ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 12 in 0.106 second(s)

  • 70.184.102.26:6668 (tcp/http) - last seen on 2024-11-07 at 05:04:30 UTC

    • IP
      70.184.102.26
      Network
      70.184.96.0/21
      Domain(s)
      cox.net
      Device

      <enterprise field>: device.class

      URL

      http://70.184.102.26:6668/ 301

      HTTP Title
      Moved Permanently
      Reverse DNS
      wsip-70-184-102-26.ph.ph.cox.net
      ASN
      AS22773
      Organization
      ASN-CXA-ALL-CCI-22773-RDC
      Protocol
      http
      Source
      urlscan::redirect

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d382aadbc98551676898bc8bcea00e8a
      HTTP Header MD5
      2c561ce2561b7f6113f96cf56b362b57
      HTTP Body MD5
      6d74b20c6fa245a96aa940816c13f6ff 
    • HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Content-Length: 98
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Nov 2024 05:04:28 GMT
Location: https://<ip>:6668/

<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>301 Moved Permanently -- </H1></BODY>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:04:30.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "6d74b20c6fa245a96aa940816c13f6ff",
         "bodymmh3" : -2097937471,
         "headermd5" : "2c561ce2561b7f6113f96cf56b362b57",
         "headermmh3" : -1989558971,
         "title" : "Moved Permanently"
      },
      "length" : 291
   },
   "asn" : "AS22773",
   "city" : "Mesa",
   "country" : "US",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nAccess-Control-Allow-Origin: *\r\nContent-Length: 98\r\nContent-Type: text/html; charset=utf-8\r\nDate: Thu, 07 Nov 2024 05:04:28 GMT\r\nLocation: https://<ip>:6668/\r\n\r\n<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>301 Moved Permanently -- </H1></BODY>",
   "datamd5" : "d382aadbc98551676898bc8bcea00e8a",
   "datammh3" : 1081650742,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cox.net"
   ],
   "forward" : "70.184.102.26",
   "geolocus" : {
      "asn" : "AS22773",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cox.com",
         "cox.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETBLK-OC-CBS-70-184-64-0",
      "organization" : "Cox Communications Inc.",
      "subnet" : "70.184.64.0/18"
   },
   "host" : [
      "wsip-70-184-102-26"
   ],
   "hostname" : [
      "70.184.102.26",
      "wsip-70-184-102-26.ph.ph.cox.net"
   ],
   "ip" : "70.184.102.26",
   "ipv6" : "false",
   "latitude" : "33.4380",
   "location" : "33.4380,-111.7118",
   "longitude" : "-111.7118",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-CXA-ALL-CCI-22773-RDC",
   "port" : 6668,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "reverse" : [
      "wsip-70-184-102-26.ph.ph.cox.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 301,
   "subdomains" : [
      "ph.ph.cox.net",
      "ph.cox.net"
   ],
   "subnet" : "70.184.96.0/21",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 70.184.102.26:6668 (tcp/http) - last seen on 2024-11-06 at 23:13:32 UTC

    • IP
      70.184.102.26
      Network
      70.184.96.0/21
      Domain(s)
      cox.net
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://70.184.102.26:6668/ 301

      HTTP Title
      Moved Permanently
      Reverse DNS
      wsip-70-184-102-26.ph.ph.cox.net
      ASN
      AS22773
      Organization
      ASN-CXA-ALL-CCI-22773-RDC
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d382aadbc98551676898bc8bcea00e8a
      HTTP Header MD5
      2c561ce2561b7f6113f96cf56b362b57
      HTTP Body MD5
      6d74b20c6fa245a96aa940816c13f6ff 
    • HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Content-Length: 98
Content-Type: text/html; charset=utf-8
Date: Wed, 06 Nov 2024 23:13:31 GMT
Location: https://<ip>:6668/

<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>301 Moved Permanently -- </H1></BODY>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T23:13:32.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "6d74b20c6fa245a96aa940816c13f6ff",
         "bodymmh3" : -2097937471,
         "headermd5" : "2c561ce2561b7f6113f96cf56b362b57",
         "headermmh3" : -854554328,
         "title" : "Moved Permanently"
      },
      "length" : 291
   },
   "asn" : "AS22773",
   "city" : "Mesa",
   "country" : "US",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nAccess-Control-Allow-Origin: *\r\nContent-Length: 98\r\nContent-Type: text/html; charset=utf-8\r\nDate: Wed, 06 Nov 2024 23:13:31 GMT\r\nLocation: https://<ip>:6668/\r\n\r\n<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>301 Moved Permanently -- </H1></BODY>",
   "datamd5" : "d382aadbc98551676898bc8bcea00e8a",
   "datammh3" : 1081650742,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cox.net"
   ],
   "geolocus" : {
      "asn" : "AS22773",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cox.com",
         "cox.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETBLK-OC-CBS-70-184-64-0",
      "organization" : "Cox Communications Inc.",
      "subnet" : "70.184.64.0/18"
   },
   "host" : [
      "wsip-70-184-102-26"
   ],
   "hostname" : [
      "wsip-70-184-102-26.ph.ph.cox.net"
   ],
   "ip" : "70.184.102.26",
   "ipv6" : "false",
   "latitude" : "33.4380",
   "location" : "33.4380,-111.7118",
   "longitude" : "-111.7118",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-CXA-ALL-CCI-22773-RDC",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 6668,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "reverse" : [
      "wsip-70-184-102-26.ph.ph.cox.net"
   ],
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "status" : 301,
   "subdomains" : [
      "ph.cox.net",
      "ph.ph.cox.net"
   ],
   "subnet" : "70.184.96.0/21",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 174.79.107.162:6668 (tcp/http) - last seen on 2024-11-04 at 09:57:46 UTC

    • IP
      174.79.107.162
      Network
      174.79.0.0/17
      Domain(s)
      cox.net
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      Operating System
      SonicWall SonicOS
      URL

      http://174.79.107.162:6668/ 302

      HTTP Title
      Policy Jump
      Reverse DNS
      wsip-174-79-107-162.ks.ks.cox.net
      ASN
      AS22773
      Organization
      ASN-CXA-ALL-CCI-22773-RDC
      Protocol
      http
      Source
      datascan
    • Operating System
      SonicWall SonicOS
      HTTP Component(s)
      SonicWall SonicWall
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      6e7b06e0cb45247a565f5e6f6202c1d3
      HTTP Header MD5
      abacb902cd555996ea7c81367d39d2cf
      HTTP Body MD5
      d40e653eeb6203b39915f4a2a6d3f66e 
    • HTTP/1.0 302 Found
Content-type: text/html
X-Content-Type-Options: nosniff
Location: http://<ip>/dynPolLoginRedirect.html?cid=0

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8">

	<title>Policy Jump</title>
	<meta name="id" content="policyJump" >
	<meta http-equiv="Expires" content="0">
</head>
<BODY>This document has moved <A href="http://<ip>/dynPolLoginRedirect.html?cid=0">here</A></BODY>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-04T09:57:46.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d40e653eeb6203b39915f4a2a6d3f66e",
         "bodymmh3" : 1728137019,
         "component" : [
            {
               "product" : "SonicWall",
               "productvendor" : "SonicWall"
            }
         ],
         "headermd5" : "abacb902cd555996ea7c81367d39d2cf",
         "headermmh3" : 1746535694,
         "title" : "Policy Jump"
      },
      "length" : 513
   },
   "asn" : "AS22773",
   "city" : "Wichita",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 302 Found\r\nContent-type: text/html\r\nX-Content-Type-Options: nosniff\r\nLocation: http://<ip>/dynPolLoginRedirect.html?cid=0\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\r\n<html>\r\n<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\r\n\r\n\t<title>Policy Jump</title>\r\n\t<meta name=\"id\" content=\"policyJump\" >\r\n\t<meta http-equiv=\"Expires\" content=\"0\">\r\n</head>\r\n<BODY>This document has moved <A href=\"http://<ip>/dynPolLoginRedirect.html?cid=0\">here</A></BODY>\r\n</html>\r\n",
   "datamd5" : "6e7b06e0cb45247a565f5e6f6202c1d3",
   "datammh3" : 1628163922,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "cox.net"
   ],
   "geolocus" : {
      "asn" : "AS22773",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cox.com",
         "cox.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AT-RDC-174-79-0-0",
      "organization" : "Cox Communications Inc.",
      "subnet" : "174.79.0.0/17"
   },
   "host" : [
      "wsip-174-79-107-162"
   ],
   "hostname" : [
      "wsip-174-79-107-162.ks.ks.cox.net"
   ],
   "ip" : "174.79.107.162",
   "ipv6" : "false",
   "latitude" : "37.6678",
   "location" : "37.6678,-97.3600",
   "longitude" : "-97.3600",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-CXA-ALL-CCI-22773-RDC",
   "os" : "SonicOS",
   "osvendor" : "SonicWall",
   "port" : 6668,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Found",
   "reverse" : [
      "wsip-174-79-107-162.ks.ks.cox.net"
   ],
   "seen_date" : "2024-11-04",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "ks.cox.net",
      "ks.ks.cox.net"
   ],
   "subnet" : "174.79.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 184.183.133.42:6668 (tcp/unknown) - last seen on 2024-10-30 at 06:29:45 UTC

    • IP
      184.183.133.42
      Network
      184.183.128.0/19
      Domain(s)
      cox.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      Reverse DNS
      wsip-184-183-133-42.hr.hr.cox.net
      ASN
      AS22773
      Organization
      ASN-CXA-ALL-CCI-22773-RDC
      Protocol
      unknown
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      34e7cfbf9cb3bc4d924c8bdb1431e439 
    • NOTICE AUTH :*** Looking up your hostname\x0d
NOTICE AUTH :*** Checking Ident\x0d
NOTICE AUTH :*** Found your hostname\x0d
:main.one4irc.org 451 *  :Register first.\x0d
NOTICE AUTH :*** No ident response\x0d

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-30T06:29:45.000Z",
   "app" : {
      "length" : 193
   },
   "asn" : "AS22773",
   "city" : "Newport News",
   "country" : "US",
   "data" : "NOTICE AUTH :*** Looking up your hostname\\x0d\nNOTICE AUTH :*** Checking Ident\\x0d\nNOTICE AUTH :*** Found your hostname\\x0d\n:main.one4irc.org 451 *  :Register first.\\x0d\nNOTICE AUTH :*** No ident response\\x0d\n",
   "datamd5" : "34e7cfbf9cb3bc4d924c8bdb1431e439",
   "datammh3" : -1967354201,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cox.net"
   ],
   "geolocus" : {
      "asn" : "AS22773",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cox.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NET-184-176-0-0-1",
      "organization" : "Cox Communications Inc.",
      "subnet" : "184.183.128.0/19"
   },
   "host" : [
      "wsip-184-183-133-42"
   ],
   "hostname" : [
      "wsip-184-183-133-42.hr.hr.cox.net"
   ],
   "ip" : "184.183.133.42",
   "ipv6" : "false",
   "latitude" : "37.0737",
   "location" : "37.0737,-76.4988",
   "longitude" : "-76.4988",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-CXA-ALL-CCI-22773-RDC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 6668,
   "protocol" : "unknown",
   "reverse" : [
      "wsip-184-183-133-42.hr.hr.cox.net"
   ],
   "seen_date" : "2024-10-30",
   "source" : "datascan",
   "subdomains" : [
      "hr.cox.net",
      "hr.hr.cox.net"
   ],
   "subnet" : "184.183.128.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 184.188.202.146:6668 (tcp/http) - last seen on 2024-10-28 at 19:15:28 UTC

    • IP
      184.188.202.146
      Network
      184.188.192.0/18
      Domain(s)
      cox.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://184.188.202.146:6668/ 404

      Reverse DNS
      wsip-184-188-202-146.cl.ri.cox.net
      ASN
      AS22773
      Organization
      ASN-CXA-ALL-CCI-22773-RDC
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      b9cc5c61524797c4565566ba31e56e7f
      HTTP Header MD5
      17eb346f8814c50286b09429de26e818
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 404 Not Found


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-28T19:15:28.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "17eb346f8814c50286b09429de26e818",
         "headermmh3" : -1050672523
      },
      "length" : 26
   },
   "asn" : "AS22773",
   "city" : "Cleveland",
   "country" : "US",
   "data" : "HTTP/1.1 404 Not Found\r\n\r\n",
   "datamd5" : "b9cc5c61524797c4565566ba31e56e7f",
   "datammh3" : 1672420803,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cox.net"
   ],
   "geolocus" : {
      "asn" : "AS22773",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cox.com",
         "cox.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETBLK-OK-CBS-184-188-192-0",
      "organization" : "Cox Communications Inc.",
      "subnet" : "184.188.192.0/18"
   },
   "host" : [
      "wsip-184-188-202-146"
   ],
   "hostname" : [
      "wsip-184-188-202-146.cl.ri.cox.net"
   ],
   "ip" : "184.188.202.146",
   "ipv6" : "false",
   "latitude" : "41.4951",
   "location" : "41.4951,-81.6939",
   "longitude" : "-81.6939",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-CXA-ALL-CCI-22773-RDC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 6668,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "reverse" : [
      "wsip-184-188-202-146.cl.ri.cox.net"
   ],
   "seen_date" : "2024-10-28",
   "source" : "datascan",
   "status" : 404,
   "subdomains" : [
      "cl.ri.cox.net",
      "ri.cox.net"
   ],
   "subnet" : "184.188.192.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 24.253.117.124:6668 (tcp/unknown) - last seen on 2024-10-28 at 08:37:37 UTC

    • IP
      24.253.117.124
      Network
      24.253.0.0/16
      Domain(s)
      cox.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      Reverse DNS
      ip24-253-117-124.lv.lv.cox.net
      ASN
      AS22773
      Organization
      ASN-CXA-ALL-CCI-22773-RDC
      Protocol
      unknown
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      c7992709b43572b939757d0334f98c3d 
    • :irc.darknet.chat NOTICE * :*** Looking up your hostname\x0d
:irc.darknet.chat NOTICE * :*** Checking Ident\x0d
:irc.darknet.chat NOTICE * :*** No Ident response\x0d
:irc.darknet.chat NOTICE * :*** Found your hostname\x0d
ERROR :Closing Link: <hostname> (Client Exit)\x0d

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-28T08:37:37.000Z",
   "app" : {
      "length" : 257
   },
   "asn" : "AS22773",
   "city" : "Henderson",
   "country" : "US",
   "data" : ":irc.darknet.chat NOTICE * :*** Looking up your hostname\\x0d\n:irc.darknet.chat NOTICE * :*** Checking Ident\\x0d\n:irc.darknet.chat NOTICE * :*** No Ident response\\x0d\n:irc.darknet.chat NOTICE * :*** Found your hostname\\x0d\nERROR :Closing Link: <hostname> (Client Exit)\\x0d\n",
   "datamd5" : "c7992709b43572b939757d0334f98c3d",
   "datammh3" : -1205478702,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cox.net"
   ],
   "geolocus" : {
      "asn" : "AS22773",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cox.com",
         "cox.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETBLK-OM-RDC-24-252-0-0",
      "organization" : "Cox Communications Inc.",
      "subnet" : "24.252.0.0/14"
   },
   "host" : [
      "ip24-253-117-124"
   ],
   "hostname" : [
      "ip24-253-117-124.lv.lv.cox.net"
   ],
   "ip" : "24.253.117.124",
   "ipv6" : "false",
   "latitude" : "36.1091",
   "location" : "36.1091,-114.9206",
   "longitude" : "-114.9206",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-CXA-ALL-CCI-22773-RDC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 6668,
   "protocol" : "unknown",
   "reverse" : [
      "ip24-253-117-124.lv.lv.cox.net"
   ],
   "seen_date" : "2024-10-28",
   "source" : "datascan",
   "subdomains" : [
      "lv.cox.net",
      "lv.lv.cox.net"
   ],
   "subnet" : "24.253.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 98.163.168.58:6668 (tcp/smtp) - last seen on 2024-10-27 at 11:11:48 UTC

    • IP
      98.163.168.58
      Network
      98.163.160.0/20
      Domain(s)
      cox.net
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      Reverse DNS
      wsip-98-163-168-58.fv.ks.cox.net
      ASN
      AS22773
      Organization
      ASN-CXA-ALL-CCI-22773-RDC
      Protocol
      smtp
      Source
      datascan
    • Operating System
      Microsoft Windows

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      127e566befe9ed23672c3f779f3fb480 
    • 220 resi-100-170-10-178-146.isp.ozarksgo.net ESMTP server licensed by Maynard Inc. ready Sun, 27 Oct 2024 06:11:37
500 Command Unknown: 'GET / HTTP/1.1'

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-27T11:11:48.000Z",
   "app" : {
      "length" : 155
   },
   "asn" : "AS22773",
   "city" : "Johnson",
   "country" : "US",
   "data" : "220 resi-100-170-10-178-146.isp.ozarksgo.net ESMTP server licensed by Maynard Inc. ready Sun, 27 Oct 2024 06:11:37\r\n500 Command Unknown: 'GET / HTTP/1.1'\r\n",
   "datamd5" : "127e566befe9ed23672c3f779f3fb480",
   "datammh3" : 1245224800,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cox.net"
   ],
   "geolocus" : {
      "asn" : "AS22773",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cox.com",
         "cox.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETBLK-RI-CB-98-163-160-0",
      "organization" : "Cox Communications Inc.",
      "subnet" : "98.163.160.0/20"
   },
   "host" : [
      "wsip-98-163-168-58"
   ],
   "hostname" : [
      "wsip-98-163-168-58.fv.ks.cox.net"
   ],
   "ip" : "98.163.168.58",
   "ipv6" : "false",
   "latitude" : "36.1313",
   "location" : "36.1313,-94.1735",
   "longitude" : "-94.1735",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-CXA-ALL-CCI-22773-RDC",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 6668,
   "protocol" : "smtp",
   "reverse" : [
      "wsip-98-163-168-58.fv.ks.cox.net"
   ],
   "seen_date" : "2024-10-27",
   "source" : "datascan",
   "subdomains" : [
      "fv.ks.cox.net",
      "ks.cox.net"
   ],
   "subnet" : "98.163.160.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • <access denied by policy>:<access denied by policy> (<access denied by policy>/<access denied by policy>) - last seen on 2024-10-23 at 01:33:29 UTC

    • IP

      <access denied by policy>

      Network

      <access denied by policy>

      Domain(s)
      Operating System

      <access denied by policy> <access denied by policy> <access denied by policy>

      Reverse DNS

      <access denied by policy>

      ASN

      <access denied by policy>

      Organization

      <access denied by policy>

      Protocol

      <access denied by policy>

      Source

      <access denied by policy>

    • Operating System

      <access denied by policy> <access denied by policy> <access denied by policy>

      Product

      <access denied by policy> <access denied by policy> <access denied by policy>

      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5

      <access denied by policy>

    • <access denied by policy>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-23T01:33:29.000Z",
   "app" : "<enterprise field>: app",
   "asn" : "<access denied by policy>",
   "city" : "<access denied by policy>",
   "country" : "<access denied by policy>",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<access denied by policy>",
   "datamd5" : "<access denied by policy>",
   "datammh3" : "<access denied by policy>",
   "device" : "<enterprise field>: device",
   "domain" : "<access denied by policy>",
   "geolocus" : "<enterprise field>: geolocus",
   "host" : "<access denied by policy>",
   "hostname" : "<access denied by policy>",
   "ip" : "<access denied by policy>",
   "ipv6" : "<access denied by policy>",
   "latitude" : "<access denied by policy>",
   "location" : "<access denied by policy>",
   "longitude" : "<access denied by policy>",
   "node" : "<enterprise field>: node",
   "organization" : "<access denied by policy>",
   "os" : "<access denied by policy>",
   "osdistribution" : "<access denied by policy>",
   "osvendor" : "<access denied by policy>",
   "port" : "<access denied by policy>",
   "product" : "<access denied by policy>",
   "productvendor" : "<access denied by policy>",
   "productversion" : "<access denied by policy>",
   "protocol" : "<access denied by policy>",
   "protocolversion" : "<access denied by policy>",
   "reverse" : "<access denied by policy>",
   "seen_date" : "<access denied by policy>",
   "source" : "<access denied by policy>",
   "subdomains" : "<access denied by policy>",
   "subnet" : "<access denied by policy>",
   "tag" : "<enterprise field>: tag",
   "tld" : "<access denied by policy>",
   "tls" : "<access denied by policy>",
   "transport" : "<access denied by policy>",
   "url" : "<access denied by policy>"
}

  • 70.169.51.206:6668 (tcp/http) - last seen on 2024-10-22 at 05:38:14 UTC

    • IP
      70.169.51.206
      Network
      70.169.48.0/20
      Domain(s)
      cox.net
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://70.169.51.206:6668/ 200

      HTTP Title
      IIS Windows
      Reverse DNS
      wsip-70-169-51-206.tu.ok.cox.net
      ASN
      AS22773
      Organization
      ASN-CXA-ALL-CCI-22773-RDC
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      Microsoft IIS 10.0
      HTTP Component(s)
      Microsoft ASP.NET
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      141865f76fe4f0942bb0273794932c8a
      HTTP Header MD5
      c45e463ffd89b34a781c977b38f3ecbc
      HTTP Body MD5
      1dd82f6fc356bc3cddf7e82615de177c 
    • HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 24 Sep 2020 15:20:35 GMT
Accept-Ranges: bytes
ETag: "a5248408692d61:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 22 Oct 2024 05:37:38 GMT
Connection: close
Content-Length: 696

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>IIS Windows</title>
<style type="text/css">
<!--
body {
	color:#000000;
	background-color:#0072C6;
	margin:0;
}

#container {
	margin-left:auto;
	margin-right:auto;
	text-align:center;
	}

a img {
	border:none;
}

-->
</style>
</head>
<body>
<div id="container">
<a href="http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409"><img src="iisstart.png" alt="IIS" width="960" height="600" /></a>
</div>
</body>
</html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-22T05:38:14.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org",
            "microsoft.com"
         ],
         "hostname" : [
            "go.microsoft.com",
            "www.w3.org"
         ],
         "url" : [
            "http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409",
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "1dd82f6fc356bc3cddf7e82615de177c",
         "bodymmh3" : 1971329886,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "header" : [
            {
               "value" : "Thu, 24 Sep 2020 15:20:35 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "a5248408692d61:0",
               "name" : "ETag"
            }
         ],
         "headermd5" : "c45e463ffd89b34a781c977b38f3ecbc",
         "headermmh3" : 1074528006,
         "title" : "IIS Windows"
      },
      "length" : 962
   },
   "asn" : "AS22773",
   "city" : "Tulsa",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nLast-Modified: Thu, 24 Sep 2020 15:20:35 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a5248408692d61:0\"\r\nServer: Microsoft-IIS/10.0\r\nX-Powered-By: ASP.NET\r\nDate: Tue, 22 Oct 2024 05:37:38 GMT\r\nConnection: close\r\nContent-Length: 696\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\r\n<title>IIS Windows</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody {\r\n\tcolor:#000000;\r\n\tbackground-color:#0072C6;\r\n\tmargin:0;\r\n}\r\n\r\n#container {\r\n\tmargin-left:auto;\r\n\tmargin-right:auto;\r\n\ttext-align:center;\r\n\t}\r\n\r\na img {\r\n\tborder:none;\r\n}\r\n\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"container\">\r\n<a href=\"http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409\"><img src=\"iisstart.png\" alt=\"IIS\" width=\"960\" height=\"600\" /></a>\r\n</div>\r\n</body>\r\n</html>",
   "datamd5" : "141865f76fe4f0942bb0273794932c8a",
   "datammh3" : 1521955469,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cox.net"
   ],
   "geolocus" : {
      "asn" : "AS22773",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cox.com",
         "cox.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETBLK-OK-CBS-70-169-48-0",
      "organization" : "Cox Communications Inc.",
      "subnet" : "70.169.48.0/20"
   },
   "host" : [
      "wsip-70-169-51-206"
   ],
   "hostname" : [
      "wsip-70-169-51-206.tu.ok.cox.net"
   ],
   "ip" : "70.169.51.206",
   "ipv6" : "false",
   "latitude" : "36.0496",
   "location" : "36.0496,-95.8858",
   "longitude" : "-95.8858",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-CXA-ALL-CCI-22773-RDC",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 6668,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "wsip-70-169-51-206.tu.ok.cox.net"
   ],
   "seen_date" : "2024-10-22",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ok.cox.net",
      "tu.ok.cox.net"
   ],
   "subnet" : "70.169.48.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 184.188.202.147:6668 (tcp/http) - last seen on 2024-10-17 at 21:32:26 UTC

    • IP
      184.188.202.147
      Network
      184.188.192.0/18
      Domain(s)
      cox.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://184.188.202.147:6668/ 404

      Reverse DNS
      wsip-184-188-202-147.cl.ri.cox.net
      ASN
      AS22773
      Organization
      ASN-CXA-ALL-CCI-22773-RDC
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      b9cc5c61524797c4565566ba31e56e7f
      HTTP Header MD5
      17eb346f8814c50286b09429de26e818
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e 
    • HTTP/1.1 404 Not Found


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-10-17T21:32:26.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "17eb346f8814c50286b09429de26e818",
         "headermmh3" : -1050672523
      },
      "length" : 26
   },
   "asn" : "AS22773",
   "city" : "Cleveland",
   "country" : "US",
   "data" : "HTTP/1.1 404 Not Found\r\n\r\n",
   "datamd5" : "b9cc5c61524797c4565566ba31e56e7f",
   "datammh3" : 1672420803,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cox.net"
   ],
   "geolocus" : {
      "asn" : "AS22773",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "cox.com",
         "cox.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETBLK-OK-CBS-184-188-192-0",
      "organization" : "Cox Communications Inc.",
      "subnet" : "184.188.192.0/18"
   },
   "host" : [
      "wsip-184-188-202-147"
   ],
   "hostname" : [
      "wsip-184-188-202-147.cl.ri.cox.net"
   ],
   "ip" : "184.188.202.147",
   "ipv6" : "false",
   "latitude" : "41.4951",
   "location" : "41.4951,-81.6939",
   "longitude" : "-81.6939",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-CXA-ALL-CCI-22773-RDC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 6668,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "reverse" : [
      "wsip-184-188-202-147.cl.ri.cox.net"
   ],
   "seen_date" : "2024-10-17",
   "source" : "datascan",
   "status" : 404,
   "subdomains" : [
      "cl.ri.cox.net",
      "ri.cox.net"
   ],
   "subnet" : "184.188.192.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}