Cyber Defense Search Engine

IP
86.124.37.22

Network
86.124.0.0/16

Domain(s)
rdsnet.ro

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

Reverse DNS
static-86-124-37-22.rdsnet.ro

ASN
AS8708

Organization
Digi Romania S.A.

Protocol
mysql

Source
datascan
Operating System
Microsoft Windows

Product
Oracle MySQL 5.1.53

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e849e667160790f377afcddabb1ed884

B\x00\x00\x00
5.1.53-community-log\x00\xc0\xa9\x00\x00UR{7?sJW\x00\xff\xf7\x08\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00U$TYD(;-qqd$\x00

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:45:26.000Z",
   "app" : {
      "length" : 70
   },
   "asn" : "AS8708",
   "city" : "Constan\u021ba",
   "country" : "RO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "B\\x00\\x00\\x00\n5.1.53-community-log\\x00\\xc0\\xa9\\x00\\x00UR{7?sJW\\x00\\xff\\xf7\\x08\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00U$TYD(;-qqd$\\x00",
   "datamd5" : "e849e667160790f377afcddabb1ed884",
   "datammh3" : -86398612,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "rdsnet.ro"
   ],
   "host" : [
      "static-86-124-37-22"
   ],
   "hostname" : [
      "static-86-124-37-22.rdsnet.ro"
   ],
   "ip" : "86.124.37.22",
   "ipv6" : "false",
   "latitude" : "44.1770",
   "location" : "44.1770,28.6289",
   "longitude" : "28.6289",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Digi Romania S.A.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9401,
   "product" : "MySQL",
   "productvendor" : "Oracle",
   "productversion" : "5.1.53",
   "protocol" : "mysql",
   "reverse" : [
      "static-86-124-37-22.rdsnet.ro"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "86.124.0.0/16",
   "tld" : [
      "ro"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
202.142.151.155

Network
202.142.151.0/24

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS140607

Organization
Sign In PVT LTD

Protocol
unknown Cert not expired unknown

Source
datascan
Operating System
Microsoft Windows

HTTP Component(s)
Veeam Backup & Replication

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Veeam Backup Server Certificate

Subject Common Name
Veeam Backup Server Certificate

SHA256 Fingerprint
461205a86345a7f7d3a886ab75457fa3c2a7dbfd3921e3c8946ed13cf53d2abf

Validity Not Before
2023-04-05T09:37:03Z

Validity Not After
2033-04-05T09:37:03Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5b1ad04637eedf255ed4f452cd26b3ed
```
\x0b
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:43:52.000Z",
   "app" : {
      "http" : {
         "component" : [
            {
               "productvendor" : "Veeam",
               "product" : "Backup & Replication"
            }
         ]
      },
      "length" : 2
   },
   "asn" : "AS140607",
   "basicconstraints" : "critical",
   "ca" : "true",
   "country" : "PK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n\\x0b",
   "datamd5" : "5b1ad04637eedf255ed4f452cd26b3ed",
   "datammh3" : 570098768,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "fingerprint" : {
      "md5" : "dc6c84ee4dacdbb1f11374ba9b3fe526",
      "sha1" : "3392eeacece795712a007d3e2021049785e89d8c",
      "sha256" : "461205a86345a7f7d3a886ab75457fa3c2a7dbfd3921e3c8946ed13cf53d2abf"
   },
   "geolocus" : {
      "asn" : "AS140607",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "PK",
      "countryname" : "Pakistan",
      "domain" : [
         "gerrys.net"
      ],
      "isineu" : "false",
      "latitude" : "30.375321",
      "location" : "30.375321,69.345116",
      "longitude" : "69.345116",
      "netname" : "GERRYSNET",
      "organization" : "Gerrys Information Technology (PVT) Ltd",
      "subnet" : "202.142.151.128/25"
   },
   "ip" : "202.142.151.155",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Veeam Backup Server Certificate"
   },
   "latitude" : "30.0000",
   "location" : "30.0000,70.0000",
   "longitude" : "70.0000",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Sign In PVT LTD",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9401,
   "protocol" : "unknown",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-07",
   "serial" : "4d:12:93:65:e4:d8:90:b8:4e:70:7f:ef:cf:3a:7a:a7",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "commonname" : "Veeam Backup Server Certificate"
   },
   "subnet" : "202.142.151.0/24",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2033-04-05T09:37:03Z",
      "notbefore" : "2023-04-05T09:37:03Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
197.220.7.113

Network
197.220.0.0/19

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS36959

Organization
afczas

Protocol
wcf Cert not expired wcf

Source
datascan
Operating System
Microsoft Windows

Product
Veeam Veeam Backup Service 12.0.0.0

HTTP Component(s)
Veeam Backup & Replication

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Veeam Backup Server Certificate

Subject Common Name
Veeam Backup Server Certificate

SHA256 Fingerprint
7c159e294ae968cfb9efd6a5c98946fe3f25e1cf57b8faad6626bdf6c20ad6c3

Validity Not Before
2023-10-03T09:11:43Z

Validity Not After
2033-10-03T09:11:43Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
99527102258c4098c1151c7c32c3ef23


\x0b\x06\xa8\x0f\xc3\x01\x1aCRemoteInvokeExceptionInfoMhttp://schemas.datacontract.org/2004/07/Veeam.Backup.Interaction.MountService)http://www.w3.org/2001/XMLSchema-instance\x1bFirstChanceExceptionMessage\x13SerializedExceptionV\x02\x0b\x01s\x04\x0b\x01a\x06V\x08D
\x1e\x00\x82\x99Mhttp://tempuri.org/IRemoteInvokeService/InvokeCRemoteInvokeExceptionInfoFaultD\x12\xadA\xbc\x9d\xe7;\xc4pE\x81\xfeME_\x94\x0d\x8fD\x0c\x1e\x00\x82\xab\x14\x01V\x0eV\x86\x01V\x8e\x01V\x9a\x01\x98\x01s\x98\x01:\x99\x06Sender\x01V\x90\x01V\x92\x01\x05\x03xml\x04lang\x98\x05en-US\x99\x0dAccess denied\x01V\x98\x01B\x01
\x03\x0b\x01i\x05B\x07\x99\x0dAccess deniedB	\x9a\x00\x06AAEAAAD/////AQAAAAAAAAAEAQAAACFTeXN0ZW0uU2VjdXJpdHkuU2VjdXJpdHlFeGNlcHRpb24YAAAACUNsYXNzTmFtZQdNZXNzYWdlBERhdGEOSW5uZXJFeGNlcHRpb24HSGVscFVSTBBTdGFja1RyYWNlU3RyaW5nFlJlbW90ZVN0YWNrVHJhY2VTdHJpbmcQUmVtb3RlU3RhY2tJbmRleA9FeGNlcHRpb25NZXRob2QHSFJlc3VsdAZTb3VyY2UNV2F0c29uQnVja2V0cwZBY3Rpb24ZRmlyc3RQZXJtaXNzaW9uVGhhdEZhaWxlZAhEZW1hbmRlZApHcmFudGVkU2V0ClJlZnVzZWRTZXQGRGVuaWVkClBlcm1pdE9ubHkIQXNzZW1ibHkGTWV0aG9kDU1ldGhvZF9TdHJpbmcEWm9uZQNVcmwBAQMDAQEBAAEAAQcDAQEBAQEBAwcBAwEeU3lzdGVtLkNvbGxlY3Rpb25zLklEaWN0aW9uYXJ5EFN5c3RlbS5FeGNlcHRpb24ICAIqU3lzdGVtLlNlY3VyaXR5LlBlcm1pc3Npb25zLlNlY3VyaXR5QWN0aW9uHlN5c3RlbS5SZWZsZWN0aW9uLkFzc2VtYmx5TmFtZQIcU3lzdGVtLlNlY3VyaXR5LlNlY3VyaXR5Wm9uZQYCAAAAIVN5c3RlbS5TZWN1cml0eS5TZWN1cml0eUV4Y2VwdGlvbgYDAAAADUFjY2VzcyBkZW5pZWQKCgoGBAAAAMYBICAgYXQgVmVlYW0uQmFja3VwLlNlcnZpY2VMaWIuQ1Jlc3RvcmVTZXNzaW9uVG9rZW5WYWxpZGF0b3IuVmFsaWRhdGUoQ0F1dGhUb2tlbiBhdXRoVG9rZW4pDQogICBhdCBWZWVhbS5CYWNrdXAuU2VydmljZUxpYi5DVmJSZXN0b3JlU2VydmljZVN0dWIuSW52b2tlKFN0cmluZyBzY29wZSwgU3RyaW5nIG1ldGhvZCwgU3RyaW5nIHBhcmFtZXRlcnMpCgAAAAAGBQAAAMkBOApWYWxpZGF0ZQpWZWVhbS5CYWNrdXAuU2VydmljZUxpYiwgVmVyc2lvbj0xMi4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iZmQ2ODRkZTIyNzY3ODNhClZlZWFtLkJhY2t1cC5TZXJ2aWNlTGliLkNSZXN0b3JlU2Vzc2lvblRva2VuVmFsaWRhdG9yClZvaWQgVmFsaWRhdGUoVmVlYW0uQmFja3VwLk1vZGVsLkNBdXRoVG9rZW4pChUTgAYGAAAAF1ZlZWFtLkJhY2t1cC5TZXJ2aWNlTGliCgT5////KlN5c3RlbS5TZWN1cml0eS5QZXJtaXNzaW9ucy5TZWN1cml0eUFjdGlvbgEAAAAHdmFsdWVfXwAIAAAAAAoKCgoKCgoKCgT4////HFN5c3RlbS5TZWN1cml0eS5TZWN1cml0eVpvbmUBAAAAB3ZhbHVlX18ACAAAAAAKCw==\x01\x01\x01\x01

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:43:50.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "datacontract.org",
            "tempuri.org"
         ],
         "hostname" : [
            "schemas.datacontract.org",
            "tempuri.org"
         ],
         "url" : [
            "http://schemas.datacontract.org/2004/07/Veeam.Backup.Interaction.MountService)http://www.w3.org/2001/XMLSchema-instance",
            "http://tempuri.org/IRemoteInvokeService/InvokeCRemoteInvokeExceptionInfoFaultD"
         ]
      },
      "http" : {
         "component" : [
            {
               "product" : "Backup & Replication",
               "productvendor" : "Veeam"
            }
         ]
      },
      "length" : 1963
   },
   "asn" : "AS36959",
   "basicconstraints" : "critical",
   "ca" : "true",
   "country" : "ZM",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n\\x0b\\x06\\xa8\\x0f\\xc3\\x01\\x1aCRemoteInvokeExceptionInfoMhttp://schemas.datacontract.org/2004/07/Veeam.Backup.Interaction.MountService)http://www.w3.org/2001/XMLSchema-instance\\x1bFirstChanceExceptionMessage\\x13SerializedExceptionV\\x02\\x0b\\x01s\\x04\\x0b\\x01a\\x06V\\x08D\n\\x1e\\x00\\x82\\x99Mhttp://tempuri.org/IRemoteInvokeService/InvokeCRemoteInvokeExceptionInfoFaultD\\x12\\xadA\\xbc\\x9d\\xe7;\\xc4pE\\x81\\xfeME_\\x94\\x0d\\x8fD\\x0c\\x1e\\x00\\x82\\xab\\x14\\x01V\\x0eV\\x86\\x01V\\x8e\\x01V\\x9a\\x01\\x98\\x01s\\x98\\x01:\\x99\\x06Sender\\x01V\\x90\\x01V\\x92\\x01\\x05\\x03xml\\x04lang\\x98\\x05en-US\\x99\\x0dAccess denied\\x01V\\x98\\x01B\\x01\n\\x03\\x0b\\x01i\\x05B\\x07\\x99\\x0dAccess deniedB\t\\x9a\\x00\\x06AAEAAAD/////AQAAAAAAAAAEAQAAACFTeXN0ZW0uU2VjdXJpdHkuU2VjdXJpdHlFeGNlcHRpb24YAAAACUNsYXNzTmFtZQdNZXNzYWdlBERhdGEOSW5uZXJFeGNlcHRpb24HSGVscFVSTBBTdGFja1RyYWNlU3RyaW5nFlJlbW90ZVN0YWNrVHJhY2VTdHJpbmcQUmVtb3RlU3RhY2tJbmRleA9FeGNlcHRpb25NZXRob2QHSFJlc3VsdAZTb3VyY2UNV2F0c29uQnVja2V0cwZBY3Rpb24ZRmlyc3RQZXJtaXNzaW9uVGhhdEZhaWxlZAhEZW1hbmRlZApHcmFudGVkU2V0ClJlZnVzZWRTZXQGRGVuaWVkClBlcm1pdE9ubHkIQXNzZW1ibHkGTWV0aG9kDU1ldGhvZF9TdHJpbmcEWm9uZQNVcmwBAQMDAQEBAAEAAQcDAQEBAQEBAwcBAwEeU3lzdGVtLkNvbGxlY3Rpb25zLklEaWN0aW9uYXJ5EFN5c3RlbS5FeGNlcHRpb24ICAIqU3lzdGVtLlNlY3VyaXR5LlBlcm1pc3Npb25zLlNlY3VyaXR5QWN0aW9uHlN5c3RlbS5SZWZsZWN0aW9uLkFzc2VtYmx5TmFtZQIcU3lzdGVtLlNlY3VyaXR5LlNlY3VyaXR5Wm9uZQYCAAAAIVN5c3RlbS5TZWN1cml0eS5TZWN1cml0eUV4Y2VwdGlvbgYDAAAADUFjY2VzcyBkZW5pZWQKCgoGBAAAAMYBICAgYXQgVmVlYW0uQmFja3VwLlNlcnZpY2VMaWIuQ1Jlc3RvcmVTZXNzaW9uVG9rZW5WYWxpZGF0b3IuVmFsaWRhdGUoQ0F1dGhUb2tlbiBhdXRoVG9rZW4pDQogICBhdCBWZWVhbS5CYWNrdXAuU2VydmljZUxpYi5DVmJSZXN0b3JlU2VydmljZVN0dWIuSW52b2tlKFN0cmluZyBzY29wZSwgU3RyaW5nIG1ldGhvZCwgU3RyaW5nIHBhcmFtZXRlcnMpCgAAAAAGBQAAAMkBOApWYWxpZGF0ZQpWZWVhbS5CYWNrdXAuU2VydmljZUxpYiwgVmVyc2lvbj0xMi4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iZmQ2ODRkZTIyNzY3ODNhClZlZWFtLkJhY2t1cC5TZXJ2aWNlTGliLkNSZXN0b3JlU2Vzc2lvblRva2VuVmFsaWRhdG9yClZvaWQgVmFsaWRhdGUoVmVlYW0uQmFja3VwLk1vZGVsLkNBdXRoVG9rZW4pChUTgAYGAAAAF1ZlZWFtLkJhY2t1cC5TZXJ2aWNlTGliCgT5////KlN5c3RlbS5TZWN1cml0eS5QZXJtaXNzaW9ucy5TZWN1cml0eUFjdGlvbgEAAAAHdmFsdWVfXwAIAAAAAAoKCgoKCgoKCgT4////HFN5c3RlbS5TZWN1cml0eS5TZWN1cml0eVpvbmUBAAAAB3ZhbHVlX18ACAAAAAAKCw==\\x01\\x01\\x01\\x01",
   "datamd5" : "99527102258c4098c1151c7c32c3ef23",
   "datammh3" : -881295923,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "fingerprint" : {
      "md5" : "e5ab00a48cc76b8a37dec1e2e5b250a4",
      "sha1" : "710fb80d2d667f0e6e73b8b188a1445e77b872f9",
      "sha256" : "7c159e294ae968cfb9efd6a5c98946fe3f25e1cf57b8faad6626bdf6c20ad6c3"
   },
   "geolocus" : {
      "asn" : "AS36959",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "ZM",
      "countryname" : "Zambia",
      "isineu" : "false",
      "latitude" : "-13.133897",
      "location" : "-13.133897,27.849332",
      "longitude" : "27.849332",
      "netname" : "GoogleGlobalCache-ZM",
      "organization" : "CDN Edge LAN",
      "subnet" : "197.220.0.0/19"
   },
   "ip" : "197.220.7.113",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Veeam Backup Server Certificate"
   },
   "latitude" : "-14.3333",
   "location" : "-14.3333,28.5000",
   "longitude" : "28.5000",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "afczas",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9401,
   "product" : "Veeam Backup Service",
   "productvendor" : "Veeam",
   "productversion" : "12.0.0.0",
   "protocol" : "wcf",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-07",
   "serial" : "59:78:17:42:87:5d:03:ba:4e:13:22:3e:c8:49:8d:cb",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "commonname" : "Veeam Backup Server Certificate"
   },
   "subnet" : "197.220.0.0/19",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2033-10-03T09:11:43Z",
      "notbefore" : "2023-10-03T09:11:43Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
91.221.2.240

Network
91.221.2.0/23

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS43708

Organization
DATAMAT CZ s.r.o.

Protocol
wcf Cert not expired wcf

Source
datascan
Operating System
Microsoft Windows

Product
Veeam Veeam Backup Service

HTTP Component(s)
Veeam Backup & Replication

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Veeam Backup Server Certificate

Subject Common Name
Veeam Backup Server Certificate

SHA256 Fingerprint
7da3486611640c33ce095542bd93c948bfcf9a894d59d2a372348fb48ee59b44

Validity Not Before
2023-04-19T11:59:49Z

Validity Not After
2033-04-19T11:59:49Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ffe0e8aebec02accaa2a359d826e1ff5


\x0b\x06\xa4\x0f\xc3\x01\x1aCRemoteInvokeExceptionInfoMhttp://schemas.datacontract.org/2004/07/Veeam.Backup.Interaction.MountService)http://www.w3.org/2001/XMLSchema-instance\x1bFirstChanceExceptionMessage\x13SerializedExceptionV\x02\x0b\x01s\x04\x0b\x01a\x06V\x08D
\x1e\x00\x82\x99Mhttp://tempuri.org/IRemoteInvokeService/InvokeCRemoteInvokeExceptionInfoFaultD\x12\xadA\xbc\x9d\xe7;\xc4pE\x81\xfeME_\x94\x0d\x8fD\x0c\x1e\x00\x82\xab\x14\x01V\x0eV\x86\x01V\x8e\x01V\x9a\x01\x98\x01s\x98\x01:\x99\x06Sender\x01V\x90\x01V\x92\x01\x05\x03xml\x04lang\x98\x05cs-CZ\x99\x0dAccess denied\x01V\x98\x01B\x01
\x03\x0b\x01i\x05B\x07\x99\x0dAccess deniedB	\x9a\xfc\x05AAEAAAD/////AQAAAAAAAAAEAQAAACFTeXN0ZW0uU2VjdXJpdHkuU2VjdXJpdHlFeGNlcHRpb24YAAAACUNsYXNzTmFtZQdNZXNzYWdlBERhdGEOSW5uZXJFeGNlcHRpb24HSGVscFVSTBBTdGFja1RyYWNlU3RyaW5nFlJlbW90ZVN0YWNrVHJhY2VTdHJpbmcQUmVtb3RlU3RhY2tJbmRleA9FeGNlcHRpb25NZXRob2QHSFJlc3VsdAZTb3VyY2UNV2F0c29uQnVja2V0cwZBY3Rpb24ZRmlyc3RQZXJtaXNzaW9uVGhhdEZhaWxlZAhEZW1hbmRlZApHcmFudGVkU2V0ClJlZnVzZWRTZXQGRGVuaWVkClBlcm1pdE9ubHkIQXNzZW1ibHkGTWV0aG9kDU1ldGhvZF9TdHJpbmcEWm9uZQNVcmwBAQMDAQEBAAEAAQcDAQEBAQEBAwcBAwEeU3lzdGVtLkNvbGxlY3Rpb25zLklEaWN0aW9uYXJ5EFN5c3RlbS5FeGNlcHRpb24ICAIqU3lzdGVtLlNlY3VyaXR5LlBlcm1pc3Npb25zLlNlY3VyaXR5QWN0aW9uHlN5c3RlbS5SZWZsZWN0aW9uLkFzc2VtYmx5TmFtZQIcU3lzdGVtLlNlY3VyaXR5LlNlY3VyaXR5Wm9uZQYCAAAAIVN5c3RlbS5TZWN1cml0eS5TZWN1cml0eUV4Y2VwdGlvbgYDAAAADUFjY2VzcyBkZW5pZWQKCgoGBAAAAMQBICAgdiBWZWVhbS5CYWNrdXAuU2VydmljZUxpYi5DUmVzdG9yZVNlc3Npb25Ub2tlblZhbGlkYXRvci5WYWxpZGF0ZShDQXV0aFRva2VuIGF1dGhUb2tlbikNCiAgIHYgVmVlYW0uQmFja3VwLlNlcnZpY2VMaWIuQ1ZiUmVzdG9yZVNlcnZpY2VTdHViLkludm9rZShTdHJpbmcgc2NvcGUsIFN0cmluZyBtZXRob2QsIFN0cmluZyBwYXJhbWV0ZXJzKQoAAAAABgUAAADJATgKVmFsaWRhdGUKVmVlYW0uQmFja3VwLlNlcnZpY2VMaWIsIFZlcnNpb249MTIuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49YmZkNjg0ZGUyMjc2NzgzYQpWZWVhbS5CYWNrdXAuU2VydmljZUxpYi5DUmVzdG9yZVNlc3Npb25Ub2tlblZhbGlkYXRvcgpWb2lkIFZhbGlkYXRlKFZlZWFtLkJhY2t1cC5Nb2RlbC5DQXV0aFRva2VuKQoVE4AGBgAAABdWZWVhbS5CYWNrdXAuU2VydmljZUxpYgoE+f///ypTeXN0ZW0uU2VjdXJpdHkuUGVybWlzc2lvbnMuU2VjdXJpdHlBY3Rpb24BAAAAB3ZhbHVlX18ACAAAAAAKCgoKCgoKCgoE+P///xxTeXN0ZW0uU2VjdXJpdHkuU2VjdXJpdHlab25lAQAAAAd2YWx1ZV9fAAgAAAAACgs=\x01\x01\x01\x01

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:42:27.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "tempuri.org",
            "datacontract.org"
         ],
         "hostname" : [
            "schemas.datacontract.org",
            "tempuri.org"
         ],
         "url" : [
            "http://schemas.datacontract.org/2004/07/Veeam.Backup.Interaction.MountService)http://www.w3.org/2001/XMLSchema-instance",
            "http://tempuri.org/IRemoteInvokeService/InvokeCRemoteInvokeExceptionInfoFaultD"
         ]
      },
      "http" : {
         "component" : [
            {
               "product" : "Backup & Replication",
               "productvendor" : "Veeam"
            }
         ]
      },
      "length" : 1959
   },
   "asn" : "AS43708",
   "basicconstraints" : "critical",
   "ca" : "true",
   "country" : "CZ",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n\\x0b\\x06\\xa4\\x0f\\xc3\\x01\\x1aCRemoteInvokeExceptionInfoMhttp://schemas.datacontract.org/2004/07/Veeam.Backup.Interaction.MountService)http://www.w3.org/2001/XMLSchema-instance\\x1bFirstChanceExceptionMessage\\x13SerializedExceptionV\\x02\\x0b\\x01s\\x04\\x0b\\x01a\\x06V\\x08D\n\\x1e\\x00\\x82\\x99Mhttp://tempuri.org/IRemoteInvokeService/InvokeCRemoteInvokeExceptionInfoFaultD\\x12\\xadA\\xbc\\x9d\\xe7;\\xc4pE\\x81\\xfeME_\\x94\\x0d\\x8fD\\x0c\\x1e\\x00\\x82\\xab\\x14\\x01V\\x0eV\\x86\\x01V\\x8e\\x01V\\x9a\\x01\\x98\\x01s\\x98\\x01:\\x99\\x06Sender\\x01V\\x90\\x01V\\x92\\x01\\x05\\x03xml\\x04lang\\x98\\x05cs-CZ\\x99\\x0dAccess denied\\x01V\\x98\\x01B\\x01\n\\x03\\x0b\\x01i\\x05B\\x07\\x99\\x0dAccess deniedB\t\\x9a\\xfc\\x05AAEAAAD/////AQAAAAAAAAAEAQAAACFTeXN0ZW0uU2VjdXJpdHkuU2VjdXJpdHlFeGNlcHRpb24YAAAACUNsYXNzTmFtZQdNZXNzYWdlBERhdGEOSW5uZXJFeGNlcHRpb24HSGVscFVSTBBTdGFja1RyYWNlU3RyaW5nFlJlbW90ZVN0YWNrVHJhY2VTdHJpbmcQUmVtb3RlU3RhY2tJbmRleA9FeGNlcHRpb25NZXRob2QHSFJlc3VsdAZTb3VyY2UNV2F0c29uQnVja2V0cwZBY3Rpb24ZRmlyc3RQZXJtaXNzaW9uVGhhdEZhaWxlZAhEZW1hbmRlZApHcmFudGVkU2V0ClJlZnVzZWRTZXQGRGVuaWVkClBlcm1pdE9ubHkIQXNzZW1ibHkGTWV0aG9kDU1ldGhvZF9TdHJpbmcEWm9uZQNVcmwBAQMDAQEBAAEAAQcDAQEBAQEBAwcBAwEeU3lzdGVtLkNvbGxlY3Rpb25zLklEaWN0aW9uYXJ5EFN5c3RlbS5FeGNlcHRpb24ICAIqU3lzdGVtLlNlY3VyaXR5LlBlcm1pc3Npb25zLlNlY3VyaXR5QWN0aW9uHlN5c3RlbS5SZWZsZWN0aW9uLkFzc2VtYmx5TmFtZQIcU3lzdGVtLlNlY3VyaXR5LlNlY3VyaXR5Wm9uZQYCAAAAIVN5c3RlbS5TZWN1cml0eS5TZWN1cml0eUV4Y2VwdGlvbgYDAAAADUFjY2VzcyBkZW5pZWQKCgoGBAAAAMQBICAgdiBWZWVhbS5CYWNrdXAuU2VydmljZUxpYi5DUmVzdG9yZVNlc3Npb25Ub2tlblZhbGlkYXRvci5WYWxpZGF0ZShDQXV0aFRva2VuIGF1dGhUb2tlbikNCiAgIHYgVmVlYW0uQmFja3VwLlNlcnZpY2VMaWIuQ1ZiUmVzdG9yZVNlcnZpY2VTdHViLkludm9rZShTdHJpbmcgc2NvcGUsIFN0cmluZyBtZXRob2QsIFN0cmluZyBwYXJhbWV0ZXJzKQoAAAAABgUAAADJATgKVmFsaWRhdGUKVmVlYW0uQmFja3VwLlNlcnZpY2VMaWIsIFZlcnNpb249MTIuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49YmZkNjg0ZGUyMjc2NzgzYQpWZWVhbS5CYWNrdXAuU2VydmljZUxpYi5DUmVzdG9yZVNlc3Npb25Ub2tlblZhbGlkYXRvcgpWb2lkIFZhbGlkYXRlKFZlZWFtLkJhY2t1cC5Nb2RlbC5DQXV0aFRva2VuKQoVE4AGBgAAABdWZWVhbS5CYWNrdXAuU2VydmljZUxpYgoE+f///ypTeXN0ZW0uU2VjdXJpdHkuUGVybWlzc2lvbnMuU2VjdXJpdHlBY3Rpb24BAAAAB3ZhbHVlX18ACAAAAAAKCgoKCgoKCgoE+P///xxTeXN0ZW0uU2VjdXJpdHkuU2VjdXJpdHlab25lAQAAAAd2YWx1ZV9fAAgAAAAACgs=\\x01\\x01\\x01\\x01",
   "datamd5" : "ffe0e8aebec02accaa2a359d826e1ff5",
   "datammh3" : -1340879908,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "fingerprint" : {
      "md5" : "7bd3eb2c6bc89199e53f6cc91244caaf",
      "sha1" : "1348c8ac67e40af5f738f9bfd4ab9fbdd375619c",
      "sha256" : "7da3486611640c33ce095542bd93c948bfcf9a894d59d2a372348fb48ee59b44"
   },
   "ip" : "91.221.2.240",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Veeam Backup Server Certificate"
   },
   "latitude" : "50.0853",
   "location" : "50.0853,14.4110",
   "longitude" : "14.4110",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "DATAMAT CZ s.r.o.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9401,
   "product" : "Veeam Backup Service",
   "productvendor" : "Veeam",
   "protocol" : "wcf",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-07",
   "serial" : "1f:2f:cf:3e:a7:52:43:a8:4e:b6:28:85:8f:57:a8:b7",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "commonname" : "Veeam Backup Server Certificate"
   },
   "subnet" : "91.221.2.0/23",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2033-04-19T11:59:49Z",
      "notbefore" : "2023-04-19T11:59:49Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
82.200.235.139

Network
82.200.128.0/17

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS9198

Organization
JSC Kazakhtelecom

Protocol
unknown Cert not expired unknown

Source
datascan
Operating System
Microsoft Windows
Issuer Common Name
kokosBackup

Subject Common Name
kokosBackup

SHA256 Fingerprint
56d9d28aa16022ab3bc091d480d70d12081422bdd5e48e3103f70f50eb2fda7c

Validity Not Before
2017-09-01T14:52:14Z

Validity Not After
2027-08-30T14:52:14Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5b1ad04637eedf255ed4f452cd26b3ed
```
\x0b
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:42:27.000Z",
   "app" : {
      "length" : 2
   },
   "asn" : "AS9198",
   "ca" : "false",
   "city" : "Almaty Oblysy",
   "country" : "KZ",
   "data" : "\n\\x0b",
   "datamd5" : "5b1ad04637eedf255ed4f452cd26b3ed",
   "datammh3" : 570098768,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "b588a15b958f8d9556be1c38bedc2974",
      "sha1" : "04acc5f464b3e7909ddbcef250e4ef88c9e558a4",
      "sha256" : "56d9d28aa16022ab3bc091d480d70d12081422bdd5e48e3103f70f50eb2fda7c"
   },
   "ip" : "82.200.235.139",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "kokosBackup"
   },
   "keyusage" : [
      "keyEncipherment",
      "dataEncipherment"
   ],
   "latitude" : "44.0000",
   "location" : "44.0000,76.2833",
   "longitude" : "76.2833",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "JSC Kazakhtelecom",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9401,
   "protocol" : "unknown",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-07",
   "serial" : "e5:e5:5a:1c:1a:c1:e3:96",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "commonname" : "kokosBackup"
   },
   "subnet" : "82.200.128.0/17",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2027-08-30T14:52:14Z",
      "notbefore" : "2017-09-01T14:52:14Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
158.64.28.34

Network
158.64.0.0/16

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS2602

Organization
Fondation RESTENA

Protocol
wcf Cert not expired wcf

Source
datascan
Operating System
Microsoft Windows

Product
Veeam Veeam Backup Service 12.0.0.0

HTTP Component(s)
Veeam Backup & Replication

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Veeam Backup Server Certificate

Subject Common Name
Veeam Backup Server Certificate

SHA256 Fingerprint
c642833da2004745559c0678ddd2f9adfee1089f7d272e9a403498e072c25f75

Validity Not Before
2023-09-27T07:45:51Z

Validity Not After
2033-09-27T07:45:51Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
99527102258c4098c1151c7c32c3ef23


\x0b\x06\xa8\x0f\xc3\x01\x1aCRemoteInvokeExceptionInfoMhttp://schemas.datacontract.org/2004/07/Veeam.Backup.Interaction.MountService)http://www.w3.org/2001/XMLSchema-instance\x1bFirstChanceExceptionMessage\x13SerializedExceptionV\x02\x0b\x01s\x04\x0b\x01a\x06V\x08D
\x1e\x00\x82\x99Mhttp://tempuri.org/IRemoteInvokeService/InvokeCRemoteInvokeExceptionInfoFaultD\x12\xadA\xbc\x9d\xe7;\xc4pE\x81\xfeME_\x94\x0d\x8fD\x0c\x1e\x00\x82\xab\x14\x01V\x0eV\x86\x01V\x8e\x01V\x9a\x01\x98\x01s\x98\x01:\x99\x06Sender\x01V\x90\x01V\x92\x01\x05\x03xml\x04lang\x98\x05en-US\x99\x0dAccess denied\x01V\x98\x01B\x01
\x03\x0b\x01i\x05B\x07\x99\x0dAccess deniedB	\x9a\x00\x06AAEAAAD/////AQAAAAAAAAAEAQAAACFTeXN0ZW0uU2VjdXJpdHkuU2VjdXJpdHlFeGNlcHRpb24YAAAACUNsYXNzTmFtZQdNZXNzYWdlBERhdGEOSW5uZXJFeGNlcHRpb24HSGVscFVSTBBTdGFja1RyYWNlU3RyaW5nFlJlbW90ZVN0YWNrVHJhY2VTdHJpbmcQUmVtb3RlU3RhY2tJbmRleA9FeGNlcHRpb25NZXRob2QHSFJlc3VsdAZTb3VyY2UNV2F0c29uQnVja2V0cwZBY3Rpb24ZRmlyc3RQZXJtaXNzaW9uVGhhdEZhaWxlZAhEZW1hbmRlZApHcmFudGVkU2V0ClJlZnVzZWRTZXQGRGVuaWVkClBlcm1pdE9ubHkIQXNzZW1ibHkGTWV0aG9kDU1ldGhvZF9TdHJpbmcEWm9uZQNVcmwBAQMDAQEBAAEAAQcDAQEBAQEBAwcBAwEeU3lzdGVtLkNvbGxlY3Rpb25zLklEaWN0aW9uYXJ5EFN5c3RlbS5FeGNlcHRpb24ICAIqU3lzdGVtLlNlY3VyaXR5LlBlcm1pc3Npb25zLlNlY3VyaXR5QWN0aW9uHlN5c3RlbS5SZWZsZWN0aW9uLkFzc2VtYmx5TmFtZQIcU3lzdGVtLlNlY3VyaXR5LlNlY3VyaXR5Wm9uZQYCAAAAIVN5c3RlbS5TZWN1cml0eS5TZWN1cml0eUV4Y2VwdGlvbgYDAAAADUFjY2VzcyBkZW5pZWQKCgoGBAAAAMYBICAgYXQgVmVlYW0uQmFja3VwLlNlcnZpY2VMaWIuQ1Jlc3RvcmVTZXNzaW9uVG9rZW5WYWxpZGF0b3IuVmFsaWRhdGUoQ0F1dGhUb2tlbiBhdXRoVG9rZW4pDQogICBhdCBWZWVhbS5CYWNrdXAuU2VydmljZUxpYi5DVmJSZXN0b3JlU2VydmljZVN0dWIuSW52b2tlKFN0cmluZyBzY29wZSwgU3RyaW5nIG1ldGhvZCwgU3RyaW5nIHBhcmFtZXRlcnMpCgAAAAAGBQAAAMkBOApWYWxpZGF0ZQpWZWVhbS5CYWNrdXAuU2VydmljZUxpYiwgVmVyc2lvbj0xMi4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iZmQ2ODRkZTIyNzY3ODNhClZlZWFtLkJhY2t1cC5TZXJ2aWNlTGliLkNSZXN0b3JlU2Vzc2lvblRva2VuVmFsaWRhdG9yClZvaWQgVmFsaWRhdGUoVmVlYW0uQmFja3VwLk1vZGVsLkNBdXRoVG9rZW4pChUTgAYGAAAAF1ZlZWFtLkJhY2t1cC5TZXJ2aWNlTGliCgT5////KlN5c3RlbS5TZWN1cml0eS5QZXJtaXNzaW9ucy5TZWN1cml0eUFjdGlvbgEAAAAHdmFsdWVfXwAIAAAAAAoKCgoKCgoKCgT4////HFN5c3RlbS5TZWN1cml0eS5TZWN1cml0eVpvbmUBAAAAB3ZhbHVlX18ACAAAAAAKCw==\x01\x01\x01\x01

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:41:22.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "tempuri.org",
            "datacontract.org"
         ],
         "hostname" : [
            "schemas.datacontract.org",
            "tempuri.org"
         ],
         "url" : [
            "http://schemas.datacontract.org/2004/07/Veeam.Backup.Interaction.MountService)http://www.w3.org/2001/XMLSchema-instance",
            "http://tempuri.org/IRemoteInvokeService/InvokeCRemoteInvokeExceptionInfoFaultD"
         ]
      },
      "http" : {
         "component" : [
            {
               "productvendor" : "Veeam",
               "product" : "Backup & Replication"
            }
         ]
      },
      "length" : 1963
   },
   "asn" : "AS2602",
   "basicconstraints" : "critical",
   "ca" : "true",
   "city" : "Reckange-sur-Mess",
   "country" : "LU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n\\x0b\\x06\\xa8\\x0f\\xc3\\x01\\x1aCRemoteInvokeExceptionInfoMhttp://schemas.datacontract.org/2004/07/Veeam.Backup.Interaction.MountService)http://www.w3.org/2001/XMLSchema-instance\\x1bFirstChanceExceptionMessage\\x13SerializedExceptionV\\x02\\x0b\\x01s\\x04\\x0b\\x01a\\x06V\\x08D\n\\x1e\\x00\\x82\\x99Mhttp://tempuri.org/IRemoteInvokeService/InvokeCRemoteInvokeExceptionInfoFaultD\\x12\\xadA\\xbc\\x9d\\xe7;\\xc4pE\\x81\\xfeME_\\x94\\x0d\\x8fD\\x0c\\x1e\\x00\\x82\\xab\\x14\\x01V\\x0eV\\x86\\x01V\\x8e\\x01V\\x9a\\x01\\x98\\x01s\\x98\\x01:\\x99\\x06Sender\\x01V\\x90\\x01V\\x92\\x01\\x05\\x03xml\\x04lang\\x98\\x05en-US\\x99\\x0dAccess denied\\x01V\\x98\\x01B\\x01\n\\x03\\x0b\\x01i\\x05B\\x07\\x99\\x0dAccess deniedB\t\\x9a\\x00\\x06AAEAAAD/////AQAAAAAAAAAEAQAAACFTeXN0ZW0uU2VjdXJpdHkuU2VjdXJpdHlFeGNlcHRpb24YAAAACUNsYXNzTmFtZQdNZXNzYWdlBERhdGEOSW5uZXJFeGNlcHRpb24HSGVscFVSTBBTdGFja1RyYWNlU3RyaW5nFlJlbW90ZVN0YWNrVHJhY2VTdHJpbmcQUmVtb3RlU3RhY2tJbmRleA9FeGNlcHRpb25NZXRob2QHSFJlc3VsdAZTb3VyY2UNV2F0c29uQnVja2V0cwZBY3Rpb24ZRmlyc3RQZXJtaXNzaW9uVGhhdEZhaWxlZAhEZW1hbmRlZApHcmFudGVkU2V0ClJlZnVzZWRTZXQGRGVuaWVkClBlcm1pdE9ubHkIQXNzZW1ibHkGTWV0aG9kDU1ldGhvZF9TdHJpbmcEWm9uZQNVcmwBAQMDAQEBAAEAAQcDAQEBAQEBAwcBAwEeU3lzdGVtLkNvbGxlY3Rpb25zLklEaWN0aW9uYXJ5EFN5c3RlbS5FeGNlcHRpb24ICAIqU3lzdGVtLlNlY3VyaXR5LlBlcm1pc3Npb25zLlNlY3VyaXR5QWN0aW9uHlN5c3RlbS5SZWZsZWN0aW9uLkFzc2VtYmx5TmFtZQIcU3lzdGVtLlNlY3VyaXR5LlNlY3VyaXR5Wm9uZQYCAAAAIVN5c3RlbS5TZWN1cml0eS5TZWN1cml0eUV4Y2VwdGlvbgYDAAAADUFjY2VzcyBkZW5pZWQKCgoGBAAAAMYBICAgYXQgVmVlYW0uQmFja3VwLlNlcnZpY2VMaWIuQ1Jlc3RvcmVTZXNzaW9uVG9rZW5WYWxpZGF0b3IuVmFsaWRhdGUoQ0F1dGhUb2tlbiBhdXRoVG9rZW4pDQogICBhdCBWZWVhbS5CYWNrdXAuU2VydmljZUxpYi5DVmJSZXN0b3JlU2VydmljZVN0dWIuSW52b2tlKFN0cmluZyBzY29wZSwgU3RyaW5nIG1ldGhvZCwgU3RyaW5nIHBhcmFtZXRlcnMpCgAAAAAGBQAAAMkBOApWYWxpZGF0ZQpWZWVhbS5CYWNrdXAuU2VydmljZUxpYiwgVmVyc2lvbj0xMi4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iZmQ2ODRkZTIyNzY3ODNhClZlZWFtLkJhY2t1cC5TZXJ2aWNlTGliLkNSZXN0b3JlU2Vzc2lvblRva2VuVmFsaWRhdG9yClZvaWQgVmFsaWRhdGUoVmVlYW0uQmFja3VwLk1vZGVsLkNBdXRoVG9rZW4pChUTgAYGAAAAF1ZlZWFtLkJhY2t1cC5TZXJ2aWNlTGliCgT5////KlN5c3RlbS5TZWN1cml0eS5QZXJtaXNzaW9ucy5TZWN1cml0eUFjdGlvbgEAAAAHdmFsdWVfXwAIAAAAAAoKCgoKCgoKCgT4////HFN5c3RlbS5TZWN1cml0eS5TZWN1cml0eVpvbmUBAAAAB3ZhbHVlX18ACAAAAAAKCw==\\x01\\x01\\x01\\x01",
   "datamd5" : "99527102258c4098c1151c7c32c3ef23",
   "datammh3" : -881295923,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "fingerprint" : {
      "md5" : "e12d9999cad4c35d905c94cb11ad8384",
      "sha1" : "c7b69a6cfd245d5e27d6755a1e6699f1f869e457",
      "sha256" : "c642833da2004745559c0678ddd2f9adfee1089f7d272e9a403498e072c25f75"
   },
   "geolocus" : {
      "asn" : "AS2602",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "LU",
      "countryname" : "Luxembourg",
      "domain" : [
         "restena.lu"
      ],
      "isineu" : "true",
      "latitude" : "49.815273",
      "location" : "49.815273,6.129583",
      "longitude" : "6.129583",
      "netname" : "RESTENA",
      "organization" : "Fondation RESTENA",
      "subnet" : "158.64.0.0/16"
   },
   "ip" : "158.64.28.34",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Veeam Backup Server Certificate"
   },
   "latitude" : "49.5662",
   "location" : "49.5662,6.0111",
   "longitude" : "6.0111",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Fondation RESTENA",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9401,
   "product" : "Veeam Backup Service",
   "productvendor" : "Veeam",
   "productversion" : "12.0.0.0",
   "protocol" : "wcf",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-07",
   "serial" : "61:68:7a:a5:97:8e:ff:8c:43:c8:c6:b4:c8:21:08:dc",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "commonname" : "Veeam Backup Server Certificate"
   },
   "subnet" : "158.64.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2033-09-27T07:45:51Z",
      "notbefore" : "2023-09-27T07:45:51Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
191.242.219.169

Network
191.242.216.0/22

Domain(s)
net.br

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

Reverse DNS
191.242.219.169-static.host.megalink.net.br

ASN
AS263482

Organization
Megalink Servicos Ltda

Protocol
unknown

Source
datascan
Operating System
Microsoft Windows

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
c138faa31f79800d08f71d5a6da51df7
```
\xfd\xfd
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:40:27.000Z",
   "app" : {
      "length" : 2
   },
   "asn" : "AS263482",
   "city" : "Linhares",
   "country" : "BR",
   "data" : "\\xfd\\xfd",
   "datamd5" : "c138faa31f79800d08f71d5a6da51df7",
   "datammh3" : -778471376,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "net.br"
   ],
   "geolocus" : {
      "asn" : "AS263482",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "cert.br",
         "net.br"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "12.419.721/0001-10",
      "organization" : "Megalink Servicos Ltda",
      "subnet" : "191.242.216.0/22"
   },
   "host" : [
      191
   ],
   "hostname" : [
      "191.242.219.169-static.host.megalink.net.br"
   ],
   "ip" : "191.242.219.169",
   "ipv6" : "false",
   "latitude" : "-19.3594",
   "location" : "-19.3594,-40.1504",
   "longitude" : "-40.1504",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Megalink Servicos Ltda",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9401,
   "protocol" : "unknown",
   "reverse" : [
      "191.242.219.169-static.host.megalink.net.br"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "host.megalink.net.br",
      "219.169-static.host.megalink.net.br",
      "242.219.169-static.host.megalink.net.br",
      "megalink.net.br",
      "169-static.host.megalink.net.br"
   ],
   "subnet" : "191.242.216.0/22",
   "tld" : [
      "br"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP
188.241.118.75

Network
188.241.112.0/21

Domain(s)
intovps.com

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

Reverse DNS
188-241-118-75.static.intovps.com

ASN
AS43927

Organization
Hosterion Srl

Protocol
unknown Cert not expired unknown

Source
datascan
Operating System
Microsoft Windows

HTTP Component(s)
Veeam Backup & Replication

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Veeam Backup Server Certificate

Subject Common Name
Veeam Backup Server Certificate

SHA256 Fingerprint
ba7d6f3fbd0a87bb020bbc577a9d68ee9df571953f7745b16e22d1df7ce8d158

Validity Not Before
2023-09-06T15:27:57Z

Validity Not After
2033-09-06T15:27:57Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5b1ad04637eedf255ed4f452cd26b3ed
```
\x0b
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:27:23.000Z",
   "app" : {
      "http" : {
         "component" : [
            {
               "productvendor" : "Veeam",
               "product" : "Backup & Replication"
            }
         ]
      },
      "length" : 2
   },
   "asn" : "AS43927",
   "basicconstraints" : "critical",
   "ca" : "true",
   "city" : "Bucharest",
   "country" : "RO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\n\\x0b",
   "datamd5" : "5b1ad04637eedf255ed4f452cd26b3ed",
   "datammh3" : 570098768,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "intovps.com"
   ],
   "fingerprint" : {
      "md5" : "7f946a21912e8e42aa6718a012e0e116",
      "sha1" : "0310e198b0eb5e348fb0beae5fec964abed9f9fe",
      "sha256" : "ba7d6f3fbd0a87bb020bbc577a9d68ee9df571953f7745b16e22d1df7ce8d158"
   },
   "host" : [
      "188-241-118-75"
   ],
   "hostname" : [
      "188-241-118-75.static.intovps.com"
   ],
   "ip" : "188.241.118.75",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Veeam Backup Server Certificate"
   },
   "latitude" : "44.4291",
   "location" : "44.4291,26.1006",
   "longitude" : "26.1006",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hosterion Srl",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9401,
   "protocol" : "unknown",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "188-241-118-75.static.intovps.com"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "3d:cb:a4:ba:3e:84:6f:b3:40:64:31:d5:1f:ec:6f:b9",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subdomains" : [
      "static.intovps.com"
   ],
   "subject" : {
      "commonname" : "Veeam Backup Server Certificate"
   },
   "subnet" : "188.241.112.0/21",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2033-09-06T15:27:57Z",
      "notbefore" : "2023-09-06T15:27:57Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
2.88.103.2

Network
2.88.0.0/15

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

HTTP Title
Bad Request

ASN
AS25019

Organization
Saudi Telecom Company JSC

Protocol
http

Source
datascan
Operating System
Microsoft Windows

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ecc522087729646cc332b0328d2ad337

HTTP Header MD5
7abf75dbb218362309ace4bad48a03f0

HTTP Body MD5
040f8a5503a1508ebe1720833322df2c

HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 08:19:45 GMT
Server: OracleAS-Web-Cache-10g/10.1.2.0.2
Content-Type: text/html
Content-Length: 103

<HTML><HEAD><TITLE>Bad Request</TITLE></HEAD><BODY>The request contains invalid syntax.</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:19:46.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.1.2.0"
         ]
      },
      "http" : {
         "bodymd5" : "040f8a5503a1508ebe1720833322df2c",
         "bodymmh3" : 1473127052,
         "headermd5" : "7abf75dbb218362309ace4bad48a03f0",
         "headermmh3" : 2137308258,
         "title" : "Bad Request"
      },
      "length" : 257
   },
   "asn" : "AS25019",
   "city" : "Riyadh",
   "country" : "SA",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 08:19:45 GMT\r\nServer: OracleAS-Web-Cache-10g/10.1.2.0.2\r\nContent-Type: text/html\r\nContent-Length: 103\r\n\r\n<HTML><HEAD><TITLE>Bad Request</TITLE></HEAD><BODY>The request contains invalid syntax.</BODY></HTML>\r\n",
   "datamd5" : "ecc522087729646cc332b0328d2ad337",
   "datammh3" : 1375452944,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS25019",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "SA",
      "countryname" : "Saudi Arabia",
      "domain" : [
         "stc.com.sa"
      ],
      "isineu" : "false",
      "latitude" : "23.885942",
      "location" : "23.885942,45.079162",
      "longitude" : "45.079162",
      "netname" : "SAUDINET_DSL_POOL",
      "organization" : "SaudiNet DSL pool_Dynamic IPs",
      "subnet" : "2.88.0.0/16"
   },
   "ip" : "2.88.103.2",
   "ipv6" : "false",
   "latitude" : "24.6869",
   "location" : "24.6869,46.7224",
   "longitude" : "46.7224",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Saudi Telecom Company JSC",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9401,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "2.88.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
210.12.55.242

Network
210.12.52.0/22

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS4808

Organization
China Unicom Beijing Province Network

Protocol
unknown

Source
datascan
Operating System
Microsoft Windows

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e1d272cee0489aef7e8e8982be21ec89
```
\x05\x00\x00\x00\xa2h\x1b\x02
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:18:59.000Z",
   "app" : {
      "length" : 8
   },
   "asn" : "AS4808",
   "city" : "Beijing",
   "country" : "CN",
   "data" : "\\x05\\x00\\x00\\x00\\xa2h\\x1b\\x02",
   "datamd5" : "e1d272cee0489aef7e8e8982be21ec89",
   "datammh3" : 44845472,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinaunicom.cn",
         "njcatv.net"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "NJCATV-CN",
      "organization" : "China Unicom",
      "subnet" : "210.12.52.0/22"
   },
   "ip" : "210.12.55.242",
   "ipv6" : "false",
   "latitude" : "39.9110",
   "location" : "39.9110,116.3950",
   "longitude" : "116.3950",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Unicom Beijing Province Network",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 9401,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "210.12.52.0/22",
   "tls" : "false",
   "transport" : "tcp"
}

Returning 10 result(s) out of 7,193 in 0.103 second(s)

86.124.37.22:9401 (tcp/mysql) - last seen on 2024-11-07 at 08:45:26 UTC

202.142.151.155:9401 (tcp/unknown/tls) - last seen on 2024-11-07 at 08:43:52 UTC

197.220.7.113:9401 (tcp/wcf/tls) - last seen on 2024-11-07 at 08:43:50 UTC

91.221.2.240:9401 (tcp/wcf/tls) - last seen on 2024-11-07 at 08:42:27 UTC

82.200.235.139:9401 (tcp/unknown/tls) - last seen on 2024-11-07 at 08:42:27 UTC

158.64.28.34:9401 (tcp/wcf/tls) - last seen on 2024-11-07 at 08:41:22 UTC

191.242.219.169:9401 (tcp/unknown) - last seen on 2024-11-07 at 08:40:27 UTC

188.241.118.75:9401 (tcp/unknown/tls) - last seen on 2024-11-07 at 08:27:23 UTC

2.88.103.2:9401 (tcp/http) - last seen on 2024-11-07 at 08:19:46 UTC

210.12.55.242:9401 (tcp/unknown) - last seen on 2024-11-07 at 08:18:59 UTC