ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 2 result(s) out of 2 in 0.108 second(s)

  • 194.153.192.175:5443 (tcp/http/tls) - last seen on 2024-11-07 at 05:16:44 UTC

    • IP
      194.153.192.175
      Network
      194.153.192.0/20
      Domain(s)
      draytek.com
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      URL

      https://194.153.192.175:5443/weblogin.htm 302

      ASN
      AS3302
      Organization
      Retelit Digital Services S.p.A.
      Protocol
      http Cert expired http
      Source
      urlscan::redirect
    • Product
      Server Server
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      Vigor Router
      Issuer Organization
      DrayTek Corp.
      Subject Organization
      DrayTek Corp.
      Subject Common Name
      Vigor Router
      Subject Alt Name
      www.draytek.com
      SHA256 Fingerprint
      7099fec50918b86c182f37e40335df7e319790ee51cba2e22026accf569e7b11
      Validity Not Before
      2021-06-03T14:39:00Z
      Validity Not After
      2022-07-03T14:39:00Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      031789ab3158b7718e8fc6456ee1ba08
      HTTP Header MD5
      4c423a1419130ee2426eba61c9956267
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Location: /weblogin.htm
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Length: 0
Connection: close
Date: Thu, 07 Nov 2024 05:16:41 GMT
Server: Server


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:16:44.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "4c423a1419130ee2426eba61c9956267",
         "headermmh3" : -1667566485
      },
      "length" : 380
   },
   "asn" : "AS3302",
   "ca" : "false",
   "city" : "Rome",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nLocation: /weblogin.htm\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: no-cache, no-store, must-revalidate\r\nExpires: -1\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000; includeSubdomains\r\nContent-Length: 0\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:16:41 GMT\r\nServer: Server\r\n\r\n",
   "datamd5" : "031789ab3158b7718e8fc6456ee1ba08",
   "datammh3" : 378853982,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "draytek.com"
   ],
   "extkeyusage" : [
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "ceed0a7c7bf36220f1324de5d67b93bb",
      "sha1" : "6bbc223f5c0046d74cf56594ff666fa2a6564bbe",
      "sha256" : "7099fec50918b86c182f37e40335df7e319790ee51cba2e22026accf569e7b11"
   },
   "forward" : "194.153.192.175",
   "geolocus" : {
      "asn" : "AS3302",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "IT",
      "countryname" : "Italy",
      "domain" : [
         "clouditalia.com",
         "irideos.it"
      ],
      "isineu" : "true",
      "latitude" : "41.87194",
      "location" : "41.87194,12.56738",
      "longitude" : "12.56738",
      "netname" : "IRIDEOS-NET",
      "organization" : "Irideos S.p.A.",
      "subnet" : "194.153.192.0/20"
   },
   "host" : [
      "www"
   ],
   "hostname" : [
      "194.153.192.175",
      "www.draytek.com"
   ],
   "ip" : "194.153.192.175",
   "ipv6" : "false",
   "issuer" : {
      "city" : "HuKou",
      "commonname" : "Vigor Router",
      "country" : "TW",
      "organization" : "DrayTek Corp.",
      "organizationalunit" : "DrayTek Support"
   },
   "latitude" : "41.8904",
   "location" : "41.8904,12.5126",
   "longitude" : "12.5126",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Retelit Digital Services S.p.A.",
   "port" : 5443,
   "product" : "Server",
   "productvendor" : "Server",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "serial" : "e3:e6:4a:10:5a:1b:ab:b3",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "urlscan::redirect",
   "status" : 302,
   "subject" : {
      "altname" : [
         "www.draytek.com"
      ],
      "city" : "HuKou",
      "commonname" : "Vigor Router",
      "country" : "TW",
      "organization" : "DrayTek Corp.",
      "organizationalunit" : "DrayTek Support"
   },
   "subnet" : "194.153.192.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/weblogin.htm",
   "validity" : {
      "notafter" : "2022-07-03T14:39:00Z",
      "notbefore" : "2021-06-03T14:39:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 194.153.192.175:5443 (tcp/http/tls) - last seen on 2024-11-04 at 23:34:38 UTC

    • IP
      194.153.192.175
      Alternative IP(s)
      104.26.10.249 104.26.11.249 172.67.71.48 2606:4700:20:0:0:0:681a:af9 2606:4700:20:0:0:0:681a:bf9 2606:4700:20:0:0:0:ac43:4730
      Network
      194.153.192.0/20
      Domain(s)
      clouditalia.com draytek.com
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      URL

      https://194.153.192.175:5443/ 302

      Reverse DNS
      ip-192-175.sn3.clouditalia.com
      ASN
      AS3302
      Organization
      Retelit Digital Services S.p.A.
      Protocol
      http Cert expired http
      Source
      datascan
    • Product
      Server Server
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      Vigor Router
      Issuer Organization
      DrayTek Corp.
      Subject Organization
      DrayTek Corp.
      Subject Common Name
      Vigor Router
      Subject Alt Name
      www.draytek.com
      SHA256 Fingerprint
      7099fec50918b86c182f37e40335df7e319790ee51cba2e22026accf569e7b11
      Validity Not Before
      2021-06-03T14:39:00Z
      Validity Not After
      2022-07-03T14:39:00Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      031789ab3158b7718e8fc6456ee1ba08
      HTTP Header MD5
      4c423a1419130ee2426eba61c9956267
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Location: /weblogin.htm
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Length: 0
Connection: close
Date: Mon, 04 Nov 2024 23:34:38 GMT
Server: Server


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-04T23:34:38.000Z",
   "alternativeip" : [
      "104.26.10.249",
      "104.26.11.249",
      "172.67.71.48",
      "2606:4700:20:0:0:0:681a:af9",
      "2606:4700:20:0:0:0:681a:bf9",
      "2606:4700:20:0:0:0:ac43:4730"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "4c423a1419130ee2426eba61c9956267",
         "headermmh3" : -1861531227
      },
      "length" : 380
   },
   "asn" : "AS3302",
   "ca" : "false",
   "city" : "Rome",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nLocation: /weblogin.htm\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: SAMEORIGIN\r\nCache-Control: no-cache, no-store, must-revalidate\r\nExpires: -1\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000; includeSubdomains\r\nContent-Length: 0\r\nConnection: close\r\nDate: Mon, 04 Nov 2024 23:34:38 GMT\r\nServer: Server\r\n\r\n",
   "datamd5" : "031789ab3158b7718e8fc6456ee1ba08",
   "datammh3" : 378853982,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "clouditalia.com",
      "draytek.com"
   ],
   "extkeyusage" : [
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "ceed0a7c7bf36220f1324de5d67b93bb",
      "sha1" : "6bbc223f5c0046d74cf56594ff666fa2a6564bbe",
      "sha256" : "7099fec50918b86c182f37e40335df7e319790ee51cba2e22026accf569e7b11"
   },
   "geolocus" : {
      "asn" : "AS3302",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "IT",
      "countryname" : "Italy",
      "domain" : [
         "clouditalia.com",
         "irideos.it"
      ],
      "isineu" : "true",
      "latitude" : "41.87194",
      "location" : "41.87194,12.56738",
      "longitude" : "12.56738",
      "netname" : "IRIDEOS-NET",
      "organization" : "Irideos S.p.A.",
      "subnet" : "194.153.192.0/20"
   },
   "host" : [
      "ip-192-175",
      "www"
   ],
   "hostname" : [
      "ip-192-175.sn3.clouditalia.com",
      "www.draytek.com"
   ],
   "ip" : "194.153.192.175",
   "ipv6" : "false",
   "issuer" : {
      "city" : "HuKou",
      "commonname" : "Vigor Router",
      "country" : "TW",
      "organization" : "DrayTek Corp.",
      "organizationalunit" : "DrayTek Support"
   },
   "latitude" : "41.8904",
   "location" : "41.8904,12.5126",
   "longitude" : "12.5126",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Retelit Digital Services S.p.A.",
   "port" : 5443,
   "product" : "Server",
   "productvendor" : "Server",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Found",
   "reverse" : [
      "ip-192-175.sn3.clouditalia.com"
   ],
   "seen_date" : "2024-11-04",
   "serial" : "e3:e6:4a:10:5a:1b:ab:b3",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "sn3.clouditalia.com"
   ],
   "subject" : {
      "altname" : [
         "www.draytek.com"
      ],
      "city" : "HuKou",
      "commonname" : "Vigor Router",
      "country" : "TW",
      "organization" : "DrayTek Corp.",
      "organizationalunit" : "DrayTek Support"
   },
   "subnet" : "194.153.192.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2022-07-03T14:39:00Z",
      "notbefore" : "2021-06-03T14:39:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}