ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 24,166 in 0.081 second(s)

  • 188.25.196.117:6080 (tcp/http) - last seen on 2024-11-07 at 05:54:12 UTC

    • IP
      188.25.196.117
      Network
      188.24.0.0/15
      Domain(s)
      rdsnet.ro
      Device

      <enterprise field>: device.class

      Operating System
      FreeBSD FreeBSD
      URL

      http://188.25.196.117:6080/ 401

      Reverse DNS
      188-25-196-117.rdsnet.ro
      ASN
      AS8708
      Organization
      Digi Romania S.A.
      Protocol
      http
      Source
      datascan
    • Operating System
      FreeBSD FreeBSD
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      f4d06da34a9318dac418c2521d7c0cf6
      HTTP Header MD5
      f0b99b5e5add72094933cd8ee6c08e78
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 401 Unauthorized
Connection: close
Content-Length: 0
Content-Type: text/html
WWW-Authenticate: Basic realm="uTorrent"
Cache-Control: no-cache


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:54:12.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "f0b99b5e5add72094933cd8ee6c08e78",
         "headermmh3" : -1681234411,
         "realm" : "uTorrent"
      },
      "length" : 159
   },
   "asn" : "AS8708",
   "city" : "Sector 3",
   "country" : "RO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nConnection: close\r\nContent-Length: 0\r\nContent-Type: text/html\r\nWWW-Authenticate: Basic realm=\"uTorrent\"\r\nCache-Control: no-cache\r\n\r\n",
   "datamd5" : "f4d06da34a9318dac418c2521d7c0cf6",
   "datammh3" : 308042020,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "rdsnet.ro"
   ],
   "host" : [
      "188-25-196-117"
   ],
   "hostname" : [
      "188-25-196-117.rdsnet.ro"
   ],
   "ip" : "188.25.196.117",
   "ipv6" : "false",
   "latitude" : "44.4152",
   "location" : "44.4152,26.1660",
   "longitude" : "26.1660",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Digi Romania S.A.",
   "os" : "FreeBSD",
   "osvendor" : "FreeBSD",
   "port" : 6080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "188-25-196-117.rdsnet.ro"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "188.24.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ro"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 89.157.253.249:6080 (tcp/http) - last seen on 2024-11-07 at 05:45:23 UTC

    • IP
      89.157.253.249
      Network
      89.157.128.0/17
      Domain(s)
      sfr.net
      Device

      <enterprise field>: device.class

      Operating System
      ReactOS ReactOS
      URL

      http://89.157.253.249:6080/ 302

      Reverse DNS
      249.253.157.89.rev.sfr.net
      ASN
      AS15557
      Organization
      Societe Francaise Du Radiotelephone - SFR SA
      Protocol
      http
      Source
      datascan
    • Operating System
      ReactOS ReactOS
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e844869fbd37750bc0c86c421d76d551
      HTTP Header MD5
      8c7dac588dd0f3fc582e0e4c925f5183
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.0 302 Redirect
Server: BRCM HTTP Server
Location: https://<ip>:4430/index.html
Content-type: text/html
Connection: close


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:45:23.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "8c7dac588dd0f3fc582e0e4c925f5183",
         "headermmh3" : 1202391343
      },
      "length" : 135
   },
   "asn" : "AS15557",
   "city" : "Bliesbruck",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 302 Redirect\r\nServer: BRCM HTTP Server\r\nLocation: https://<ip>:4430/index.html\r\nContent-type: text/html\r\nConnection: close\r\n\r\n",
   "datamd5" : "e844869fbd37750bc0c86c421d76d551",
   "datammh3" : 2019645940,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "sfr.net"
   ],
   "geolocus" : {
      "asn" : "AS15557",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "gaoland.net",
         "numericable.fr",
         "sfr.net"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "FR-NCNUMERICABLE",
      "organization" : "End-User NUMERICABLE",
      "subnet" : "89.157.128.0/17"
   },
   "host" : [
      249
   ],
   "hostname" : [
      "249.253.157.89.rev.sfr.net"
   ],
   "ip" : "89.157.253.249",
   "ipv6" : "false",
   "latitude" : "49.1192",
   "location" : "49.1192,7.1814",
   "longitude" : "7.1814",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Societe Francaise Du Radiotelephone - SFR SA",
   "os" : "ReactOS",
   "osvendor" : "ReactOS",
   "port" : 6080,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Redirect",
   "reverse" : [
      "249.253.157.89.rev.sfr.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "157.89.rev.sfr.net",
      "253.157.89.rev.sfr.net",
      "89.rev.sfr.net",
      "rev.sfr.net"
   ],
   "subnet" : "89.157.128.0/17",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 52.54.20.44:6080 (tcp/http) - last seen on 2024-11-07 at 05:45:02 UTC

    • IP
      52.54.20.44
      Network
      52.54.0.0/15
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://52.54.20.44:6080/ 302

      Reverse DNS
      ec2-52-54-20-44.compute-1.amazonaws.com
      ASN
      AS14618
      Organization
      AMAZON-AES
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4158c0bfa43fa6dbc546820ea549b570
      HTTP Header MD5
      8b00e5b2997f8f86a2b4d8ba1ff8fac7
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 
Cache-Control: private
Location: https://<ip>:6443/
Content-Length: 0
Date: Thu, 07 Nov 2024 05:45:01 GMT
Connection: close
Server:  


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:45:02.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "8b00e5b2997f8f86a2b4d8ba1ff8fac7",
         "headermmh3" : -899295304
      },
      "length" : 157
   },
   "asn" : "AS14618",
   "city" : "Ashburn",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 \r\nCache-Control: private\r\nLocation: https://<ip>:6443/\r\nContent-Length: 0\r\nDate: Thu, 07 Nov 2024 05:45:01 GMT\r\nConnection: close\r\nServer:  \r\n\r\n",
   "datamd5" : "4158c0bfa43fa6dbc546820ea549b570",
   "datammh3" : 1774924066,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS14618",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AT-88-Z",
      "organization" : "Amazon Technologies Inc.",
      "subnet" : "52.54.0.0/15"
   },
   "host" : [
      "ec2-52-54-20-44"
   ],
   "hostname" : [
      "ec2-52-54-20-44.compute-1.amazonaws.com"
   ],
   "ip" : "52.54.20.44",
   "ipv6" : "false",
   "latitude" : "39.0469",
   "location" : "39.0469,-77.4903",
   "longitude" : "-77.4903",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-AES",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 6080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reverse" : [
      "ec2-52-54-20-44.compute-1.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "compute-1.amazonaws.com"
   ],
   "subnet" : "52.54.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 3.120.202.152:6080 (tcp/http) - last seen on 2024-11-07 at 05:45:02 UTC

    • IP
      3.120.202.152
      Network
      3.120.0.0/13
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://3.120.202.152:6080/ 302

      Reverse DNS
      ec2-3-120-202-152.eu-central-1.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      b645cb124248db9f40138044ccf9d077
      HTTP Header MD5
      9cd65f2ee9ea3ff5b7063d9d9494b0be
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 
Cache-Control: private
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://<ip>:6443/
Content-Length: 0
Date: Thu, 07 Nov 2024 05:45:07 GMT
Connection: close
Server:  


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:45:02.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "9cd65f2ee9ea3ff5b7063d9d9494b0be",
         "headermmh3" : -1058698441
      },
      "length" : 197
   },
   "asn" : "AS16509",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 \r\nCache-Control: private\r\nExpires: Thu, 01 Jan 1970 00:00:00 UTC\r\nLocation: https://<ip>:6443/\r\nContent-Length: 0\r\nDate: Thu, 07 Nov 2024 05:45:07 GMT\r\nConnection: close\r\nServer:  \r\n\r\n",
   "datamd5" : "b645cb124248db9f40138044ccf9d077",
   "datammh3" : -1772529126,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "DE",
      "countryname" : "Germany",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "true",
      "latitude" : "51.165691",
      "location" : "51.165691,10.451526",
      "longitude" : "10.451526",
      "netname" : "AMAZO-ZFRA",
      "organization" : "A100 ROW GmbH",
      "subnet" : "3.120.0.0/14"
   },
   "host" : [
      "ec2-3-120-202-152"
   ],
   "hostname" : [
      "ec2-3-120-202-152.eu-central-1.compute.amazonaws.com"
   ],
   "ip" : "3.120.202.152",
   "ipv6" : "false",
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 6080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reverse" : [
      "ec2-3-120-202-152.eu-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-central-1.compute.amazonaws.com"
   ],
   "subnet" : "3.120.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 88.179.41.24:6080 (tcp/http) - last seen on 2024-11-07 at 05:36:36 UTC

    • IP
      88.179.41.24
      Network
      88.176.0.0/12
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://88.179.41.24:6080/ 302

      ASN
      AS12322
      Organization
      Free SAS
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      6220986d5201ab6b04924ee035f7fcd4
      HTTP Header MD5
      d4757ef5cd6ea4af2ab354870c866926
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Server: nginx
Date: Thu, 07 Nov 2024 05:36:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Location: /login.php
Expires: Thu, 07 Nov 2024 05:36:35 GMT
Cache-Control: no-cache
Cache-Control: must-revalidate,no-store


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:36.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "headermd5" : "d4757ef5cd6ea4af2ab354870c866926",
         "headermmh3" : -1315822605
      },
      "length" : 280
   },
   "asn" : "AS12322",
   "city" : "Les Epesses",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:36:36 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 0\r\nConnection: close\r\nLocation: /login.php\r\nExpires: Thu, 07 Nov 2024 05:36:35 GMT\r\nCache-Control: no-cache\r\nCache-Control: must-revalidate,no-store\r\n\r\n",
   "datamd5" : "6220986d5201ab6b04924ee035f7fcd4",
   "datammh3" : 361589339,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS12322",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "proxad.net"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "FR-PROXAD-ADSL",
      "organization" : "ProXad network / Free SAS",
      "subnet" : "88.176.0.0/13"
   },
   "ip" : "88.179.41.24",
   "ipv6" : "false",
   "latitude" : "46.8815",
   "location" : "46.8815,-0.8979",
   "longitude" : "-0.8979",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Free SAS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 6080,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "88.176.0.0/12",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 182.150.56.37:6080 (tcp/http) - last seen on 2024-11-07 at 05:35:47 UTC

    • IP
      182.150.56.37
      Network
      182.150.32.0/19
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://182.150.56.37:6080/ 404

      ASN
      AS4134
      Organization
      Chinanet
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Apache Coyote HTTP Connector 1.1
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      41836d5667f6bd0e464b0eed8bfa4387
      HTTP Header MD5
      aa28cbdae1e9219775faf08e05c40b68
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Sat, 07 Sep 2024 04:27:31 GMT
Connection: close


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:35:47.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "aa28cbdae1e9219775faf08e05c40b68",
         "headermmh3" : 328662296
      },
      "length" : 128
   },
   "asn" : "AS4134",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 404 Not Found\r\nServer: Apache-Coyote/1.1\r\nContent-Length: 0\r\nDate: Sat, 07 Sep 2024 04:27:31 GMT\r\nConnection: close\r\n\r\n",
   "datamd5" : "41836d5667f6bd0e464b0eed8bfa4387",
   "datammh3" : 1004596483,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4134",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "189.cn",
         "chinatelecom.cn",
         "sctel.com.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SC",
      "organization" : "CHINANET Sichuan province network",
      "subnet" : "182.150.32.0/19"
   },
   "ip" : "182.150.56.37",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Chinanet",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 6080,
   "product" : "Coyote HTTP Connector",
   "productvendor" : "Apache",
   "productversion" : "1.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "182.150.32.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 3.144.114.140:6080 (tcp/http) - last seen on 2024-11-07 at 05:35:45 UTC

    • IP
      3.144.114.140
      Network
      3.144.0.0/13
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://3.144.114.140:6080/ 200

      Reverse DNS
      ec2-3-144-114-140.us-east-2.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d63cb7eed856963ab82852e1f200cf51
      HTTP Header MD5
      26c1e7b2e4b9c3ad6ee704fe983ca1d9
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 200 OK


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:35:45.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "26c1e7b2e4b9c3ad6ee704fe983ca1d9",
         "headermmh3" : 1529339778
      },
      "length" : 19
   },
   "asn" : "AS16509",
   "city" : "Columbus",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\n\r\n",
   "datamd5" : "d63cb7eed856963ab82852e1f200cf51",
   "datammh3" : 1527519102,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AT-88-Z",
      "organization" : "Amazon Technologies Inc.",
      "subnet" : "3.144.0.0/13"
   },
   "host" : [
      "ec2-3-144-114-140"
   ],
   "hostname" : [
      "ec2-3-144-114-140.us-east-2.compute.amazonaws.com"
   ],
   "ip" : "3.144.114.140",
   "ipv6" : "false",
   "latitude" : "39.9625",
   "location" : "39.9625,-83.0061",
   "longitude" : "-83.0061",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 6080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-3-144-114-140.us-east-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "us-east-2.compute.amazonaws.com"
   ],
   "subnet" : "3.144.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 37.232.57.92:6080 (tcp/http) - last seen on 2024-11-07 at 05:35:24 UTC

    • IP
      37.232.57.92
      Network
      37.232.0.0/17
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://37.232.57.92:6080/ 302

      ASN
      AS35805
      Organization
      JSC Silknet
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      HTTP Component(s)
      Oracle Java
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      fff933881630537418ba1d97abd758ba
      HTTP Header MD5
      384a4bac3bdb3251a6d0c134e3d79af4
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=98D8F20906FB6C60AD1BD9AD2D986829; Path=/; HttpOnly
Location: http://<ip>:6080/arcgis
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 0
Date: Thu, 07 Nov 2024 05:35:33 GMT
Connection: close
Server:  


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:35:24.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            }
         ],
         "headermd5" : "384a4bac3bdb3251a6d0c134e3d79af4",
         "headermmh3" : 128187621
      },
      "length" : 262
   },
   "asn" : "AS35805",
   "city" : "Tbilisi",
   "country" : "GE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nSet-Cookie: JSESSIONID=98D8F20906FB6C60AD1BD9AD2D986829; Path=/; HttpOnly\r\nLocation: http://<ip>:6080/arcgis\r\nContent-Type: text/html;charset=ISO-8859-1\r\nContent-Length: 0\r\nDate: Thu, 07 Nov 2024 05:35:33 GMT\r\nConnection: close\r\nServer:  \r\n\r\n",
   "datamd5" : "fff933881630537418ba1d97abd758ba",
   "datammh3" : -410808583,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS35805",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "GE",
      "countryname" : "Georgia",
      "domain" : [
         "silknet.com"
      ],
      "isineu" : "false",
      "latitude" : "42.315407",
      "location" : "42.315407,43.356892",
      "longitude" : "43.356892",
      "netname" : "SILKNET-BROADBAND",
      "organization" : "JSC \"Silknet",
      "subnet" : "37.232.0.0/18"
   },
   "ip" : "37.232.57.92",
   "ipv6" : "false",
   "latitude" : "41.6959",
   "location" : "41.6959,44.8320",
   "longitude" : "44.8320",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "JSC Silknet",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 6080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "37.232.0.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 45.133.170.253:6080 (tcp/http) - last seen on 2024-11-07 at 05:35:04 UTC

    • IP
      45.133.170.253
      Network
      45.133.170.0/24
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://45.133.170.253:6080/ 407

      ASN
      AS61317
      Organization
      Hivelocity LLC
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a3c163caff2b5ede401bd97e6eaec7a0
      HTTP Header MD5
      301b287c0ec9681166665a260d42ad42
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 407 Proxy Authentication Required
Content-Length: 0
Proxy-Authenticate: Basic realm="Proxy"
Connection: close


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:35:04.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "301b287c0ec9681166665a260d42ad42",
         "headermmh3" : 1246278672,
         "realm" : "Proxy"
      },
      "length" : 125
   },
   "asn" : "AS61317",
   "city" : "London",
   "country" : "GB",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nContent-Length: 0\r\nProxy-Authenticate: Basic realm=\"Proxy\"\r\nConnection: close\r\n\r\n",
   "datamd5" : "a3c163caff2b5ede401bd97e6eaec7a0",
   "datammh3" : -992123332,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS55933",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "apnic.net"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "IANA-NETBLOCK-45",
      "organization" : "This network range is not fully allocated to APNIC.",
      "subnet" : "45.0.0.0/8"
   },
   "ip" : "45.133.170.253",
   "ipv6" : "false",
   "latitude" : "51.5074",
   "location" : "51.5074,-0.1196",
   "longitude" : "-0.1196",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hivelocity LLC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 6080,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "45.133.170.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 81.64.171.138:6080 (tcp/http) - last seen on 2024-11-07 at 05:27:04 UTC

    • IP
      81.64.171.138
      Network
      81.64.0.0/14
      Domain(s)
      numericable.fr
      Device

      <enterprise field>: device.class

      Operating System
      FreeBSD FreeBSD
      URL

      http://81.64.171.138:6080/ 302

      Reverse DNS
      81-64-171-138.rev.numericable.fr
      ASN
      AS15557
      Organization
      Societe Francaise Du Radiotelephone - SFR SA
      Protocol
      http
      Source
      datascan
    • Operating System
      FreeBSD FreeBSD
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e844869fbd37750bc0c86c421d76d551
      HTTP Header MD5
      8c7dac588dd0f3fc582e0e4c925f5183
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.0 302 Redirect
Server: BRCM HTTP Server
Location: https://<ip>:4430/index.html
Content-type: text/html
Connection: close


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:27:04.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "8c7dac588dd0f3fc582e0e4c925f5183",
         "headermmh3" : 1202391343
      },
      "length" : 135
   },
   "asn" : "AS15557",
   "city" : "Montpellier",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 302 Redirect\r\nServer: BRCM HTTP Server\r\nLocation: https://<ip>:4430/index.html\r\nContent-type: text/html\r\nConnection: close\r\n\r\n",
   "datamd5" : "e844869fbd37750bc0c86c421d76d551",
   "datammh3" : 2019645940,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "numericable.fr"
   ],
   "geolocus" : {
      "asn" : "AS15557",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "gaoland.net",
         "numericable.fr"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "FR-NCNUMERICABLE",
      "organization" : "End-User NUMERICABLE",
      "subnet" : "81.64.0.0/14"
   },
   "host" : [
      "81-64-171-138"
   ],
   "hostname" : [
      "81-64-171-138.rev.numericable.fr"
   ],
   "ip" : "81.64.171.138",
   "ipv6" : "false",
   "latitude" : "43.6107",
   "location" : "43.6107,3.8809",
   "longitude" : "3.8809",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Societe Francaise Du Radiotelephone - SFR SA",
   "os" : "FreeBSD",
   "osvendor" : "FreeBSD",
   "port" : 6080,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Redirect",
   "reverse" : [
      "81-64-171-138.rev.numericable.fr"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "rev.numericable.fr"
   ],
   "subnet" : "81.64.0.0/14",
   "tld" : [
      "fr"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}