Cyber Defense Search Engine

IP
185.167.91.253

Network
185.167.88.0/22

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS207058

Organization
Dimatica Servicios informaticos Avanzados S.L

Protocol
mysql

Source
datascan
Operating System
Microsoft Windows

Product
MariaDB MariaDB 5.5.5

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b2452aae2c49bcc003f6216b2af17509

Y\x00\x00\x00
5.5.5-10.0.32-MariaDB\x00s\x8e	\x00\P^ir"PK\x00\xff\xf7\x08\x02\x00?\xa0\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00gFfO:pJ]tS~D\x00mysql_native_password\x00!\x00\x00\x01\xff\x84\x04#08S01Got packets out of order

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:26.000Z",
   "app" : {
      "length" : 130
   },
   "asn" : "AS207058",
   "city" : "C\u00f3rdoba",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "Y\\x00\\x00\\x00\n5.5.5-10.0.32-MariaDB\\x00s\\x8e\t\\x00\\P^ir\"PK\\x00\\xff\\xf7\\x08\\x02\\x00?\\xa0\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00gFfO:pJ]tS~D\\x00mysql_native_password\\x00!\\x00\\x00\\x01\\xff\\x84\\x04#08S01Got packets out of order",
   "datamd5" : "b2452aae2c49bcc003f6216b2af17509",
   "datammh3" : 852453829,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "185.167.91.253",
   "ipv6" : "false",
   "latitude" : "37.9251",
   "location" : "37.9251,-4.6817",
   "longitude" : "-4.6817",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Dimatica Servicios informaticos Avanzados S.L",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 500,
   "product" : "MariaDB",
   "productvendor" : "MariaDB",
   "productversion" : "5.5.5",
   "protocol" : "mysql",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "185.167.88.0/22",
   "tls" : "false",
   "transport" : "tcp"
}

IP
217.20.178.125

Network
217.20.160.0/19

Domain(s)
wnet.ua

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

Reverse DNS
brilion-gw.dnepr-sw.dp.wnet.ua

ASN
AS1820

Organization
WNET

Protocol
smtp

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
939ce55c236c40dc02eb2db833dfa757

220 dp.brillion.com.ua ESMTP CommuniGate Pro 5.0.8
501 Unknown command
501 Unknown command
501 Unknown command
501 Unknown command
501 Unknown command
501 Unknown command
501 Unknown command

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:23.000Z",
   "app" : {
      "length" : 199
   },
   "asn" : "AS1820",
   "city" : "Kyiv",
   "country" : "UA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220 dp.brillion.com.ua ESMTP CommuniGate Pro 5.0.8\r\n501 Unknown command\r\n501 Unknown command\r\n501 Unknown command\r\n501 Unknown command\r\n501 Unknown command\r\n501 Unknown command\r\n501 Unknown command\r\n",
   "datamd5" : "939ce55c236c40dc02eb2db833dfa757",
   "datammh3" : 1978410747,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "wnet.ua"
   ],
   "geolocus" : {
      "asn" : "AS1820",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "UA",
      "countryname" : "Ukraine",
      "domain" : [
         "ua.wnet",
         "wnet.ua"
      ],
      "isineu" : "false",
      "latitude" : "48.379433",
      "location" : "48.379433,31.16558",
      "longitude" : "31.16558",
      "netname" : "WNET",
      "organization" : "WNET",
      "subnet" : "217.20.160.0/19"
   },
   "host" : [
      "brilion-gw"
   ],
   "hostname" : [
      "brilion-gw.dnepr-sw.dp.wnet.ua"
   ],
   "ip" : "217.20.178.125",
   "ipv6" : "false",
   "latitude" : "50.4580",
   "location" : "50.4580,30.5303",
   "longitude" : "30.5303",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "WNET",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 500,
   "protocol" : "smtp",
   "reverse" : [
      "brilion-gw.dnepr-sw.dp.wnet.ua"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "dp.wnet.ua",
      "dnepr-sw.dp.wnet.ua"
   ],
   "subnet" : "217.20.160.0/19",
   "tld" : [
      "ua"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
152.231.116.45

Network
152.231.112.0/20

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS27651

Organization
ENTEL CHILE S.A.

Protocol
mysql

Source
datascan
Operating System
Microsoft Windows

Product
Oracle MySQL 5.7.13

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
d29cb3d2fa38a56cd29f97b195394f7c

N\x00\x00\x00
5.7.13-log\x00\x98@\x03\x0099/E\x12&A_\x00\xff\xf7!\x02\x00\xff\x81\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\x16\x0eq6V\x05U@'H4\x00mysql_native_password\x00!\x00\x00\x01\xff\x84\x04#08S01Got packets out of order

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:22:31.000Z",
   "app" : {
      "length" : 119
   },
   "asn" : "AS27651",
   "city" : "Santiago",
   "country" : "CL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "N\\x00\\x00\\x00\n5.7.13-log\\x00\\x98@\\x03\\x0099/E\\x12&A_\\x00\\xff\\xf7!\\x02\\x00\\xff\\x81\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00r\\x16\\x0eq6V\\x05U@'H4\\x00mysql_native_password\\x00!\\x00\\x00\\x01\\xff\\x84\\x04#08S01Got packets out of order",
   "datamd5" : "d29cb3d2fa38a56cd29f97b195394f7c",
   "datammh3" : -770730764,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS27651",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "CL",
      "countryname" : "Chile",
      "domain" : [
         "entel.cl",
         "entelchile.net"
      ],
      "isineu" : "false",
      "latitude" : "-35.675147",
      "location" : "-35.675147,-71.542969",
      "longitude" : "-71.542969",
      "netname" : "CL-ECSA-LACNIC",
      "organization" : "ENTEL CHILE S.A.",
      "subnet" : "152.231.112.0/20"
   },
   "ip" : "152.231.116.45",
   "ipv6" : "false",
   "latitude" : "-33.4521",
   "location" : "-33.4521,-70.6536",
   "longitude" : "-70.6536",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ENTEL CHILE S.A.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 500,
   "product" : "MySQL",
   "productvendor" : "Oracle",
   "productversion" : "5.7.13",
   "protocol" : "mysql",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "152.231.112.0/20",
   "tls" : "false",
   "transport" : "tcp"
}

IP
217.147.18.162

Network
217.147.16.0/20

Domain(s)
tel.ru

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

Reverse DNS
static-217-147-18-162.tel.ru

ASN
AS31430

Organization
OOO Suntel

Protocol
ftp

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0367cf8e90c440fbc5a80acf1b789470

220 Privet
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
331 Password required for anonymous
530 Login or password incorrect!

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:13:24.000Z",
   "app" : {
      "ftp" : {
         "anonymous" : "false"
      },
      "length" : 327
   },
   "asn" : "AS31430",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220 Privet\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n331 Password required for anonymous\n530 Login or password incorrect!\n",
   "datamd5" : "0367cf8e90c440fbc5a80acf1b789470",
   "datammh3" : 1905740148,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "tel.ru"
   ],
   "host" : [
      "static-217-147-18-162"
   ],
   "hostname" : [
      "static-217-147-18-162.tel.ru"
   ],
   "ip" : "217.147.18.162",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "OOO Suntel",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 500,
   "protocol" : "ftp",
   "reverse" : [
      "static-217-147-18-162.tel.ru"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "217.147.16.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ru"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
197.251.141.92

Network
197.251.128.0/17

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://197.251.141.92:500/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS29614

Organization
VODAFONE GHANA AS INTERNATIONAL TRANSIT

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
F5 Nginx 1.7.11

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
76d65b8716a6f69459ba5868fbfee4a9

HTTP Header MD5
c7aa6f9939a49cf411044b8178fcafdc

HTTP Body MD5
27726e0ccae7d6d8211fe11bf3cffeac

HTTP/1.1 400 Bad Request
Server: nginx/1.7.11.3 Gryphon
Date: Thu, 07 Nov 2024 05:12:30 GMT
Content-Type: text/html
Content-Length: 281
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.7.11.3 Gryphon</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:12:30.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "1.7.11.3"
         ]
      },
      "http" : {
         "bodymd5" : "27726e0ccae7d6d8211fe11bf3cffeac",
         "bodymmh3" : 1544565227,
         "headermd5" : "c7aa6f9939a49cf411044b8178fcafdc",
         "headermmh3" : 1485455654,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 443
   },
   "asn" : "AS29614",
   "city" : "Accra",
   "country" : "GH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.7.11.3 Gryphon\r\nDate: Thu, 07 Nov 2024 05:12:30 GMT\r\nContent-Type: text/html\r\nContent-Length: 281\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.7.11.3 Gryphon</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "76d65b8716a6f69459ba5868fbfee4a9",
   "datammh3" : 1274103024,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS29614",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "GH",
      "countryname" : "Ghana",
      "isineu" : "false",
      "latitude" : "7.946527",
      "location" : "7.946527,-1.023194",
      "longitude" : "-1.023194",
      "netname" : "Ghana-Telecommunications",
      "organization" : "VODAFONE GHANA IP BLOCK",
      "subnet" : "197.251.128.0/18"
   },
   "ip" : "197.251.141.92",
   "ipv6" : "false",
   "latitude" : "5.5486",
   "location" : "5.5486,-0.2012",
   "longitude" : "-0.2012",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "VODAFONE GHANA AS INTERNATIONAL TRANSIT",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 500,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.7.11",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "197.251.128.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
103.43.18.210

Network
103.43.16.0/22

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://103.43.18.210:500/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS132883

Organization
TOPWAY GLOBAL LIMITED

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
F5 Nginx 1.17.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
023c8c5e51d9ce9369af8e1f921f5e3f

HTTP Header MD5
f4eaba8998b0e515f84d95c1ad5ea5c7

HTTP Body MD5
a2b4897849c71fbcb21dd632d3506361

HTTP/1.1 400 Bad Request
Server: nginx/1.17.6
Date: Thu, 07 Nov 2024 04:43:23 GMT
Content-Type: text/html
Content-Length: 255
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.17.6</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:47:33.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "a2b4897849c71fbcb21dd632d3506361",
         "bodymmh3" : -2063426561,
         "headermd5" : "f4eaba8998b0e515f84d95c1ad5ea5c7",
         "headermmh3" : -233697247,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 407
   },
   "asn" : "AS132883",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 04:43:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.17.6</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "023c8c5e51d9ce9369af8e1f921f5e3f",
   "datammh3" : 457427036,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS132883",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnaaa.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "cnaaa",
      "organization" : "Jiangsu Sanai network science and technology co ,LTD",
      "subnet" : "103.43.16.0/22"
   },
   "ip" : "103.43.18.210",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TOPWAY GLOBAL LIMITED",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 500,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.17.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "103.43.16.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
206.127.8.57

Network
206.127.8.0/21

Domain(s)
datafoundry.com

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://206.127.8.57:500/ 200

Reverse DNS
206-127-8-57.fwd.datafoundry.com

ASN
AS3900

Organization
TEXASNET-ASN

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Kestrel Kestrel

HTTP Component(s)
Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a00b123b384faf593e9f8e9d6e3a6522

HTTP Header MD5
32c9b237afdc44115c43d9fb9b81ca18

HTTP Body MD5
b6d8dcc5f283a376abd85b8cc000b585

HTTP/1.1 200 OK
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Server: Kestrel
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 03:29:08 GMT
Connection: close

3
OK!
0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:29:08.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b6d8dcc5f283a376abd85b8cc000b585",
         "bodymmh3" : -411408352,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "headermd5" : "32c9b237afdc44115c43d9fb9b81ca18",
         "headermmh3" : 847254667
      },
      "length" : 197
   },
   "asn" : "AS3900",
   "city" : "Taylor",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nTransfer-Encoding: chunked\r\nContent-Type: text/plain; charset=utf-8\r\nServer: Kestrel\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 03:29:08 GMT\r\nConnection: close\r\n\r\n3\r\nOK!\r\n0\r\n\r\n",
   "datamd5" : "a00b123b384faf593e9f8e9d6e3a6522",
   "datammh3" : -1758387140,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "datafoundry.com"
   ],
   "geolocus" : {
      "asn" : "AS3900",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "datafoundry.com",
         "switch.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "TX1-CAMPSYSTEMS",
      "organization" : "SWITCH, LTD",
      "subnet" : "206.127.8.0/21"
   },
   "host" : [
      "206-127-8-57"
   ],
   "hostname" : [
      "206-127-8-57.fwd.datafoundry.com"
   ],
   "ip" : "206.127.8.57",
   "ipv6" : "false",
   "latitude" : "30.5709",
   "location" : "30.5709,-97.4093",
   "longitude" : "-97.4093",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TEXASNET-ASN",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 500,
   "product" : "Kestrel",
   "productvendor" : "Kestrel",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "206-127-8-57.fwd.datafoundry.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "fwd.datafoundry.com"
   ],
   "subnet" : "206.127.8.0/21",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
197.248.41.51

Network
197.248.0.0/16

Domain(s)
safaricombusiness.co.ke

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://197.248.41.51:500/ 302

Reverse DNS
197-248-41-51.safaricombusiness.co.ke

ASN
AS37061

Organization
Safaricom

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Apache HTTP Server 2.4.46

HTTP Component(s)
Apache mod_wsgi 4.7.1 Python Python 3.7

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2e1707a0dfa0c1d0d04900a205a3dab2

HTTP Header MD5
62ee9259097e740c5d3292d9107bc4ab

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Date: Thu, 07 Nov 2024 03:20:51 GMT
Server: Apache/2.4.46 (Win64) mod_wsgi/4.7.1 Python/3.7
Location: /login/?next=/
Vary: Accept-Language,Cookie
Pragma: no-cache
Cache-Control: no-store
Content-Language: en
Content-Length: 0
Content-Type: text/html; charset=utf-8
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:51.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "productvendor" : "Python",
               "productversion" : "3.7",
               "product" : "Python"
            },
            {
               "product" : "mod_wsgi",
               "productversion" : "4.7.1",
               "productvendor" : "Apache"
            }
         ],
         "headermd5" : "62ee9259097e740c5d3292d9107bc4ab",
         "headermmh3" : 1038910735
      },
      "length" : 315
   },
   "asn" : "AS37061",
   "city" : "Nairobi",
   "country" : "KE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 03:20:51 GMT\r\nServer: Apache/2.4.46 (Win64) mod_wsgi/4.7.1 Python/3.7\r\nLocation: /login/?next=/\r\nVary: Accept-Language,Cookie\r\nPragma: no-cache\r\nCache-Control: no-store\r\nContent-Language: en\r\nContent-Length: 0\r\nContent-Type: text/html; charset=utf-8\r\nConnection: close\r\n\r\n",
   "datamd5" : "2e1707a0dfa0c1d0d04900a205a3dab2",
   "datammh3" : 712890582,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "safaricombusiness.co.ke"
   ],
   "geolocus" : {
      "asn" : "AS33771",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "domain" : [
         "safaricombusiness.co.ke"
      ],
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "Safaricom-Business",
      "organization" : "Safaricom Limited",
      "subnet" : "197.248.0.0/18"
   },
   "host" : [
      "197-248-41-51"
   ],
   "hostname" : [
      "197-248-41-51.safaricombusiness.co.ke"
   ],
   "ip" : "197.248.41.51",
   "ipv6" : "false",
   "latitude" : "-1.2841",
   "location" : "-1.2841,36.8155",
   "longitude" : "36.8155",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Safaricom",
   "os" : "Windows",
   "osbits" : 64,
   "osvendor" : "Microsoft",
   "port" : 500,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.46",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "197-248-41-51.safaricombusiness.co.ke"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "197.248.0.0/16",
   "tld" : [
      "co.ke"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
82.77.56.132

Network
82.76.0.0/14

Domain(s)
infologic.ro

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://82.77.56.132:500/ 200

Reverse DNS
aurora.infologic.ro

ASN
AS8708

Organization
Digi Romania S.A.

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
8ef332b39452e8b6568a2c33d0853058

HTTP Header MD5
be433812701c2cadd3303fac3bcb38e4

HTTP Body MD5
f8738a07c592e8c523cf6055e6444007

HTTP/1.1 200 OK
Content-Length: 682
Content-Type: text/html
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 03:20:24 GMT
Connection: close

<!DOCTYPE html>
<html lang="en">
	<head>
		<title></title>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
	</head>
	<body class="skov">
        <div id="loadingApplicationSpinner" style="margin: 200px auto 0; width: 200px">
          <img id="loadingSpinner" src="resources/skins/_default/images/spinner/spinner-large.gif" alt="loading..."  style="display: block; width: 66px; height: 66px; margin: 0 auto;">
          <div style="line-height: 40px; text-align: center; color: #7A7A7A">Loading Web explorer ...</div>
        </div>

		<script type='text/javascript' src='steal/steal.production.js?webexplorer'></script>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:25.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "f8738a07c592e8c523cf6055e6444007",
         "bodymmh3" : -470223086,
         "headermd5" : "be433812701c2cadd3303fac3bcb38e4",
         "headermmh3" : -1791974408
      },
      "length" : 834
   },
   "asn" : "AS8708",
   "city" : "Oradea",
   "country" : "RO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Length: 682\r\nContent-Type: text/html\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:20:24 GMT\r\nConnection: close\r\n\r\n\ufeff<!DOCTYPE html>\r\n<html lang=\"en\">\r\n\t<head>\r\n\t\t<title></title>\r\n        <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\r\n\t</head>\r\n\t<body class=\"skov\">\r\n        <div id=\"loadingApplicationSpinner\" style=\"margin: 200px auto 0; width: 200px\">\r\n          <img id=\"loadingSpinner\" src=\"resources/skins/_default/images/spinner/spinner-large.gif\" alt=\"loading...\"  style=\"display: block; width: 66px; height: 66px; margin: 0 auto;\">\r\n          <div style=\"line-height: 40px; text-align: center; color: #7A7A7A\">Loading Web explorer ...</div>\r\n        </div>\r\n\r\n\t\t<script type='text/javascript' src='steal/steal.production.js?webexplorer'></script>\r\n\t</body>\r\n</html>",
   "datamd5" : "8ef332b39452e8b6568a2c33d0853058",
   "datammh3" : 630597334,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "infologic.ro"
   ],
   "host" : [
      "aurora"
   ],
   "hostname" : [
      "aurora.infologic.ro"
   ],
   "ip" : "82.77.56.132",
   "ipv6" : "false",
   "latitude" : "47.0479",
   "location" : "47.0479,21.9189",
   "longitude" : "21.9189",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Digi Romania S.A.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 500,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "aurora.infologic.ro"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "82.76.0.0/14",
   "tld" : [
      "ro"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
203.202.252.102

Network
203.202.240.0/20

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://203.202.252.102:500/ 404

ASN
AS24323

Organization
aamra networks limited

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft IIS 10.0

HTTP Component(s)
Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0a1356184b9021a8f4ef456db04addae

HTTP Header MD5
601bc276dbd05fc6677527bdd029af58

HTTP Body MD5
465981b2c7142b9fb660b39e2de874c1

HTTP/1.1 404 Not Found
Transfer-Encoding: chunked
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 03:20:04 GMT
Connection: close

0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "465981b2c7142b9fb660b39e2de874c1",
         "bodymmh3" : -421333641,
         "component" : [
            {
               "product" : "ASP.NET",
               "productvendor" : "Microsoft"
            }
         ],
         "headermd5" : "601bc276dbd05fc6677527bdd029af58",
         "headermmh3" : 1054476493
      },
      "length" : 166
   },
   "asn" : "AS24323",
   "city" : "Dhaka",
   "country" : "BD",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 404 Not Found\r\nTransfer-Encoding: chunked\r\nServer: Microsoft-IIS/10.0\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 03:20:04 GMT\r\nConnection: close\r\n\r\n0\r\n\r\n",
   "datamd5" : "0a1356184b9021a8f4ef456db04addae",
   "datammh3" : -1248672836,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS24323",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "BD",
      "countryname" : "Bangladesh",
      "domain" : [
         "aamra.com.bd"
      ],
      "isineu" : "false",
      "latitude" : "23.684994",
      "location" : "23.684994,90.356331",
      "longitude" : "90.356331",
      "netname" : "AAMRA-AS-AP",
      "organization" : "Aamra Networks Limited",
      "subnet" : "203.202.240.0/20"
   },
   "ip" : "203.202.252.102",
   "ipv6" : "false",
   "latitude" : "23.7534",
   "location" : "23.7534,90.3722",
   "longitude" : "90.3722",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "aamra networks limited",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 500,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "203.202.240.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 4,027 in 0.079 second(s)

185.167.91.253:500 (tcp/mysql) - last seen on 2024-11-07 at 05:30:26 UTC

217.20.178.125:500 (tcp/smtp) - last seen on 2024-11-07 at 05:30:23 UTC

152.231.116.45:500 (tcp/mysql) - last seen on 2024-11-07 at 05:22:31 UTC

217.147.18.162:500 (tcp/ftp) - last seen on 2024-11-07 at 05:13:24 UTC

197.251.141.92:500 (tcp/http) - last seen on 2024-11-07 at 05:12:30 UTC

103.43.18.210:500 (tcp/http) - last seen on 2024-11-07 at 04:47:33 UTC

206.127.8.57:500 (tcp/http) - last seen on 2024-11-07 at 03:29:08 UTC

197.248.41.51:500 (tcp/http) - last seen on 2024-11-07 at 03:20:51 UTC

82.77.56.132:500 (tcp/http) - last seen on 2024-11-07 at 03:20:25 UTC

203.202.252.102:500 (tcp/http) - last seen on 2024-11-07 at 03:20:05 UTC