Cyber Defense Search Engine

IP
13.247.90.89

Network
13.244.0.0/14

Domain(s)
amazonaws.com manufacturing-main.mil

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://13.247.90.89:9051/ 200

Reverse DNS
ec2-13-247-90-89.af-south-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
pilot.manufacturing-main.mil

Subject Common Name
pilot.manufacturing-main.mil

SHA256 Fingerprint
551c38d5408d95d8eb9e2aa5b3584f284ad342783fa1c7d32fd496218497d9dd

Validity Not Before
2024-11-07T04:40:55Z

Validity Not After
2026-11-07T04:40:55Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

HTTP/1.1 200 OK
Connection: keep-alive
Date: Thu, 07 Nov 2024 05:38:06 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:38:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : -954483773
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "Cape Town",
   "country" : "ZA",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Thu, 07 Nov 2024 05:38:06 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com",
      "manufacturing-main.mil"
   ],
   "fingerprint" : {
      "md5" : "eab2599ca3a8dd2213dd8a3b9399eaab",
      "sha1" : "157ac822c27726f3e78648876f75acc9d36da155",
      "sha256" : "551c38d5408d95d8eb9e2aa5b3584f284ad342783fa1c7d32fd496218497d9dd"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "ZA",
      "countryname" : "South Africa",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "-30.559482",
      "location" : "-30.559482,22.937506",
      "longitude" : "22.937506",
      "netname" : "AMAZON-CPT",
      "organization" : "Amazon Data Services South Africa",
      "subnet" : "13.244.0.0/14"
   },
   "host" : [
      "ec2-13-247-90-89",
      "pilot"
   ],
   "hostname" : [
      "ec2-13-247-90-89.af-south-1.compute.amazonaws.com",
      "pilot.manufacturing-main.mil"
   ],
   "ip" : "13.247.90.89",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "pilot.manufacturing-main.mil"
   },
   "latitude" : "-34.0486",
   "location" : "-34.0486,18.4811",
   "longitude" : "18.4811",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9051,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-13-247-90-89.af-south-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "af-south-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "pilot.manufacturing-main.mil"
   },
   "subnet" : "13.244.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "mil"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-11-07T04:40:55Z",
      "notbefore" : "2024-11-07T04:40:55Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

IP
15.157.66.168

Alternative IP(s)
3.130.204.160 3.130.253.23

Network
15.156.0.0/15

Domain(s)
amazonaws.com bank-city.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://15.157.66.168:9051/ 200

Reverse DNS
ec2-15-157-66-168.ca-central-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
prototype-control.bank-city.com

Subject Common Name
prototype-control.bank-city.com

SHA256 Fingerprint
eba19a0880e21c2b0308afe289354aed2e35969dff12df3cab0dfb81622edbe7

Validity Not Before
2024-11-06T23:25:25Z

Validity Not After
2026-11-06T23:25:25Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

HTTP/1.1 200 OK
Connection: keep-alive
Date: Wed, 06 Nov 2024 23:33:37 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T23:33:37.000Z",
   "alternativeip" : [
      "3.130.204.160",
      "3.130.253.23"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : 916498877
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "Montreal",
   "country" : "CA",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Wed, 06 Nov 2024 23:33:37 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com",
      "bank-city.com"
   ],
   "fingerprint" : {
      "md5" : "81fc3a818cbbc8ddd7bd361f8b5d8699",
      "sha1" : "14ea17319b7f04b9fc93b7e32ecc74559d9eca51",
      "sha256" : "eba19a0880e21c2b0308afe289354aed2e35969dff12df3cab0dfb81622edbe7"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "AMAZON-YUL",
      "organization" : "Amazon Data Services Canada",
      "subnet" : "15.156.0.0/15"
   },
   "host" : [
      "ec2-15-157-66-168",
      "prototype-control"
   ],
   "hostname" : [
      "ec2-15-157-66-168.ca-central-1.compute.amazonaws.com",
      "prototype-control.bank-city.com"
   ],
   "ip" : "15.157.66.168",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "prototype-control.bank-city.com"
   },
   "latitude" : "45.5075",
   "location" : "45.5075,-73.5887",
   "longitude" : "-73.5887",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9051,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-15-157-66-168.ca-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-06",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ca-central-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "prototype-control.bank-city.com"
   },
   "subnet" : "15.156.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-11-06T23:25:25Z",
      "notbefore" : "2024-11-06T23:25:25Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

IP
15.237.123.10

Network
15.236.0.0/15

Domain(s)
amazonaws.com dev-finance-west.us

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://15.237.123.10:9051/ 200

Reverse DNS
ec2-15-237-123-10.eu-west-3.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
hypervisor.dev-finance-west.us

Subject Common Name
hypervisor.dev-finance-west.us

SHA256 Fingerprint
7259c77bc680118c2157a7c652e46de7e046f39aeb6fa4005541d502d592bd6d

Validity Not Before
2024-11-06T03:40:53Z

Validity Not After
2026-11-06T03:40:53Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

HTTP/1.1 200 OK
Connection: keep-alive
Date: Wed, 06 Nov 2024 03:40:53 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T03:40:54.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : 1086902079
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "Paris",
   "country" : "FR",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Wed, 06 Nov 2024 03:40:53 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com",
      "dev-finance-west.us"
   ],
   "fingerprint" : {
      "md5" : "77207926bebe0daec1901f4738f1d35e",
      "sha1" : "5698ef0b77ec4add247e11e647cbeeecb507075a",
      "sha256" : "7259c77bc680118c2157a7c652e46de7e046f39aeb6fa4005541d502d592bd6d"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "AMAZON-CDG",
      "organization" : "Amazon Data Services France",
      "subnet" : "15.236.0.0/15"
   },
   "host" : [
      "ec2-15-237-123-10",
      "hypervisor"
   ],
   "hostname" : [
      "ec2-15-237-123-10.eu-west-3.compute.amazonaws.com",
      "hypervisor.dev-finance-west.us"
   ],
   "ip" : "15.237.123.10",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "hypervisor.dev-finance-west.us"
   },
   "latitude" : "48.8323",
   "location" : "48.8323,2.4075",
   "longitude" : "2.4075",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9051,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-15-237-123-10.eu-west-3.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-06",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-west-3.compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "hypervisor.dev-finance-west.us"
   },
   "subnet" : "15.236.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "us"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-11-06T03:40:53Z",
      "notbefore" : "2024-11-06T03:40:53Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

IP
18.134.130.220

Network
18.132.0.0/14

Domain(s)
amazonaws.com development-mainfinance.us

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://18.134.130.220:9051/ 200

Reverse DNS
ec2-18-134-130-220.eu-west-2.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
servicenow.development-mainfinance.us

Subject Common Name
servicenow.development-mainfinance.us

SHA256 Fingerprint
9d94e1ea1a0d5c8703b87d07e3b6666054597b7d5dd3d7246bad65a1bd2cc535

Validity Not Before
2024-11-05T22:49:51Z

Validity Not After
2026-11-05T22:49:51Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

HTTP/1.1 200 OK
Connection: keep-alive
Date: Tue, 05 Nov 2024 23:01:24 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T23:01:24.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : -347120640
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "London",
   "country" : "GB",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Tue, 05 Nov 2024 23:01:24 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com",
      "development-mainfinance.us"
   ],
   "fingerprint" : {
      "md5" : "c750641b2440c20122392f7d9de263bb",
      "sha1" : "9fe62b799a98dc93f6ec8eca2215ed25c7a5434f",
      "sha256" : "9d94e1ea1a0d5c8703b87d07e3b6666054597b7d5dd3d7246bad65a1bd2cc535"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "GB",
      "countryname" : "United Kingdom",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "55.378051",
      "location" : "55.378051,-3.435973",
      "longitude" : "-3.435973",
      "netname" : "AMAZON-LHR",
      "organization" : "Amazon Data Services UK",
      "subnet" : "18.132.0.0/14"
   },
   "host" : [
      "ec2-18-134-130-220",
      "servicenow"
   ],
   "hostname" : [
      "ec2-18-134-130-220.eu-west-2.compute.amazonaws.com",
      "servicenow.development-mainfinance.us"
   ],
   "ip" : "18.134.130.220",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "servicenow.development-mainfinance.us"
   },
   "latitude" : "51.5088",
   "location" : "51.5088,-0.0930",
   "longitude" : "-0.0930",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9051,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-18-134-130-220.eu-west-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-05",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-west-2.compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "servicenow.development-mainfinance.us"
   },
   "subnet" : "18.132.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "us"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-11-05T22:49:51Z",
      "notbefore" : "2024-11-05T22:49:51Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

IP
15.228.234.30

Network
15.228.0.0/15

Domain(s)
amazonaws.com private-bright-electric.ua

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://15.228.234.30:9051/ 200

Reverse DNS
ec2-15-228-234-30.sa-east-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
appliance.private-bright-electric.ua

Subject Common Name
appliance.private-bright-electric.ua

SHA256 Fingerprint
d267c86aee13ddbb9f48140eae607e8b5b85de1b9d7a9e8b0c4da366ff25aedd

Validity Not Before
2024-11-03T15:54:20Z

Validity Not After
2026-11-03T15:54:20Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

Favicon MD5
2b86aa50c3a66bb77ff07c42cc051dcc

Favicon MMH3
-1216248324

HTTP/1.1 200 OK
Connection: keep-alive
Date: Sun, 03 Nov 2024 15:54:21 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-03T16:31:32.000Z",
   "app" : {
      "favicon" : {
         "image" : "AAABAAIAEBAQAAAAAAAoAQAAJgAAACAgEAAAAAAA6AIAAE4BAAAoAAAAEAAAACAAAAABAAQAAAAAAIAAAAAAAAAAAAAAABAAAAAQAAAAAAAAAAAAgAAAgAAAAICAAIAAAACAAIAAgIAAAICAgADAwMAAAAD/AAD/AAAA//8A/wAAAP8A/wD//wAA////AAAAAAAAAAAAAABERERERAAABEREREREAABERAAAAAAAAERAAAAAAAAEREAAAAAAAAREREREREQABERERERERAAEREAAAAAAAAREQAAAAAAAAEREAAAAAAAARERAAAAAAAAEREREREQAAAAERERERAAAAAAAAAAAAAAAAAAAAAAA//8AAPADAADgAwAAw/8AAMf/AACH/wAAgAMAAIADAACH/wAAh/8AAMP/AADB/wAA4AMAAPgDAAD//wAA//8AACgAAAAgAAAAQAAAAAEABAAAAAAAAAIAAAAAAAAAAAAAEAAAABAAAAAAAAAAAACAAACAAAAAgIAAgAAAAIAAgACAgAAAgICAAMDAwAAAAP8AAP8AAAD//wD/AAAA/wD/AP//AAD///8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEREREREREREQAAAAAAAAEREREREREREREAAAAAAAERERERERERERERAAAAAAAREREREREREREREQAAAAABEREREREREREREREAAAAAAREREREAAAAAAAAAAAAAABEREREQAAAAAAAAAAAAAAARERERAAAAAAAAAAAAAAAAEREREAAAAAAAAAAAAAAAARERERAAAAAAAAAAAAAAAAEREREQAAAAAAAAAAAAAAABERERERERERERERERAAAAAREREREREREREREREQAAAAEREREREREREREREREAAAABERERERERERERERERAAAAAREREREREREREREREQAAAAEREREQAAAAAAAAAAAAAAAAEREREAAAAAAAAAAAAAAAABEREREAAAAAAAAAAAAAAAAREREREAAAAAAAAAAAAAAAAREREREAAAAAAAAAAAAAAAAREREREREREREREQAAAAAAEREREREREREREREAAAAAAAERERERERERERERAAAAAAAAAREREREREREREQAAAAAAAAABEREREREREREAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////////4AAP/4AAD/4AAA/8AAAP+AAAD/gD///wB///8A////Af///gH///4B///+AAAA/gAAAP4AAAD+AAAA/gAAAP4B////Af///wD///8Af///gD///8AAAP/AAAD/4AAA//gAAP/+AAD////////////////w==",
         "imagemd5" : "2b86aa50c3a66bb77ff07c42cc051dcc",
         "imagemmh3" : -1216248324,
         "length" : 1078,
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : 1946586318
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "S\u00e3o Paulo",
   "country" : "BR",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Sun, 03 Nov 2024 15:54:21 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com",
      "private-bright-electric.ua"
   ],
   "fingerprint" : {
      "md5" : "9c8efbfc76d4af7dfdcff4c7623b5bfe",
      "sha1" : "46ee4b55d319deef0b76ce5ad88803f8d1909c77",
      "sha256" : "d267c86aee13ddbb9f48140eae607e8b5b85de1b9d7a9e8b0c4da366ff25aedd"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "AMAZON-GRU",
      "organization" : "Amazon Data Services Brazil",
      "subnet" : "15.228.0.0/15"
   },
   "host" : [
      "appliance",
      "ec2-15-228-234-30"
   ],
   "hostname" : [
      "appliance.private-bright-electric.ua",
      "ec2-15-228-234-30.sa-east-1.compute.amazonaws.com"
   ],
   "ip" : "15.228.234.30",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "appliance.private-bright-electric.ua"
   },
   "latitude" : "-23.5335",
   "location" : "-23.5335,-46.6359",
   "longitude" : "-46.6359",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9051,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-15-228-234-30.sa-east-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-03",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "sa-east-1.compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "appliance.private-bright-electric.ua"
   },
   "subnet" : "15.228.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "ua"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-11-03T15:54:20Z",
      "notbefore" : "2024-11-03T15:54:20Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

IP
13.38.122.123

Network
13.36.0.0/14

Domain(s)
amazonaws.com novelpower.org

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://13.38.122.123:9051/ 200

Reverse DNS
ec2-13-38-122-123.eu-west-3.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
staging.novelpower.org

Subject Common Name
staging.novelpower.org

SHA256 Fingerprint
35611a739a4ecad57b14280c72eeac0d5bdecf38f20da3fd75d6f6ab504e3051

Validity Not Before
2024-11-03T14:30:10Z

Validity Not After
2026-11-03T14:30:10Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

HTTP/1.1 200 OK
Connection: keep-alive
Date: Sun, 03 Nov 2024 14:30:10 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-03T14:30:12.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : -1024704819
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "Paris",
   "country" : "FR",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Sun, 03 Nov 2024 14:30:10 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com",
      "novelpower.org"
   ],
   "fingerprint" : {
      "md5" : "0619e87dc2922d4aa1173f2bce61fa6d",
      "sha1" : "659558e9808ba89052f6235c2c7b6985d0b98a53",
      "sha256" : "35611a739a4ecad57b14280c72eeac0d5bdecf38f20da3fd75d6f6ab504e3051"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "AMAZON-CDG",
      "organization" : "Amazon Data Services France",
      "subnet" : "13.36.0.0/14"
   },
   "host" : [
      "ec2-13-38-122-123",
      "staging"
   ],
   "hostname" : [
      "ec2-13-38-122-123.eu-west-3.compute.amazonaws.com",
      "staging.novelpower.org"
   ],
   "ip" : "13.38.122.123",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "staging.novelpower.org"
   },
   "latitude" : "48.8323",
   "location" : "48.8323,2.4075",
   "longitude" : "2.4075",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9051,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-13-38-122-123.eu-west-3.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-03",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-west-3.compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "staging.novelpower.org"
   },
   "subnet" : "13.36.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "org"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-11-03T14:30:10Z",
      "notbefore" : "2024-11-03T14:30:10Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

IP
54.94.33.152

Alternative IP(s)
89.31.143.90

Network
54.94.0.0/15

Domain(s)
amazonaws.com medicine-future.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://54.94.33.152:9051/ 200

Reverse DNS
ec2-54-94-33-152.sa-east-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
corp.qnap.medicine-future.com

Subject Common Name
corp.qnap.medicine-future.com

SHA256 Fingerprint
9c64536da2f80c090239a3fe587ba4ac1fc3f37c90d94c7923aa423387cfc737

Validity Not Before
2024-11-01T23:28:07Z

Validity Not After
2026-11-01T23:28:07Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

HTTP/1.1 200 OK
Connection: keep-alive
Date: Sat, 02 Nov 2024 00:06:20 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-02T00:06:20.000Z",
   "alternativeip" : [
      "89.31.143.90"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : 1336900288
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "S\u00e3o Paulo",
   "country" : "BR",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Sat, 02 Nov 2024 00:06:20 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com",
      "medicine-future.com"
   ],
   "fingerprint" : {
      "md5" : "9c2d1f85c84b4cc1bfb29f76494e86f7",
      "sha1" : "7b2f7185ff37e1892a202882719d10a6596a00b1",
      "sha256" : "9c64536da2f80c090239a3fe587ba4ac1fc3f37c90d94c7923aa423387cfc737"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "AMAZON-GRU",
      "organization" : "Amazon Data Services Brazil",
      "subnet" : "54.94.0.0/16"
   },
   "host" : [
      "corp",
      "ec2-54-94-33-152"
   ],
   "hostname" : [
      "corp.qnap.medicine-future.com",
      "ec2-54-94-33-152.sa-east-1.compute.amazonaws.com"
   ],
   "ip" : "54.94.33.152",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "corp.qnap.medicine-future.com"
   },
   "latitude" : "-23.5335",
   "location" : "-23.5335,-46.6359",
   "longitude" : "-46.6359",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9051,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-54-94-33-152.sa-east-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-02",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "qnap.medicine-future.com",
      "sa-east-1.compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "corp.qnap.medicine-future.com"
   },
   "subnet" : "54.94.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-11-01T23:28:07Z",
      "notbefore" : "2024-11-01T23:28:07Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

IP
54.202.219.237

Network
54.200.0.0/14

Domain(s)
amazonaws.com internal-finance-today.org

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://54.202.219.237:9051/ 200

Reverse DNS
ec2-54-202-219-237.us-west-2.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
sslvpn.internal-finance-today.org

Subject Common Name
sslvpn.internal-finance-today.org

SHA256 Fingerprint
7ada6000663adbf0fb2895e843b9b641a985fec9d6aa9727dca9009050bda48e

Validity Not Before
2024-10-30T07:56:40Z

Validity Not After
2026-10-30T07:56:40Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

HTTP/1.1 200 OK
Connection: keep-alive
Date: Wed, 30 Oct 2024 08:21:05 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-30T08:21:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : 665481298
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "Boardman",
   "country" : "US",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Wed, 30 Oct 2024 08:21:05 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com",
      "internal-finance-today.org"
   ],
   "fingerprint" : {
      "md5" : "60ac844a6fd2211ff24ecae1ddb76b04",
      "sha1" : "eaadda47e9dd8e5885f0ac72ce8a84bf4c83acec",
      "sha256" : "7ada6000663adbf0fb2895e843b9b641a985fec9d6aa9727dca9009050bda48e"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AMAZO-ZPDX6",
      "organization" : "Amazon.com, Inc.",
      "subnet" : "54.200.0.0/14"
   },
   "host" : [
      "ec2-54-202-219-237",
      "sslvpn"
   ],
   "hostname" : [
      "ec2-54-202-219-237.us-west-2.compute.amazonaws.com",
      "sslvpn.internal-finance-today.org"
   ],
   "ip" : "54.202.219.237",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "sslvpn.internal-finance-today.org"
   },
   "latitude" : "45.8234",
   "location" : "45.8234,-119.7257",
   "longitude" : "-119.7257",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9051,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-54-202-219-237.us-west-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-10-30",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "us-west-2.compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "sslvpn.internal-finance-today.org"
   },
   "subnet" : "54.200.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "org"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-10-30T07:56:40Z",
      "notbefore" : "2024-10-30T07:56:40Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

IP
54.241.222.74

Network
54.241.0.0/16

Domain(s)
amazonaws.com research-navy-main.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://54.241.222.74:9051/ 200

Reverse DNS
ec2-54-241-222-74.us-west-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
mfa.research-navy-main.com

Subject Common Name
mfa.research-navy-main.com

SHA256 Fingerprint
275f027fc91c8b8c5cc76541fe724d58972cd4d956f413e0d533af1575560851

Validity Not Before
2024-10-30T07:51:37Z

Validity Not After
2026-10-30T07:51:37Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

HTTP/1.1 200 OK
Connection: keep-alive
Date: Wed, 30 Oct 2024 08:20:06 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-30T08:20:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : 1539566668
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "San Jose",
   "country" : "US",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Wed, 30 Oct 2024 08:20:06 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com",
      "research-navy-main.com"
   ],
   "fingerprint" : {
      "md5" : "e424c54e6d588afcf6d585154cd5b1ae",
      "sha1" : "4bec813188dd240b1d7316907285c39e02940e06",
      "sha256" : "275f027fc91c8b8c5cc76541fe724d58972cd4d956f413e0d533af1575560851"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AMAZON-2011L",
      "organization" : "Amazon Technologies Inc.",
      "subnet" : "54.241.0.0/16"
   },
   "host" : [
      "ec2-54-241-222-74",
      "mfa"
   ],
   "hostname" : [
      "ec2-54-241-222-74.us-west-1.compute.amazonaws.com",
      "mfa.research-navy-main.com"
   ],
   "ip" : "54.241.222.74",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "mfa.research-navy-main.com"
   },
   "latitude" : "37.1835",
   "location" : "37.1835,-121.7714",
   "longitude" : "-121.7714",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9051,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-54-241-222-74.us-west-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-10-30",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "us-west-1.compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "mfa.research-navy-main.com"
   },
   "subnet" : "54.241.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-10-30T07:51:37Z",
      "notbefore" : "2024-10-30T07:51:37Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

IP
18.228.193.154

Network
18.224.0.0/13

Domain(s)
amazonaws.com private-main-energy.ca

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://18.228.193.154:9051/ 200

Reverse DNS
ec2-18-228-193-154.sa-east-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel
Issuer Common Name
helpdesk.private-main-energy.ca

Subject Common Name
helpdesk.private-main-energy.ca

SHA256 Fingerprint
13ea041af0153ea4bab8867c59579a21c76bdad94f3029918aae88cba23dc919

Validity Not Before
2024-10-30T03:09:09Z

Validity Not After
2026-10-30T03:09:09Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

HTTP/1.1 200 OK
Connection: keep-alive
Date: Wed, 30 Oct 2024 03:44:16 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-30T03:44:17.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : -1326955125
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "S\u00e3o Paulo",
   "country" : "BR",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Wed, 30 Oct 2024 03:44:16 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com",
      "private-main-energy.ca"
   ],
   "fingerprint" : {
      "md5" : "30b4a1e797aba7bf0e43e1bfcc75698e",
      "sha1" : "caf17f5b4a49dfd6a1197f22d3445727ab22c0e8",
      "sha256" : "13ea041af0153ea4bab8867c59579a21c76bdad94f3029918aae88cba23dc919"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "AMAZON-GRU",
      "organization" : "Amazon Data Services Brazil",
      "subnet" : "18.228.0.0/14"
   },
   "host" : [
      "ec2-18-228-193-154",
      "helpdesk"
   ],
   "hostname" : [
      "ec2-18-228-193-154.sa-east-1.compute.amazonaws.com",
      "helpdesk.private-main-energy.ca"
   ],
   "ip" : "18.228.193.154",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "helpdesk.private-main-energy.ca"
   },
   "latitude" : "-23.5335",
   "location" : "-23.5335,-46.6359",
   "longitude" : "-46.6359",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 9051,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-18-228-193-154.sa-east-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-10-30",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "sa-east-1.compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "helpdesk.private-main-energy.ca"
   },
   "subnet" : "18.224.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ca",
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-10-30T03:09:09Z",
      "notbefore" : "2024-10-30T03:09:09Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

Returning 10 result(s) out of 84 in 0.243 second(s)

13.247.90.89:9051 (tcp/http/tls) - last seen on 2024-11-07 at 05:38:06 UTC

15.157.66.168:9051 (tcp/http/tls) - last seen on 2024-11-06 at 23:33:37 UTC

15.237.123.10:9051 (tcp/http/tls) - last seen on 2024-11-06 at 03:40:54 UTC

18.134.130.220:9051 (tcp/http/tls) - last seen on 2024-11-05 at 23:01:24 UTC

15.228.234.30:9051 (tcp/http/tls) - last seen on 2024-11-03 at 16:31:32 UTC

13.38.122.123:9051 (tcp/http/tls) - last seen on 2024-11-03 at 14:30:12 UTC

54.94.33.152:9051 (tcp/http/tls) - last seen on 2024-11-02 at 00:06:20 UTC

54.202.219.237:9051 (tcp/http/tls) - last seen on 2024-10-30 at 08:21:05 UTC

54.241.222.74:9051 (tcp/http/tls) - last seen on 2024-10-30 at 08:20:06 UTC

18.228.193.154:9051 (tcp/http/tls) - last seen on 2024-10-30 at 03:44:17 UTC