ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 25 in 0.032 second(s)

  • 197.248.41.51:500 (tcp/http) - last seen on 2024-11-07 at 03:20:51 UTC

    • IP
      197.248.41.51
      Network
      197.248.0.0/16
      Domain(s)
      safaricombusiness.co.ke
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://197.248.41.51:500/ 302

      Reverse DNS
      197-248-41-51.safaricombusiness.co.ke
      ASN
      AS37061
      Organization
      Safaricom
      Protocol
      http
      Source
      datascan
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      safaricombusiness.co.ke
      Hostname(s)
      197-248-169-246.safaricombusiness.co.ke 197-248-185-205.safaricombusiness.co.ke 197-248-41-51.safaricombusiness.co.ke 197-248-97-57.safaricombusiness.co.ke 41-139-147-103.safaricombusiness.co.ke 41-139-201-39.safaricombusiness.co.ke 41-139-242-51.safaricombusiness.co.ke 41-90-125-167.safaricombusiness.co.ke
      IP(s)
      197.248.169.246 197.248.185.205 197.248.41.51 197.248.97.57 41.139.147.103 41.139.201.39 41.139.242.51 41.90.125.167
      Port(s)
      500
      Protocol(s)
      http mysql
      Tag(s)
      URL(s)
      /
    • Operating System
      Microsoft Windows
      Product
      Apache HTTP Server 2.4.46
      HTTP Component(s)
      Apache mod_wsgi 4.7.1 Python Python 3.7
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2e1707a0dfa0c1d0d04900a205a3dab2
      HTTP Header MD5
      62ee9259097e740c5d3292d9107bc4ab
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Date: Thu, 07 Nov 2024 03:20:51 GMT
Server: Apache/2.4.46 (Win64) mod_wsgi/4.7.1 Python/3.7
Location: /login/?next=/
Vary: Accept-Language,Cookie
Pragma: no-cache
Cache-Control: no-store
Content-Language: en
Content-Length: 0
Content-Type: text/html; charset=utf-8
Connection: close


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:51.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "product" : "Python",
               "productversion" : "3.7",
               "productvendor" : "Python"
            },
            {
               "product" : "mod_wsgi",
               "productvendor" : "Apache",
               "productversion" : "4.7.1"
            }
         ],
         "headermd5" : "62ee9259097e740c5d3292d9107bc4ab",
         "headermmh3" : 1038910735
      },
      "length" : 315
   },
   "asn" : "AS37061",
   "city" : "Nairobi",
   "country" : "KE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 03:20:51 GMT\r\nServer: Apache/2.4.46 (Win64) mod_wsgi/4.7.1 Python/3.7\r\nLocation: /login/?next=/\r\nVary: Accept-Language,Cookie\r\nPragma: no-cache\r\nCache-Control: no-store\r\nContent-Language: en\r\nContent-Length: 0\r\nContent-Type: text/html; charset=utf-8\r\nConnection: close\r\n\r\n",
   "datamd5" : "2e1707a0dfa0c1d0d04900a205a3dab2",
   "datammh3" : 712890582,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "safaricombusiness.co.ke"
   ],
   "geolocus" : {
      "asn" : "AS33771",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "domain" : [
         "safaricombusiness.co.ke"
      ],
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "Safaricom-Business",
      "organization" : "Safaricom Limited",
      "subnet" : "197.248.0.0/18"
   },
   "host" : [
      "197-248-41-51"
   ],
   "hostname" : [
      "197-248-41-51.safaricombusiness.co.ke"
   ],
   "ip" : "197.248.41.51",
   "ipv6" : "false",
   "latitude" : "-1.2841",
   "location" : "-1.2841,36.8155",
   "longitude" : "36.8155",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Safaricom",
   "os" : "Windows",
   "osbits" : 64,
   "osvendor" : "Microsoft",
   "port" : 500,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.46",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "197-248-41-51.safaricombusiness.co.ke"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "197.248.0.0/16",
   "tld" : [
      "co.ke"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 41.139.242.51:500 (tcp/http) - last seen on 2024-11-05 at 00:53:13 UTC

    • IP
      41.139.242.51
      Network
      41.139.128.0/17
      Domain(s)
      safaricombusiness.co.ke
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://41.139.242.51:500/ 200

      HTTP Title
      IIS Windows Server
      Reverse DNS
      41-139-242-51.safaricombusiness.co.ke
      ASN
      AS37061
      Organization
      Safaricom
      Protocol
      http
      Source
      datascan
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      safaricombusiness.co.ke
      Hostname(s)
      197-248-169-246.safaricombusiness.co.ke 197-248-185-205.safaricombusiness.co.ke 197-248-41-51.safaricombusiness.co.ke 197-248-97-57.safaricombusiness.co.ke 41-139-147-103.safaricombusiness.co.ke 41-139-201-39.safaricombusiness.co.ke 41-139-242-51.safaricombusiness.co.ke 41-90-125-167.safaricombusiness.co.ke
      IP(s)
      197.248.169.246 197.248.185.205 197.248.41.51 197.248.97.57 41.139.147.103 41.139.201.39 41.139.242.51 41.90.125.167
      Port(s)
      500
      Protocol(s)
      http mysql
      Tag(s)
      URL(s)
      /
    • Operating System
      Microsoft Windows
      Product
      Microsoft IIS 10.0
      HTTP Component(s)
      Microsoft ASP.NET Microsoft IIS
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0ca775a6b65f845f5163e490398a9acf
      HTTP Header MD5
      c45e463ffd89b34a781c977b38f3ecbc
      HTTP Body MD5
      654ae82705924352d2363b1d797997ce 
    • HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 28 Mar 2024 07:28:36 GMT
Accept-Ranges: bytes
ETag: "a62d1d8ce180da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 05 Nov 2024 00:53:13 GMT
Connection: close
Content-Length: 703

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>IIS Windows Server</title>
<style type="text/css">
<!--
body {
	color:#000000;
	background-color:#0072C6;
	margin:0;
}

#container {
	margin-left:auto;
	margin-right:auto;
	text-align:center;
	}

a img {
	border:none;
}

-->
</style>
</head>
<body>
<div id="container">
<a href="http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409"><img src="iisstart.png" alt="IIS" width="960" height="600" /></a>
</div>
</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T00:53:13.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org",
            "microsoft.com"
         ],
         "hostname" : [
            "go.microsoft.com",
            "www.w3.org"
         ],
         "url" : [
            "http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409",
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "654ae82705924352d2363b1d797997ce",
         "bodymmh3" : 703707298,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "IIS"
            },
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "header" : [
            {
               "value" : "Thu, 28 Mar 2024 07:28:36 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "a62d1d8ce180da1:0"
            }
         ],
         "headermd5" : "c45e463ffd89b34a781c977b38f3ecbc",
         "headermmh3" : -2145688340,
         "title" : "IIS Windows Server"
      },
      "length" : 970
   },
   "asn" : "AS37061",
   "city" : "Nairobi",
   "country" : "KE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nLast-Modified: Thu, 28 Mar 2024 07:28:36 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a62d1d8ce180da1:0\"\r\nServer: Microsoft-IIS/10.0\r\nX-Powered-By: ASP.NET\r\nDate: Tue, 05 Nov 2024 00:53:13 GMT\r\nConnection: close\r\nContent-Length: 703\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\r\n<title>IIS Windows Server</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody {\r\n\tcolor:#000000;\r\n\tbackground-color:#0072C6;\r\n\tmargin:0;\r\n}\r\n\r\n#container {\r\n\tmargin-left:auto;\r\n\tmargin-right:auto;\r\n\ttext-align:center;\r\n\t}\r\n\r\na img {\r\n\tborder:none;\r\n}\r\n\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"container\">\r\n<a href=\"http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409\"><img src=\"iisstart.png\" alt=\"IIS\" width=\"960\" height=\"600\" /></a>\r\n</div>\r\n</body>\r\n</html>",
   "datamd5" : "0ca775a6b65f845f5163e490398a9acf",
   "datammh3" : 1065540519,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "safaricombusiness.co.ke"
   ],
   "geolocus" : {
      "asn" : "AS33771",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "domain" : [
         "safaricombusiness.co.ke"
      ],
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "Converged_services_Coast",
      "organization" : "Safaricom Limited",
      "subnet" : "41.139.224.0/19"
   },
   "host" : [
      "41-139-242-51"
   ],
   "hostname" : [
      "41-139-242-51.safaricombusiness.co.ke"
   ],
   "ip" : "41.139.242.51",
   "ipv6" : "false",
   "latitude" : "-1.2841",
   "location" : "-1.2841,36.8155",
   "longitude" : "36.8155",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Safaricom",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 500,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "41-139-242-51.safaricombusiness.co.ke"
   ],
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "41.139.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "co.ke"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 197.248.97.57:500 (tcp/mysql) - last seen on 2024-11-03 at 09:02:52 UTC

  • 41.139.147.103:500 (tcp/mysql) - last seen on 2024-11-01 at 01:28:35 UTC

  • 197.248.169.246:500 (tcp/http) - last seen on 2024-10-26 at 15:50:53 UTC

    • IP
      197.248.169.246
      Network
      197.248.0.0/16
      Domain(s)
      safaricombusiness.co.ke
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://197.248.169.246:500/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      Reverse DNS
      197-248-169-246.safaricombusiness.co.ke
      ASN
      AS37061
      Organization
      Safaricom
      Protocol
      http
      Source
      datascan
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      safaricombusiness.co.ke
      Hostname(s)
      197-248-169-246.safaricombusiness.co.ke 197-248-185-205.safaricombusiness.co.ke 197-248-41-51.safaricombusiness.co.ke 197-248-97-57.safaricombusiness.co.ke 41-139-147-103.safaricombusiness.co.ke 41-139-201-39.safaricombusiness.co.ke 41-139-242-51.safaricombusiness.co.ke 41-90-125-167.safaricombusiness.co.ke
      IP(s)
      197.248.169.246 197.248.185.205 197.248.41.51 197.248.97.57 41.139.147.103 41.139.201.39 41.139.242.51 41.90.125.167
      Port(s)
      500
      Protocol(s)
      http mysql
      Tag(s)
      URL(s)
      /
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0c1820e0d381850a77897bf32978a1f0
      HTTP Header MD5
      a629a0fe278971ad61801ba6975ba467
      HTTP Body MD5
      ea425366a98dfc499c0cbeedb9a4f02a 
    • HTTP/1.1 400 Bad Request
Server: nginx
Date: Sat, 26 Oct 2024 15:50:53 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-26T15:50:53.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : -1097518355,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS37061",
   "city" : "Nairobi",
   "country" : "KE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Sat, 26 Oct 2024 15:50:53 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "safaricombusiness.co.ke"
   ],
   "geolocus" : {
      "asn" : "AS37061",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "domain" : [
         "safaricombusiness.co.ke"
      ],
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "Safaricom-Business",
      "organization" : "Safaricom Limited",
      "subnet" : "197.248.168.0/22"
   },
   "host" : [
      "197-248-169-246"
   ],
   "hostname" : [
      "197-248-169-246.safaricombusiness.co.ke"
   ],
   "ip" : "197.248.169.246",
   "ipv6" : "false",
   "latitude" : "-1.2841",
   "location" : "-1.2841,36.8155",
   "longitude" : "36.8155",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Safaricom",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 500,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "197-248-169-246.safaricombusiness.co.ke"
   ],
   "seen_date" : "2024-10-26",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "197.248.0.0/16",
   "tld" : [
      "co.ke"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 41.139.242.51:500 (tcp/http) - last seen on 2024-10-26 at 01:34:11 UTC

    • IP
      41.139.242.51
      Network
      41.139.128.0/17
      Domain(s)
      safaricombusiness.co.ke
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://41.139.242.51:500/ 200

      HTTP Title
      IIS Windows Server
      Reverse DNS
      41-139-242-51.safaricombusiness.co.ke
      ASN
      AS37061
      Organization
      Safaricom
      Protocol
      http
      Source
      datascan
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      safaricombusiness.co.ke
      Hostname(s)
      197-248-169-246.safaricombusiness.co.ke 197-248-185-205.safaricombusiness.co.ke 197-248-41-51.safaricombusiness.co.ke 197-248-97-57.safaricombusiness.co.ke 41-139-147-103.safaricombusiness.co.ke 41-139-201-39.safaricombusiness.co.ke 41-139-242-51.safaricombusiness.co.ke 41-90-125-167.safaricombusiness.co.ke
      IP(s)
      197.248.169.246 197.248.185.205 197.248.41.51 197.248.97.57 41.139.147.103 41.139.201.39 41.139.242.51 41.90.125.167
      Port(s)
      500
      Protocol(s)
      http mysql
      Tag(s)
      URL(s)
      /
    • Operating System
      Microsoft Windows
      Product
      Microsoft IIS 10.0
      HTTP Component(s)
      Microsoft IIS Microsoft ASP.NET
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0ca775a6b65f845f5163e490398a9acf
      HTTP Header MD5
      c45e463ffd89b34a781c977b38f3ecbc
      HTTP Body MD5
      654ae82705924352d2363b1d797997ce 
    • HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 28 Mar 2024 07:28:36 GMT
Accept-Ranges: bytes
ETag: "a62d1d8ce180da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sat, 26 Oct 2024 01:34:11 GMT
Connection: close
Content-Length: 703

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>IIS Windows Server</title>
<style type="text/css">
<!--
body {
	color:#000000;
	background-color:#0072C6;
	margin:0;
}

#container {
	margin-left:auto;
	margin-right:auto;
	text-align:center;
	}

a img {
	border:none;
}

-->
</style>
</head>
<body>
<div id="container">
<a href="http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409"><img src="iisstart.png" alt="IIS" width="960" height="600" /></a>
</div>
</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-26T01:34:11.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org",
            "microsoft.com"
         ],
         "hostname" : [
            "go.microsoft.com",
            "www.w3.org"
         ],
         "url" : [
            "http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409",
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "654ae82705924352d2363b1d797997ce",
         "bodymmh3" : 703707298,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "IIS"
            },
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Thu, 28 Mar 2024 07:28:36 GMT"
            },
            {
               "name" : "ETag",
               "value" : "a62d1d8ce180da1:0"
            }
         ],
         "headermd5" : "c45e463ffd89b34a781c977b38f3ecbc",
         "headermmh3" : 325209822,
         "title" : "IIS Windows Server"
      },
      "length" : 970
   },
   "asn" : "AS37061",
   "city" : "Nairobi",
   "country" : "KE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nLast-Modified: Thu, 28 Mar 2024 07:28:36 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a62d1d8ce180da1:0\"\r\nServer: Microsoft-IIS/10.0\r\nX-Powered-By: ASP.NET\r\nDate: Sat, 26 Oct 2024 01:34:11 GMT\r\nConnection: close\r\nContent-Length: 703\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\r\n<title>IIS Windows Server</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody {\r\n\tcolor:#000000;\r\n\tbackground-color:#0072C6;\r\n\tmargin:0;\r\n}\r\n\r\n#container {\r\n\tmargin-left:auto;\r\n\tmargin-right:auto;\r\n\ttext-align:center;\r\n\t}\r\n\r\na img {\r\n\tborder:none;\r\n}\r\n\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"container\">\r\n<a href=\"http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409\"><img src=\"iisstart.png\" alt=\"IIS\" width=\"960\" height=\"600\" /></a>\r\n</div>\r\n</body>\r\n</html>",
   "datamd5" : "0ca775a6b65f845f5163e490398a9acf",
   "datammh3" : 1065540519,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "safaricombusiness.co.ke"
   ],
   "geolocus" : {
      "asn" : "AS37061",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "domain" : [
         "safaricombusiness.co.ke"
      ],
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "Converged_services_Coast",
      "organization" : "For Converged services Coast",
      "subnet" : "41.139.224.0/19"
   },
   "host" : [
      "41-139-242-51"
   ],
   "hostname" : [
      "41-139-242-51.safaricombusiness.co.ke"
   ],
   "ip" : "41.139.242.51",
   "ipv6" : "false",
   "latitude" : "-1.2841",
   "location" : "-1.2841,36.8155",
   "longitude" : "36.8155",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Safaricom",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 500,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "41-139-242-51.safaricombusiness.co.ke"
   ],
   "seen_date" : "2024-10-26",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "41.139.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "co.ke"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 197.248.97.57:500 (tcp/mysql) - last seen on 2024-10-25 at 05:25:30 UTC

  • 41.90.125.167:500 (tcp/http) - last seen on 2024-10-24 at 19:35:05 UTC

    • IP
      41.90.125.167
      Network
      41.90.96.0/19
      Domain(s)
      safaricombusiness.co.ke
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://41.90.125.167:500/ 200

      HTTP Title
      RouterOS
      Reverse DNS
      41-90-125-167.safaricombusiness.co.ke
      ASN
      AS37061
      Organization
      Safaricom
      Protocol
      http
      Source
      datascan
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      safaricombusiness.co.ke
      Hostname(s)
      197-248-169-246.safaricombusiness.co.ke 197-248-185-205.safaricombusiness.co.ke 197-248-41-51.safaricombusiness.co.ke 197-248-97-57.safaricombusiness.co.ke 41-139-147-103.safaricombusiness.co.ke 41-139-201-39.safaricombusiness.co.ke 41-139-242-51.safaricombusiness.co.ke 41-90-125-167.safaricombusiness.co.ke
      IP(s)
      197.248.169.246 197.248.185.205 197.248.41.51 197.248.97.57 41.139.147.103 41.139.201.39 41.139.242.51 41.90.125.167
      Port(s)
      500
      Protocol(s)
      http mysql
      Tag(s)
      URL(s)
      /
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a5e5c0bc09a03c8a36ebd478367f2680
      HTTP Header MD5
      407aa541200c06b973aff7a158a5a2c1
      HTTP Body MD5
      6579fb9bb0bd3be410adb26f2b2fe08e 
    • HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Connection: close
Content-Length: 2723
Content-Type: text/html
Date: Thu, 24 Oct 2024 19:35:02 GMT
Expires: Fri, 24 Oct 2025 19:35:02 GMT
X-Frame-Options: sameorigin

<!doctype html>
<html lang="en">
<meta charset="utf-8">
<link rel="icon" href="/favicon.png">
<link rel="icon" href="/favicon.svg">
<title>RouterOS</title>
<style>
body {
    font-family: Verdana, Geneva, sans-serif;
    font-size: 11px;
}
img {border: none}
img:hover {opacity: 0.8;}
h1 {
    font-size: 1.7em;
    display: inline;
    margin-bottom: 10px;
}
#container {
    width: 70%;
    margin: 10% auto;
}
#box {
    background: linear-gradient(#ffffff,#f3f3f3);
    border: 1px solid #c1c1c1;
    padding: 30px;
}
.floater {float: left; margin-right: 10px;}
.floater label {display: block; text-align: center;}

#login {margin: 2em 0 2em 0;}
#login td {padding: 0 4px 0 0;}
#login td.label {text-align: right;}

#login input {
    margin: 2px;
    padding: 2px;
    border: 1px solid #888;
    box-shadow: 1px 1px 3px rgba(0,0,0,0.3);
}
#error {
    color:red;
    padding: 1em 0 0 0;
}
#login input[type=submit] {
    box-shadow:inset 0px 1px 0px 0px #ffffff;
    background-color:#ededed;
    border-radius:3px;
    border:1px solid #dcdcdc;
    cursor:pointer;
    color:#000;
    font-size:12px;
    padding:4px 24px;
}
#login input[type=submit]:hover {
    background-color:#dfdfdf;
}
#login input[type=submit]:active {
    position:relative;
    top:1px;
}
</style>
<script src="script.js"></script>

<div id="container">
<div id="box">
<a href="https://mikrotik.com"><img src="mikrotik_logo.png" style="float: right;" alt="Mikrotik"></a><br style="clear: both;">
<h1>RouterOS</h1>
<p>You have connected to a router. Administrative access only. If this device is not in your possession, please contact your local network administrator.</p>
<form id="login">
<table>
    <tr><td class="label"><label for="name">Login:</label>
        <td><input id="name" autocomplete="username" type="text" data-defaultuser="admin">
    <tr><td class="label"><label for="password">Password:</label>
        <td><input id="password" type="password" autofocus>
        <td><input type="submit" value="Login">
        <td>
    <tr><td colspan="3">
    <div id="error"></div>
</table>
</form>
<div>
    <div class="floater"><a href="https://mt.lv/winbox64"><img src="winbox.png" alt="Winbox"></a><br><label>Winbox</label></div>
    <div class="floater"><a href="/graphs"><img src="green.png" alt="Graphs"></a><br><label>Graphs</label></div>
    <div class="floater"><a href="/help/license.html"><img src="license.png" alt="License"></a><br><label>License</label></div>
    <div class="floater"><a href="https://help.mikrotik.com/docs/"><img src="help.png" alt="Help"></a><br><label>Help</label></div>
</div>
<br style="clear: both">
<div style="float: right">&copy; <a href="https://mikrotik.com">mikrotik</a></div>
</div>
</div>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-24T19:35:05.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "mikrotik.com",
            "mt.lv"
         ],
         "hostname" : [
            "help.mikrotik.com",
            "mikrotik.com",
            "mt.lv"
         ],
         "url" : [
            "https://help.mikrotik.com/docs/",
            "https://mikrotik.com",
            "https://mt.lv/winbox64"
         ]
      },
      "favicon" : {
         "url" : "/favicon.svg"
      },
      "http" : {
         "bodymd5" : "6579fb9bb0bd3be410adb26f2b2fe08e",
         "bodymmh3" : -1182782343,
         "headermd5" : "407aa541200c06b973aff7a158a5a2c1",
         "headermmh3" : -1887966136,
         "title" : "RouterOS"
      },
      "length" : 2947
   },
   "asn" : "AS37061",
   "city" : "Nairobi",
   "country" : "KE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nCache-Control: max-age=31536000\r\nConnection: close\r\nContent-Length: 2723\r\nContent-Type: text/html\r\nDate: Thu, 24 Oct 2024 19:35:02 GMT\r\nExpires: Fri, 24 Oct 2025 19:35:02 GMT\r\nX-Frame-Options: sameorigin\r\n\r\n<!doctype html>\n<html lang=\"en\">\n<meta charset=\"utf-8\">\n<link rel=\"icon\" href=\"/favicon.png\">\n<link rel=\"icon\" href=\"/favicon.svg\">\n<title>RouterOS</title>\n<style>\nbody {\n    font-family: Verdana, Geneva, sans-serif;\n    font-size: 11px;\n}\nimg {border: none}\nimg:hover {opacity: 0.8;}\nh1 {\n    font-size: 1.7em;\n    display: inline;\n    margin-bottom: 10px;\n}\n#container {\n    width: 70%;\n    margin: 10% auto;\n}\n#box {\n    background: linear-gradient(#ffffff,#f3f3f3);\n    border: 1px solid #c1c1c1;\n    padding: 30px;\n}\n.floater {float: left; margin-right: 10px;}\n.floater label {display: block; text-align: center;}\n\n#login {margin: 2em 0 2em 0;}\n#login td {padding: 0 4px 0 0;}\n#login td.label {text-align: right;}\n\n#login input {\n    margin: 2px;\n    padding: 2px;\n    border: 1px solid #888;\n    box-shadow: 1px 1px 3px rgba(0,0,0,0.3);\n}\n#error {\n    color:red;\n    padding: 1em 0 0 0;\n}\n#login input[type=submit] {\n    box-shadow:inset 0px 1px 0px 0px #ffffff;\n    background-color:#ededed;\n    border-radius:3px;\n    border:1px solid #dcdcdc;\n    cursor:pointer;\n    color:#000;\n    font-size:12px;\n    padding:4px 24px;\n}\n#login input[type=submit]:hover {\n    background-color:#dfdfdf;\n}\n#login input[type=submit]:active {\n    position:relative;\n    top:1px;\n}\n</style>\n<script src=\"script.js\"></script>\n\n<div id=\"container\">\n<div id=\"box\">\n<a href=\"https://mikrotik.com\"><img src=\"mikrotik_logo.png\" style=\"float: right;\" alt=\"Mikrotik\"></a><br style=\"clear: both;\">\n<h1>RouterOS</h1>\n<p>You have connected to a router. Administrative access only. If this device is not in your possession, please contact your local network administrator.</p>\n<form id=\"login\">\n<table>\n    <tr><td class=\"label\"><label for=\"name\">Login:</label>\n        <td><input id=\"name\" autocomplete=\"username\" type=\"text\" data-defaultuser=\"admin\">\n    <tr><td class=\"label\"><label for=\"password\">Password:</label>\n        <td><input id=\"password\" type=\"password\" autofocus>\n        <td><input type=\"submit\" value=\"Login\">\n        <td>\n    <tr><td colspan=\"3\">\n    <div id=\"error\"></div>\n</table>\n</form>\n<div>\n    <div class=\"floater\"><a href=\"https://mt.lv/winbox64\"><img src=\"winbox.png\" alt=\"Winbox\"></a><br><label>Winbox</label></div>\n    <div class=\"floater\"><a href=\"/graphs\"><img src=\"green.png\" alt=\"Graphs\"></a><br><label>Graphs</label></div>\n    <div class=\"floater\"><a href=\"/help/license.html\"><img src=\"license.png\" alt=\"License\"></a><br><label>License</label></div>\n    <div class=\"floater\"><a href=\"https://help.mikrotik.com/docs/\"><img src=\"help.png\" alt=\"Help\"></a><br><label>Help</label></div>\n</div>\n<br style=\"clear: both\">\n<div style=\"float: right\">&copy; <a href=\"https://mikrotik.com\">mikrotik</a></div>\n</div>\n</div>\n",
   "datamd5" : "a5e5c0bc09a03c8a36ebd478367f2680",
   "datammh3" : 2129494745,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "safaricombusiness.co.ke"
   ],
   "geolocus" : {
      "asn" : "AS37061",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "domain" : [
         "safaricombusiness.co.ke"
      ],
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "SFC-GPRS-EDGE-3G-SERVICE-POOL1",
      "organization" : "Safaricom Limited",
      "subnet" : "41.90.96.0/19"
   },
   "host" : [
      "41-90-125-167"
   ],
   "hostname" : [
      "41-90-125-167.safaricombusiness.co.ke"
   ],
   "ip" : "41.90.125.167",
   "ipv6" : "false",
   "latitude" : "-1.2841",
   "location" : "-1.2841,36.8155",
   "longitude" : "36.8155",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Safaricom",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 500,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "41-90-125-167.safaricombusiness.co.ke"
   ],
   "seen_date" : "2024-10-24",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "41.90.96.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "co.ke"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 41.139.201.39:500 (tcp/http) - last seen on 2024-10-22 at 08:13:12 UTC

    • IP
      41.139.201.39
      Network
      41.139.128.0/17
      Domain(s)
      safaricombusiness.co.ke
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://41.139.201.39:500/ 302

      Reverse DNS
      41-139-201-39.safaricombusiness.co.ke
      ASN
      AS37061
      Organization
      Safaricom
      Protocol
      http
      Source
      datascan
    • NOTE
      This tab is a merge from current page results.
      CPE(s)
      Domain(s)
      safaricombusiness.co.ke
      Hostname(s)
      197-248-169-246.safaricombusiness.co.ke 197-248-185-205.safaricombusiness.co.ke 197-248-41-51.safaricombusiness.co.ke 197-248-97-57.safaricombusiness.co.ke 41-139-147-103.safaricombusiness.co.ke 41-139-201-39.safaricombusiness.co.ke 41-139-242-51.safaricombusiness.co.ke 41-90-125-167.safaricombusiness.co.ke
      IP(s)
      197.248.169.246 197.248.185.205 197.248.41.51 197.248.97.57 41.139.147.103 41.139.201.39 41.139.242.51 41.90.125.167
      Port(s)
      500
      Protocol(s)
      http mysql
      Tag(s)
      URL(s)
      /
    • Operating System
      Microsoft Windows
      Product
      Apache HTTP Server 2.2.17
      HTTP Component(s)
      PHP PHP 5.3.4 PHP PHP 5.3.5 OpenSSL OpenSSL 0.9.8o modssl mod_ssl 2.2.17 Perl Perl 5.10.1 Apache mod_perl 2.0.4
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4dd163c559c7cc0b261c4efb4ddd88b3
      HTTP Header MD5
      bfd016132a5fec4ba69098d46352b01c
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Date: Tue, 22 Oct 2024 08:13:11 GMT
Server: Apache/2.2.17 (Win32) mod_ssl/2.2.17 OpenSSL/0.9.8o PHP/5.3.4 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.5
Location: http://<ip>:500/xampp/
Content-Length: 0
Connection: close
Content-Type: text/html


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-22T08:13:12.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "product" : "OpenSSL",
               "productvendor" : "OpenSSL",
               "productversion" : "0.9.8o"
            },
            {
               "product" : "PHP",
               "productvendor" : "PHP",
               "productversion" : "5.3.5"
            },
            {
               "product" : "PHP",
               "productvendor" : "PHP",
               "productversion" : "5.3.4"
            },
            {
               "product" : "mod_perl",
               "productvendor" : "Apache",
               "productversion" : "2.0.4"
            },
            {
               "product" : "mod_ssl",
               "productvendor" : "modssl",
               "productversion" : "2.2.17"
            },
            {
               "product" : "Perl",
               "productvendor" : "Perl",
               "productversion" : "5.10.1"
            }
         ],
         "headermd5" : "bfd016132a5fec4ba69098d46352b01c",
         "headermmh3" : -1023734172
      },
      "length" : 280
   },
   "asn" : "AS37061",
   "city" : "Nairobi",
   "country" : "KE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Tue, 22 Oct 2024 08:13:11 GMT\r\nServer: Apache/2.2.17 (Win32) mod_ssl/2.2.17 OpenSSL/0.9.8o PHP/5.3.4 mod_perl/2.0.4 Perl/v5.10.1\r\nX-Powered-By: PHP/5.3.5\r\nLocation: http://<ip>:500/xampp/\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html\r\n\r\n",
   "datamd5" : "4dd163c559c7cc0b261c4efb4ddd88b3",
   "datammh3" : 1885557392,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "safaricombusiness.co.ke"
   ],
   "geolocus" : {
      "asn" : "AS33771",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "KE",
      "countryname" : "Kenya",
      "domain" : [
         "safaricombusiness.co.ke"
      ],
      "isineu" : "false",
      "latitude" : "-0.023559",
      "location" : "-0.023559,37.906193",
      "longitude" : "37.906193",
      "netname" : "Converged_services_Western",
      "organization" : "Safaricom Limited",
      "subnet" : "41.139.192.0/19"
   },
   "host" : [
      "41-139-201-39"
   ],
   "hostname" : [
      "41-139-201-39.safaricombusiness.co.ke"
   ],
   "ip" : "41.139.201.39",
   "ipv6" : "false",
   "latitude" : "-1.2841",
   "location" : "-1.2841,36.8155",
   "longitude" : "36.8155",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Safaricom",
   "os" : "Windows",
   "osbits" : 32,
   "osvendor" : "Microsoft",
   "port" : 500,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.2.17",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "41-139-201-39.safaricombusiness.co.ke"
   ],
   "seen_date" : "2024-10-22",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "41.139.128.0/17",
   "tld" : [
      "co.ke"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 197.248.185.205:500 (tcp/mysql) - last seen on 2024-10-21 at 20:18:48 UTC