n    box-shadow: 1px 1px 2px #999 inset;\r\n    -webkit-box-shadow: 1px 1px 2px #999 inset;\r\n    -moz-box-shadow: 1px 1px 2px #999 inset;\r\n}\r\n</style>\r\n<script>\r\nfunction get(id) {\r\n    return document.getElementById(id);\r\n}\r\nfunction trim(str) {\r\n    return str.replace(/^\\s+|\\s+$/g, '');\r\n}\r\nfunction login(user, pwd, autologin) {\r\n    var expires = new Date();\r\n    expires.setTime(expires.getTime() + (30 * 24 * 60 * 60 * 1000));\r\n    document.cookie = 'username=' + user +\r\n        '; expires=' + expires.toGMTString() + '; path=/';\r\n\r\n    window.name = (autologin ? 'autologin=' : 'login=') + user + '|' + pwd;\r\n    window.location.replace('/webfig/' + window.location.hash);\r\n}\r\nfunction dologin() {\r\n    login(get('name').value, get('password').value);\r\n}\r\nfunction loaded() {\r\n    var p = window.name.split('=');\r\n    if (p[0] == 'error' && p[1]) {\r\n        var err = get('error');\r\n        err.appendChild(document.createTextNode(p[1]));\r\n        err.style.display = 'block';\r\n    } else if (p[0] != 'noautologin' || p[1] != 1) {\r\n        var user = '';\r\n        if (user) {\r\n            login(user, '', true);\r\n            return;\r\n        }\r\n    }\r\n    window.name = '';\r\n\r\n    document.onkeydown = function(e) {\r\n        e = e || event;\r\n        if (e.keyCode == 13) {\r\n            dologin();\r\n            return false;\r\n        }\r\n        return true;\r\n    };\r\n\r\n    var username = null;\r\n    var cookies = document.cookie.split(';');\r\n    for (var i in cookies) {\r\n\tvar c = trim(cookies[i]).split('=');\r\n\tif (c[0] == 'username') {\r\n\t    username = c[1];\r\n\t    break;\r\n\t}\r\n    }\r\n    \r\n    if (username != null) {\r\n\tget('name').value = username;\r\n\tget('password').focus();\r\n    } else {\r\n        get('name').value = 'admin';\r\n\tget('name').focus();\r\n    }\r\n}\r\n</script>\r\n</head>\r\n\r\n<body onload=\"loaded()\">\r\n\r\n<div id=\"container\">\r\n\r\n    <div id=\"box\">\r\n    <a href=\"http://mikrotik.com\"><img src=\"mikrotik_logo.png\" style=\"float: right;\" /></a>\r\n\r\n    <br style=\"clear: both;\"/>\r\n    \r\n\t\t<h1>RouterOS v6.49.4</h1>\r\n        \r\n        <p>You have connected to a router. Administrative access only. If this device is not in your possession, please contact your local network administrator. </p>\r\n        \r\n      <table id=\"login\">\r\n\t<tr><td colspan=\"3\"><h2>WebFig Login:</h2>\r\n        <tr><td class=\"label\">Login: <td><input id=\"name\" type=\"text\" tabindex=\"1\">\r\n\t <td class=\"toolbar\" rowspan=\"2\">\r\n         <ul class=\"toolbar\">\r\n\t   <li><a onclick=\"dologin()\" ondragstart=\"return false;\"><span>Login</span></a></li>\r\n         </ul>\r\n         <tr><td class=\"label\">Password: <td><input id=\"password\" type=\"password\" tabindex=\"2\">\r\n\t<tr><td colspan=\"3\">\r\n\t    <div id=\"error\"></div>\r\n      </table>\r\n            \r\n            <fieldset>\r\n            <div class=\"floater\"> \r\n            \t<a href=\"http://www.mikrotik.com/download/winbox.exe\"><img src=\"winbox.png\"/></a><br/>\r\n                <label>Winbox</label>\r\n            </div>\r\n            \r\n            <div class=\"floater\"> \r\n            \t<a href=\"telnet://192.168.100.141\"><img src=\"console.png\"/></a><br/>\r\n                <label>Telnet</label>\r\n            </div>\r\n\r\n            \r\n            \r\n            <div class=\"floater\"> \r\n            \t<a href=\"/graphs\"><img src=\"green.png\"/></a><br/>\r\n                <label>Graphs</label>\r\n            </div>\r\n           \r\n            \r\n            <div class=\"floater\"> \r\n            \t<a href=\"/help/license.html\"><img src=\"license.png\"/></a><br/>\r\n                <label>License</label>\r\n            </div>\r\n            \r\n\t\t\t<div class=\"floater\"> \r\n            \t<a href=\"http://wiki.mikrotik.com\"><img src=\"help.png\"/></a><br/>\r\n                <label>Help</label>\r\n            </div>\r\n\r\n</fieldset>\r\n           \r\n            <br style=\"clear: both\"/> \r\n                            <div style=\"float: right\">&copy; mikrotik</div>\r\n\r\n    </div>\r\n</div>\r\n\r\n</div>\r\n\r\n</body>\r\n</html>\r\n",
   "datamd5" : "8ad49b69ea3b0d04b006da428f0037c4",
   "datammh3" : -1589056520,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "wananchi.com"
   ],
   "geolocus" : {
      "asn" : "AS15399",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "domain" : [
         "wananchi.com"
      ],
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "KE-NBI-Zuku-HFC",
      "organization" : "Wananchi Group (K) LTD",
      "subnet" : "197.237.0.0/16"
   },
   "host" : [
      197
   ],
   "hostname" : [
      "197.237.29.30.wananchi.com"
   ],
   "ip" : "197.237.29.30",
   "ipv6" : "false",
   "latitude" : "-1.2841",
   "location" : "-1.2841,36.8155",
   "longitude" : "36.8155",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "WANANCHI",
   "os" : "RouterOS",
   "osvendor" : "Mikrotik",
   "port" : 3780,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "197.237.29.30.wananchi.com"
   ],
   "seen_date" : "2024-11-10",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "237.29.30.wananchi.com",
      "30.wananchi.com",
      "29.30.wananchi.com"
   ],
   "subnet" : "197.237.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 196.207.177.150:3780 (tcp/http) - last seen on 2024-11-04 at 15:15:56 UTC

    • IP
      196.207.177.150
      Network
      196.207.128.0/18
      Device

      <enterprise field>: device.class

      URL

      http://196.207.177.150:3780/ 302

      ASN
      AS15399
      Organization
      WANANCHI
      Protocol
      http
      Source
      datascan

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e1e29bbdcef1130edc92b2e9c9928d31
      HTTP Header MD5
      a47e72a1813e655a0890f55d19a597bd
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Redirect
Date: Mon Nov 04 18:15:54 2024
Content-Length: 0
Connection: close
Location: http://<ip>:3780/index.html
X-Frame-Options: SAMEORIGIN
Set-Cookie: ecos_pw=:language=cn; path=/


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-04T15:15:56.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "a47e72a1813e655a0890f55d19a597bd",
         "headermmh3" : 1115494224
      },
      "length" : 205
   },
   "asn" : "AS15399",
   "city" : "Nairobi",
   "country" : "KE",
   "data" : "HTTP/1.1 302 Redirect\r\nDate: Mon Nov 04 18:15:54 2024\r\nContent-Length: 0\r\nConnection: close\r\nLocation: http://<ip>:3780/index.html\r\nX-Frame-Options: SAMEORIGIN\r\nSet-Cookie: ecos_pw=:language=cn; path=/\r\n\r\n",
   "datamd5" : "e1e29bbdcef1130edc92b2e9c9928d31",
   "datammh3" : -1097082543,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS15399",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "domain" : [
         "wananchi.com"
      ],
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "KE-NBI-Zuku-HFC",
      "organization" : "Wananchi Group (K) LTD",
      "subnet" : "196.207.128.0/18"
   },
   "ip" : "196.207.177.150",
   "ipv6" : "false",
   "latitude" : "-1.2841",
   "location" : "-1.2841,36.8155",
   "longitude" : "36.8155",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "WANANCHI",
   "port" : 3780,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Redirect",
   "seen_date" : "2024-11-04",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "196.207.128.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 41.212.36.151:3780 (tcp/http) - last seen on 2024-10-26 at 21:05:09 UTC

    • IP
      41.212.36.151
      Network
      41.212.0.0/17
      Domain(s)
      wananchi.com
      Device

      <enterprise field>: device.class

      URL

      http://41.212.36.151:3780/ 200

      Reverse DNS
      41.212.36.151.wananchi.com
      ASN
      AS15399
      Organization
      WANANCHI
      Protocol
      http
      Source
      datascan
    • Product
      ACME mini_httpd 1.19
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2e4a80cf33dd31544f5cabda46630bd2
      HTTP Header MD5
      fdde4f5a2677b4c3ce3fad4c8b58bd56
      HTTP Body MD5
      254e8d5c3924819f5a1140f0696722bf 
    • HTTP/1.1 200 Ok
Server: mini_httpd/1.19 19dec2003
Date: Sun, 09 Jan 2011 23:34:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 673
Last-Modified: Tue, 11 Dec 2018 13:10:18 GMT
Connection: close

<script type="text/javascript">
<!--
var deflanguage;
var sysLanguage=navigator.systemLanguage?navigator.systemLanguage:navigator.language;
if(document.cookie.indexOf('langmanulset=yes')>-1)//����ֶ�ѡ�������ԣ�ʲôҲ����
{			
}
else//���û���ֶ�ѡ�����ԣ������¸��������Զ�ѡ������
{
	/*if(sysLanguage == 'zh-cn' || sysLanguage == 'zh-CN'){
		deflanguage='zh_cn';
	}
	else if(sysLanguage == 'en-us' || sysLanguage == 'en-US'){
		deflanguage='en_us';
	}
	else //������ϵͳ����û���ҵ�ƥ��ģ�Ĭ��Ϊen-us
	{
		deflanguage='en_us';
	}
	document.cookie='language='+deflanguage;*/
	
}

window.location.href = "/cgi-bin/webproc";

-->
</script>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-26T21:05:09.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "254e8d5c3924819f5a1140f0696722bf",
         "bodymmh3" : -535825888,
         "header" : [
            {
               "value" : "Tue, 11 Dec 2018 13:10:18 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "fdde4f5a2677b4c3ce3fad4c8b58bd56",
         "headermmh3" : -2489297
      },
      "length" : 890
   },
   "asn" : "AS15399",
   "city" : "Mombasa",
   "country" : "KE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 Ok\r\nServer: mini_httpd/1.19 19dec2003\r\nDate: Sun, 09 Jan 2011 23:34:19 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 673\r\nLast-Modified: Tue, 11 Dec 2018 13:10:18 GMT\r\nConnection: close\r\n\r\n<script type=\"text/javascript\">\r\n<!--\r\nvar deflanguage;\r\nvar sysLanguage=navigator.systemLanguage?navigator.systemLanguage:navigator.language;\r\nif(document.cookie.indexOf('langmanulset=yes')>-1)//\ufffd\ufffd\ufffd\ufffd\u05b6\ufffd\u0461\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\u0523\ufffd\u02b2\u00f4\u04b2\ufffd\ufffd\ufffd\ufffd\r\n{\t\t\t\r\n}\r\nelse//\ufffd\ufffd\ufffd\u00fb\ufffd\ufffd\ufffd\u05b6\ufffd\u0461\ufffd\ufffd\ufffd\ufffd\ufffd\u0523\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\u00b8\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\u0536\ufffd\u0461\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\r\n{\r\n\t/*if(sysLanguage == 'zh-cn' || sysLanguage == 'zh-CN'){\r\n\t\tdeflanguage='zh_cn';\r\n\t}\r\n\telse if(sysLanguage == 'en-us' || sysLanguage == 'en-US'){\r\n\t\tdeflanguage='en_us';\r\n\t}\r\n\telse //\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\u03f5\u0373\ufffd\ufffd\ufffd\ufffd\u00fb\ufffd\ufffd\ufffd\u04b5\ufffd\u01a5\ufffd\ufffd\u0123\ufffd\u012c\ufffd\ufffd\u03aaen-us\r\n\t{\r\n\t\tdeflanguage='en_us';\r\n\t}\r\n\tdocument.cookie='language='+deflanguage;*/\r\n\t\r\n}\r\n\r\nwindow.location.href = \"/cgi-bin/webproc\";\r\n\r\n-->\r\n</script>\r\n",
   "datamd5" : "2e4a80cf33dd31544f5cabda46630bd2",
   "datammh3" : 1029194479,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "wananchi.com"
   ],
   "geolocus" : {
      "asn" : "AS15399",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "KE-WG-INFR",
      "organization" : "Wananchi Group (K) LTD",
      "subnet" : "41.212.0.0/17"
   },
   "host" : [
      41
   ],
   "hostname" : [
      "41.212.36.151.wananchi.com"
   ],
   "ip" : "41.212.36.151",
   "ipv6" : "false",
   "latitude" : "-4.0489",
   "location" : "-4.0489,39.6686",
   "longitude" : "39.6686",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "WANANCHI",
   "port" : 3780,
   "product" : "mini_httpd",
   "productvendor" : "ACME",
   "productversion" : "1.19",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Ok",
   "reverse" : [
      "41.212.36.151.wananchi.com"
   ],
   "seen_date" : "2024-10-26",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "212.36.151.wananchi.com",
      "151.wananchi.com",
      "36.151.wananchi.com"
   ],
   "subnet" : "41.212.0.0/17",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}