Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
46.20.228.199

Network
46.20.224.0/20

Domain(s)
dataphiles.co.uk

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://46.20.228.199/ 302

Reverse DNS
mail2.dataphiles.co.uk

ASN
AS20860

Organization
Iomart Cloud Services Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
Apache HTTP Server 2.4.7

HTTP Component(s)
PHP PHP 5.5.9 Roundcube Webmail

CPE(s)

<enterprise field>: cpe

CVE(s)

<enterprise field>: cve

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
4ede11ed19fa9330c5d9939592411679

HTTP Header MD5
968ad321de5be969177d7f1d707910a9

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Date: Fri, 01 Nov 2024 02:20:14 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Set-Cookie: roundcube_sessid=4nrulgkempg5v28lea44vuabh2; path=/; HttpOnly
Expires: Fri, 01 Nov 2024 02:20:14 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 01 Nov 2024 02:20:14 GMT
X-DNS-Prefetch-Control: off
Location: https://<ip>/
Content-Length: 0
Connection: close
Content-Type: text/html

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T02:20:25.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "product" : "Webmail",
               "productvendor" : "Roundcube"
            },
            {
               "productversion" : "5.5.9",
               "product" : "PHP",
               "productvendor" : "PHP"
            }
         ],
         "header" : [
            {
               "value" : "Fri, 01 Nov 2024 02:20:14 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "968ad321de5be969177d7f1d707910a9",
         "headermmh3" : 1727637601
      },
      "length" : 511
   },
   "asn" : "AS20860",
   "country" : "GB",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "cve" : "<enterprise field>: cve",
   "cvecount" : "<enterprise field>: cvecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Fri, 01 Nov 2024 02:20:14 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nX-Powered-By: PHP/5.5.9-1ubuntu4.29\r\nSet-Cookie: roundcube_sessid=4nrulgkempg5v28lea44vuabh2; path=/; HttpOnly\r\nExpires: Fri, 01 Nov 2024 02:20:14 GMT\r\nCache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 01 Nov 2024 02:20:14 GMT\r\nX-DNS-Prefetch-Control: off\r\nLocation: https://<ip>/\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html\r\n\r\n",
   "datamd5" : "4ede11ed19fa9330c5d9939592411679",
   "datammh3" : -1574621909,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "dataphiles.co.uk"
   ],
   "geolocus" : {
      "asn" : "AS20860",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "GB",
      "countryname" : "United Kingdom",
      "domain" : [
         "iomart.com",
         "melbourne.co.uk"
      ],
      "isineu" : "false",
      "latitude" : "55.378051",
      "location" : "55.378051,-3.435973",
      "longitude" : "-3.435973",
      "netname" : "UK-MELBOURNENETWORKS-20101014",
      "organization" : "Melbourne Server Hosting Ltd",
      "subnet" : "46.20.224.0/20"
   },
   "host" : [
      "mail2"
   ],
   "hostname" : [
      "mail2.dataphiles.co.uk"
   ],
   "ip" : "46.20.228.199",
   "ipv6" : "false",
   "latitude" : "51.4964",
   "location" : "51.4964,-0.1224",
   "longitude" : "-0.1224",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Iomart Cloud Services Limited",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 80,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.7",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "mail2.dataphiles.co.uk"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "46.20.224.0/20",
   "tld" : [
      "co.uk"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
90.147.34.6

Network
90.147.0.0/16

Domain(s)
pv.it

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://90.147.34.6/ 302

Reverse DNS
pecarchive.smatteo.pv.it

ASN
AS137

Organization
Consortium GARR

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
Apache HTTP Server 2.4.18

HTTP Component(s)
Roundcube Webmail

CPE(s)

<enterprise field>: cpe

CVE(s)

<enterprise field>: cve

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
528b6afd26590a51f871a95fdc2b8ed1

HTTP Header MD5
c129b008aa951b46e2b778f95e279815

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Date: Fri, 01 Nov 2024 01:25:17 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: roundcube_sessid=2cbm1j8rf7vr743r7s66ea2223; path=/; HttpOnly
Expires: Fri, 01 Nov 2024 01:25:17 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 01 Nov 2024 01:25:17 GMT
X-DNS-Prefetch-Control: off
X-Frame-Options: sameorigin
Location: https://<ip>/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-01T01:25:20.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "productvendor" : "Roundcube",
               "product" : "Webmail"
            }
         ],
         "header" : [
            {
               "value" : "Fri, 01 Nov 2024 01:25:17 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "c129b008aa951b46e2b778f95e279815",
         "headermmh3" : 217364369
      },
      "length" : 519
   },
   "asn" : "AS137",
   "city" : "Pavia",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "cve" : "<enterprise field>: cve",
   "cvecount" : "<enterprise field>: cvecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Fri, 01 Nov 2024 01:25:17 GMT\r\nServer: Apache/2.4.18 (Ubuntu)\r\nSet-Cookie: roundcube_sessid=2cbm1j8rf7vr743r7s66ea2223; path=/; HttpOnly\r\nExpires: Fri, 01 Nov 2024 01:25:17 GMT\r\nCache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 01 Nov 2024 01:25:17 GMT\r\nX-DNS-Prefetch-Control: off\r\nX-Frame-Options: sameorigin\r\nLocation: https://<ip>/\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n",
   "datamd5" : "528b6afd26590a51f871a95fdc2b8ed1",
   "datammh3" : 997554384,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "pv.it"
   ],
   "geolocus" : {
      "asn" : "AS137",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "IT",
      "countryname" : "Italy",
      "domain" : [
         "garr.it",
         "uniurb.it"
      ],
      "isineu" : "true",
      "latitude" : "41.87194",
      "location" : "41.87194,12.56738",
      "longitude" : "12.56738",
      "netname" : "UNI-URB07",
      "organization" : "Universita' degli Studi di Urbino Carlo Bo",
      "subnet" : "90.147.0.0/18"
   },
   "host" : [
      "pecarchive"
   ],
   "hostname" : [
      "pecarchive.smatteo.pv.it"
   ],
   "ip" : "90.147.34.6",
   "ipv6" : "false",
   "latitude" : "45.1976",
   "location" : "45.1976,9.1578",
   "longitude" : "9.1578",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Consortium GARR",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 80,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.18",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "pecarchive.smatteo.pv.it"
   ],
   "seen_date" : "2024-11-01",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "smatteo.pv.it"
   ],
   "subnet" : "90.147.0.0/16",
   "tld" : [
      "it"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
90.147.34.6

Network
90.147.0.0/16

Domain(s)
pv.it

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://90.147.34.6/ 302

Reverse DNS
pecarchive.smatteo.pv.it

ASN
AS137

Organization
Consortium GARR

Protocol
http

Source
datascan
Operating System
Linux Linux Ubuntu

Product
Apache HTTP Server 2.4.18

HTTP Component(s)
Roundcube Webmail

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
528b6afd26590a51f871a95fdc2b8ed1

HTTP Header MD5
c129b008aa951b46e2b778f95e279815

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Date: Thu, 31 Oct 2024 18:35:08 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: roundcube_sessid=qmtej3di17irqc17acsc142gl7; path=/; HttpOnly
Expires: Thu, 31 Oct 2024 18:35:08 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Thu, 31 Oct 2024 18:35:08 GMT
X-DNS-Prefetch-Control: off
X-Frame-Options: sameorigin
Location: https://<ip>/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-31T18:35:09.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "product" : "Webmail",
               "productvendor" : "Roundcube"
            }
         ],
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Thu, 31 Oct 2024 18:35:08 GMT"
            }
         ],
         "headermd5" : "c129b008aa951b46e2b778f95e279815",
         "headermmh3" : 1909445753
      },
      "length" : 519
   },
   "asn" : "AS137",
   "city" : "Pavia",
   "country" : "IT",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 31 Oct 2024 18:35:08 GMT\r\nServer: Apache/2.4.18 (Ubuntu)\r\nSet-Cookie: roundcube_sessid=qmtej3di17irqc17acsc142gl7; path=/; HttpOnly\r\nExpires: Thu, 31 Oct 2024 18:35:08 GMT\r\nCache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Thu, 31 Oct 2024 18:35:08 GMT\r\nX-DNS-Prefetch-Control: off\r\nX-Frame-Options: sameorigin\r\nLocation: https://<ip>/\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n",
   "datamd5" : "528b6afd26590a51f871a95fdc2b8ed1",
   "datammh3" : 997554384,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "pv.it"
   ],
   "geolocus" : {
      "asn" : "AS137",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "IT",
      "countryname" : "Italy",
      "domain" : [
         "garr.it",
         "uniurb.it"
      ],
      "isineu" : "true",
      "latitude" : "41.87194",
      "location" : "41.87194,12.56738",
      "longitude" : "12.56738",
      "netname" : "UNI-URB07",
      "organization" : "Universita' degli Studi di Urbino Carlo Bo",
      "subnet" : "90.147.0.0/18"
   },
   "host" : [
      "pecarchive"
   ],
   "hostname" : [
      "pecarchive.smatteo.pv.it"
   ],
   "ip" : "90.147.34.6",
   "ipv6" : "false",
   "latitude" : "45.1976",
   "location" : "45.1976,9.1578",
   "longitude" : "9.1578",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Consortium GARR",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 80,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.18",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "pecarchive.smatteo.pv.it"
   ],
   "seen_date" : "2024-10-31",
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "smatteo.pv.it"
   ],
   "subnet" : "90.147.0.0/16",
   "tld" : [
      "it"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
185.58.11.158

Network
185.58.8.0/22

Domain(s)
ac-versailles.fr levelsys.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

https://clg-0950945l.ac-versailles.fr/roundcube/?_task=mail&_action=login 302

Reverse DNS
158.11.58.185.rev.levelsys.com

ASN
AS201699

Organization
Level Sys SAS

Protocol
http Cert not expired http

Source
urlscan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.14.0

HTTP Component(s)
Roundcube Webmail

CPE(s)

<enterprise field>: cpe
Issuer Common Name
GEANT OV RSA CA 4

Issuer Organization
GEANT Vereniging

Subject Organization
Académie de Versailles

Subject Common Name
clg-0950945l.ac-versailles.fr

Subject Alt Name
clg-0950945l.ac-versailles.fr amon-0950945l.0950945l.in.ac-versailles.fr turboself-0950945l.ac-versailles.fr

SHA256 Fingerprint
260e5267d36615c5f302716c0f1692bad93db9c92b7fac06626205cc80b52a4d

Validity Not Before
2024-02-12T00:00:00Z

Validity Not After
2025-02-11T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
6ff5764bd8c4d03a340e22284577d001

HTTP Header MD5
07f215a9116217e607552ac3c0a75c17

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 30 Oct 2024 05:48:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: close
Set-Cookie: roundcube_sessid=f44qgs37j4magh1puthl2djj16; path=/; HttpOnly
Expires: Wed, 30 Oct 2024 05:48:54 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Wed, 30 Oct 2024 05:48:54 GMT
Set-Cookie: cas_url=_task%3Dmail%26amp%3B_action%3Dlogin
Location: ./?_task=mail&_action=login

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-30T05:48:56.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "product" : "Webmail",
               "productvendor" : "Roundcube"
            }
         ],
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Wed, 30 Oct 2024 05:48:54 GMT"
            }
         ],
         "headermd5" : "07f215a9116217e607552ac3c0a75c17",
         "headermmh3" : 799205605
      },
      "length" : 517
   },
   "asn" : "AS201699",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Pierrelaye",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.14.0 (Ubuntu)\r\nDate: Wed, 30 Oct 2024 05:48:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: close\r\nSet-Cookie: roundcube_sessid=f44qgs37j4magh1puthl2djj16; path=/; HttpOnly\r\nExpires: Wed, 30 Oct 2024 05:48:54 GMT\r\nCache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Wed, 30 Oct 2024 05:48:54 GMT\r\nSet-Cookie: cas_url=_task%3Dmail%26amp%3B_action%3Dlogin\r\nLocation: ./?_task=mail&_action=login\r\n\r\n",
   "datamd5" : "6ff5764bd8c4d03a340e22284577d001",
   "datammh3" : 673282810,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ac-versailles.fr",
      "levelsys.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "e785d392b9182ab57c1921a0a74bd577",
      "sha1" : "d627fea7c85e33f262549b7e1a5cb738ec8bc2cd",
      "sha256" : "260e5267d36615c5f302716c0f1692bad93db9c92b7fac06626205cc80b52a4d"
   },
   "forward" : "clg-0950945l.ac-versailles.fr",
   "host" : [
      158,
      "amon-0950945l",
      "clg-0950945l",
      "turboself-0950945l"
   ],
   "hostname" : [
      "158.11.58.185.rev.levelsys.com",
      "amon-0950945l.0950945l.in.ac-versailles.fr",
      "clg-0950945l.ac-versailles.fr",
      "turboself-0950945l.ac-versailles.fr"
   ],
   "ip" : "185.58.11.158",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "GEANT OV RSA CA 4",
      "country" : "NL",
      "organization" : "GEANT Vereniging"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "49.0231",
   "location" : "49.0231,2.1514",
   "longitude" : "2.1514",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Level Sys SAS",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 3072
   },
   "reason" : "Found",
   "reverse" : [
      "158.11.58.185.rev.levelsys.com"
   ],
   "seen_date" : "2024-10-30",
   "serial" : "92:bc:46:c3:31:0b:b9:e4:f5:81:7e:0a:7e:c3:d8:1d",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "urlscan",
   "status" : 302,
   "subdomains" : [
      "0950945l.in.ac-versailles.fr",
      "11.58.185.rev.levelsys.com",
      "185.rev.levelsys.com",
      "58.185.rev.levelsys.com",
      "in.ac-versailles.fr",
      "rev.levelsys.com"
   ],
   "subject" : {
      "altname" : [
         "clg-0950945l.ac-versailles.fr",
         "amon-0950945l.0950945l.in.ac-versailles.fr",
         "turboself-0950945l.ac-versailles.fr"
      ],
      "commonname" : "clg-0950945l.ac-versailles.fr",
      "country" : "FR",
      "organization" : "Acad\u00e9mie de Versailles"
   },
   "subnet" : "185.58.8.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "fr"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/roundcube/?_task=mail&amp;_action=login",
   "validity" : {
      "notafter" : "2025-02-11T23:59:59Z",
      "notbefore" : "2024-02-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
185.58.11.222

Network
185.58.8.0/22

Domain(s)
ac-versailles.fr levelsys.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

https://clg-0950895g.ac-versailles.fr/roundcube/ 302

Reverse DNS
222.11.58.185.rev.levelsys.com

ASN
AS201699

Organization
Level Sys SAS

Protocol
http Cert not expired http

Source
urlscan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.4.6

HTTP Component(s)
Roundcube Webmail

CPE(s)

<enterprise field>: cpe
Issuer Common Name
GEANT OV RSA CA 4

Issuer Organization
GEANT Vereniging

Subject Organization
Académie de Versailles

Subject Common Name
clg-0950895g.ac-versailles.fr

Subject Alt Name
clg-0950895g.ac-versailles.fr amon-0950895g.0950895g.in.ac-versailles.fr turboself-0950895g.ac-versailles.fr

SHA256 Fingerprint
ee5fee700f9a29c20243ae94e1d3d71a3aa27245272dce7f59567d3d6612a3c8

Validity Not Before
2024-03-07T00:00:00Z

Validity Not After
2025-03-07T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7bdd02086d1e3d74c4123234112b462d

HTTP Header MD5
e7057413d87bae0e1e22a72ab19328d0

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 29 Oct 2024 23:56:42 GMT
Content-Type: text/html
Content-Length: 0
Connection: close
Set-Cookie: roundcube_sessid=thhbifjccpcp7t1gp90980mvg3; path=/; HttpOnly
Expires: Tue, 29 Oct 2024 23:56:42 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Tue, 29 Oct 2024 23:56:42 GMT
Set-Cookie: cas_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Location: ./?_task=mail&_action=login

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-29T23:56:44.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "product" : "Webmail",
               "productvendor" : "Roundcube"
            }
         ],
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 29 Oct 2024 23:56:42 GMT"
            }
         ],
         "headermd5" : "e7057413d87bae0e1e22a72ab19328d0",
         "headermmh3" : -288775535
      },
      "length" : 537
   },
   "asn" : "AS201699",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Pierrelaye",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.4.6 (Ubuntu)\r\nDate: Tue, 29 Oct 2024 23:56:42 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: close\r\nSet-Cookie: roundcube_sessid=thhbifjccpcp7t1gp90980mvg3; path=/; HttpOnly\r\nExpires: Tue, 29 Oct 2024 23:56:42 GMT\r\nCache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Tue, 29 Oct 2024 23:56:42 GMT\r\nSet-Cookie: cas_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\r\nLocation: ./?_task=mail&_action=login\r\n\r\n",
   "datamd5" : "7bdd02086d1e3d74c4123234112b462d",
   "datammh3" : 1594051656,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ac-versailles.fr",
      "levelsys.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "60042b4bf997e95cc983b54904f2bef8",
      "sha1" : "ee8d76de9cfa3b893f12849d40347a9151b12fbd",
      "sha256" : "ee5fee700f9a29c20243ae94e1d3d71a3aa27245272dce7f59567d3d6612a3c8"
   },
   "forward" : "clg-0950895g.ac-versailles.fr",
   "host" : [
      222,
      "amon-0950895g",
      "clg-0950895g",
      "turboself-0950895g"
   ],
   "hostname" : [
      "222.11.58.185.rev.levelsys.com",
      "amon-0950895g.0950895g.in.ac-versailles.fr",
      "clg-0950895g.ac-versailles.fr",
      "turboself-0950895g.ac-versailles.fr"
   ],
   "ip" : "185.58.11.222",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "GEANT OV RSA CA 4",
      "country" : "NL",
      "organization" : "GEANT Vereniging"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "49.0231",
   "location" : "49.0231,2.1514",
   "longitude" : "2.1514",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Level Sys SAS",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.4.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 3072
   },
   "reason" : "Found",
   "reverse" : [
      "222.11.58.185.rev.levelsys.com"
   ],
   "seen_date" : "2024-10-29",
   "serial" : "d8:8e:91:fb:85:69:00:22:99:ac:6b:33:8f:e7:e0:7a",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "urlscan",
   "status" : 302,
   "subdomains" : [
      "0950895g.in.ac-versailles.fr",
      "11.58.185.rev.levelsys.com",
      "185.rev.levelsys.com",
      "58.185.rev.levelsys.com",
      "in.ac-versailles.fr",
      "rev.levelsys.com"
   ],
   "subject" : {
      "altname" : [
         "clg-0950895g.ac-versailles.fr",
         "amon-0950895g.0950895g.in.ac-versailles.fr",
         "turboself-0950895g.ac-versailles.fr"
      ],
      "commonname" : "clg-0950895g.ac-versailles.fr",
      "country" : "FR",
      "organization" : "Acad\u00e9mie de Versailles"
   },
   "subnet" : "185.58.8.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "fr"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/roundcube/",
   "validity" : {
      "notafter" : "2025-03-07T23:59:59Z",
      "notbefore" : "2024-03-07T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
185.58.9.6

Network
185.58.8.0/22

Domain(s)
ac-versailles.fr levelsys.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

https://clg-0951154n.ac-versailles.fr/roundcube/ 302

Reverse DNS
6.9.58.185.rev.levelsys.com

ASN
AS201699

Organization
Level Sys SAS

Protocol
http Cert not expired http

Source
urlscan
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.14.0

HTTP Component(s)
Roundcube Webmail

CPE(s)

<enterprise field>: cpe
Issuer Common Name
GEANT OV RSA CA 4

Issuer Organization
GEANT Vereniging

Subject Organization
Académie de Versailles

Subject Common Name
clg-0951154n.ac-versailles.fr

Subject Alt Name
clg-0951154n.ac-versailles.fr amon-0951154n.0951154n.in.ac-versailles.fr turboself-0951154n.ac-versailles.fr

SHA256 Fingerprint
48837b2593f721c182177964e048161268217606063ed23cf7e63482b7ef827f

Validity Not Before
2024-09-16T00:00:00Z

Validity Not After
2025-09-16T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a3b7da2acdf614814a38a8119883e8b2

HTTP Header MD5
1a041fef5519c236a1493d185c7672d4

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 29 Oct 2024 13:43:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: close
Set-Cookie: roundcube_sessid=bvn775eqa8j1mtf769rq51mqg2; path=/; HttpOnly
Expires: Tue, 29 Oct 2024 13:43:05 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Tue, 29 Oct 2024 13:43:05 GMT
Set-Cookie: cas_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Location: ./?_task=mail&_action=login

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-29T13:43:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "productvendor" : "Roundcube",
               "product" : "Webmail"
            }
         ],
         "header" : [
            {
               "value" : "Tue, 29 Oct 2024 13:43:05 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "1a041fef5519c236a1493d185c7672d4",
         "headermmh3" : 1797598602
      },
      "length" : 538
   },
   "asn" : "AS201699",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Pierrelaye",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.14.0 (Ubuntu)\r\nDate: Tue, 29 Oct 2024 13:43:05 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: close\r\nSet-Cookie: roundcube_sessid=bvn775eqa8j1mtf769rq51mqg2; path=/; HttpOnly\r\nExpires: Tue, 29 Oct 2024 13:43:05 GMT\r\nCache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Tue, 29 Oct 2024 13:43:05 GMT\r\nSet-Cookie: cas_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\r\nLocation: ./?_task=mail&_action=login\r\n\r\n",
   "datamd5" : "a3b7da2acdf614814a38a8119883e8b2",
   "datammh3" : -645346633,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ac-versailles.fr",
      "levelsys.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "0001e88f93e7f6aad41512b21b716d00",
      "sha1" : "0e45ed0cdc9b3352ae31e21952529bbe0d5c635b",
      "sha256" : "48837b2593f721c182177964e048161268217606063ed23cf7e63482b7ef827f"
   },
   "forward" : "clg-0951154n.ac-versailles.fr",
   "host" : [
      6,
      "amon-0951154n",
      "clg-0951154n",
      "turboself-0951154n"
   ],
   "hostname" : [
      "6.9.58.185.rev.levelsys.com",
      "amon-0951154n.0951154n.in.ac-versailles.fr",
      "clg-0951154n.ac-versailles.fr",
      "turboself-0951154n.ac-versailles.fr"
   ],
   "ip" : "185.58.9.6",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "GEANT OV RSA CA 4",
      "country" : "NL",
      "organization" : "GEANT Vereniging"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "49.0231",
   "location" : "49.0231,2.1514",
   "longitude" : "2.1514",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Level Sys SAS",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 3072
   },
   "reason" : "Found",
   "reverse" : [
      "6.9.58.185.rev.levelsys.com"
   ],
   "seen_date" : "2024-10-29",
   "serial" : "07:98:30:6c:1b:f3:6b:5c:8b:de:1b:f6:07:f7:4d:c8",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "urlscan",
   "status" : 302,
   "subdomains" : [
      "0951154n.in.ac-versailles.fr",
      "185.rev.levelsys.com",
      "58.185.rev.levelsys.com",
      "9.58.185.rev.levelsys.com",
      "in.ac-versailles.fr",
      "rev.levelsys.com"
   ],
   "subject" : {
      "altname" : [
         "clg-0951154n.ac-versailles.fr",
         "amon-0951154n.0951154n.in.ac-versailles.fr",
         "turboself-0951154n.ac-versailles.fr"
      ],
      "commonname" : "clg-0951154n.ac-versailles.fr",
      "country" : "FR",
      "organization" : "Acad\u00e9mie de Versailles"
   },
   "subnet" : "185.58.8.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "fr"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/roundcube/",
   "validity" : {
      "notafter" : "2025-09-16T23:59:59Z",
      "notbefore" : "2024-09-16T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
185.58.11.230

Network
185.58.8.0/22

Domain(s)
ac-versailles.fr levelsys.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

https://clg-0951617s.ac-versailles.fr/roundcube/ 302

Reverse DNS
230.11.58.185.rev.levelsys.com

ASN
AS201699

Organization
Level Sys SAS

Protocol
http Cert not expired http

Source
urlscan::redirect
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.14.0

HTTP Component(s)
Roundcube Webmail

CPE(s)

<enterprise field>: cpe
Issuer Common Name
GEANT OV RSA CA 4

Issuer Organization
GEANT Vereniging

Subject Organization
Académie de Versailles

Subject Common Name
clg-0951617s.ac-versailles.fr

Subject Alt Name
clg-0951617s.ac-versailles.fr amon-0951617s.0951617s.in.ac-versailles.fr turboself-0951617s.ac-versailles.fr

SHA256 Fingerprint
6d2943bd9a0be22a1f040335a05a3a1959dc871fc7c42a59c5f3b030b7062ac6

Validity Not Before
2024-03-07T00:00:00Z

Validity Not After
2025-03-07T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a3b7da2acdf614814a38a8119883e8b2

HTTP Header MD5
1a041fef5519c236a1493d185c7672d4

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 29 Oct 2024 12:54:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: close
Set-Cookie: roundcube_sessid=v99m520rfmsd170b1vvbh0t742; path=/; HttpOnly
Expires: Tue, 29 Oct 2024 12:54:39 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Tue, 29 Oct 2024 12:54:39 GMT
Set-Cookie: cas_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Location: ./?_task=mail&_action=login

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-29T12:54:41.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "product" : "Webmail",
               "productvendor" : "Roundcube"
            }
         ],
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 29 Oct 2024 12:54:39 GMT"
            }
         ],
         "headermd5" : "1a041fef5519c236a1493d185c7672d4",
         "headermmh3" : 528891119
      },
      "length" : 538
   },
   "asn" : "AS201699",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Pierrelaye",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.14.0 (Ubuntu)\r\nDate: Tue, 29 Oct 2024 12:54:39 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: close\r\nSet-Cookie: roundcube_sessid=v99m520rfmsd170b1vvbh0t742; path=/; HttpOnly\r\nExpires: Tue, 29 Oct 2024 12:54:39 GMT\r\nCache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Tue, 29 Oct 2024 12:54:39 GMT\r\nSet-Cookie: cas_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\r\nLocation: ./?_task=mail&_action=login\r\n\r\n",
   "datamd5" : "a3b7da2acdf614814a38a8119883e8b2",
   "datammh3" : -645346633,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ac-versailles.fr",
      "levelsys.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "9ff2960b7720094cdf7560617c3b3891",
      "sha1" : "427282de406c246828bd9da074c207e688f99b70",
      "sha256" : "6d2943bd9a0be22a1f040335a05a3a1959dc871fc7c42a59c5f3b030b7062ac6"
   },
   "forward" : "clg-0951617s.ac-versailles.fr",
   "host" : [
      230,
      "amon-0951617s",
      "clg-0951617s",
      "turboself-0951617s"
   ],
   "hostname" : [
      "230.11.58.185.rev.levelsys.com",
      "amon-0951617s.0951617s.in.ac-versailles.fr",
      "clg-0951617s.ac-versailles.fr",
      "turboself-0951617s.ac-versailles.fr"
   ],
   "ip" : "185.58.11.230",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "GEANT OV RSA CA 4",
      "country" : "NL",
      "organization" : "GEANT Vereniging"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "49.0231",
   "location" : "49.0231,2.1514",
   "longitude" : "2.1514",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Level Sys SAS",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 3072
   },
   "reason" : "Found",
   "reverse" : [
      "230.11.58.185.rev.levelsys.com"
   ],
   "seen_date" : "2024-10-29",
   "serial" : "f7:e9:27:86:da:f2:93:19:02:b0:f8:39:a6:ef:74:8f",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "urlscan::redirect",
   "status" : 302,
   "subdomains" : [
      "0951617s.in.ac-versailles.fr",
      "11.58.185.rev.levelsys.com",
      "185.rev.levelsys.com",
      "58.185.rev.levelsys.com",
      "in.ac-versailles.fr",
      "rev.levelsys.com"
   ],
   "subject" : {
      "altname" : [
         "clg-0951617s.ac-versailles.fr",
         "amon-0951617s.0951617s.in.ac-versailles.fr",
         "turboself-0951617s.ac-versailles.fr"
      ],
      "commonname" : "clg-0951617s.ac-versailles.fr",
      "country" : "FR",
      "organization" : "Acad\u00e9mie de Versailles"
   },
   "subnet" : "185.58.8.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "fr"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/roundcube/",
   "validity" : {
      "notafter" : "2025-03-07T23:59:59Z",
      "notbefore" : "2024-03-07T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
185.187.165.150

Network
185.187.164.0/22

Domain(s)
ac-versailles.fr siamko.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

https://clg-0950046j.ac-versailles.fr/roundcube/ 302

Reverse DNS
150.165.187.185.rev.siamko.com

ASN
AS201699

Organization
Level Sys SAS

Protocol
http Cert not expired http

Source
urlscan::redirect
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.14.0

HTTP Component(s)
Roundcube Webmail

CPE(s)

<enterprise field>: cpe
Issuer Common Name
GEANT OV RSA CA 4

Issuer Organization
GEANT Vereniging

Subject Organization
Académie de Versailles

Subject Common Name
clg-0950046j.ac-versailles.fr

Subject Alt Name
clg-0950046j.ac-versailles.fr amon-0950046j.0950046j.in.ac-versailles.fr

SHA256 Fingerprint
b8566fe6753ce4e8bf5422c81a171ff36c862698e07ddab7085c0fa9cf697e4f

Validity Not Before
2024-03-07T00:00:00Z

Validity Not After
2025-03-07T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a3b7da2acdf614814a38a8119883e8b2

HTTP Header MD5
1a041fef5519c236a1493d185c7672d4

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 29 Oct 2024 12:54:38 GMT
Content-Type: text/html
Content-Length: 0
Connection: close
Set-Cookie: roundcube_sessid=fiuqds578ge20iug4vm8o1k241; path=/; HttpOnly
Expires: Tue, 29 Oct 2024 12:54:38 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Tue, 29 Oct 2024 12:54:38 GMT
Set-Cookie: cas_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Location: ./?_task=mail&_action=login

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-29T12:54:40.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "product" : "Webmail",
               "productvendor" : "Roundcube"
            }
         ],
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 29 Oct 2024 12:54:38 GMT"
            }
         ],
         "headermd5" : "1a041fef5519c236a1493d185c7672d4",
         "headermmh3" : 1571412136
      },
      "length" : 538
   },
   "asn" : "AS201699",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "\u00c9pinay-sur-Seine",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.14.0 (Ubuntu)\r\nDate: Tue, 29 Oct 2024 12:54:38 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: close\r\nSet-Cookie: roundcube_sessid=fiuqds578ge20iug4vm8o1k241; path=/; HttpOnly\r\nExpires: Tue, 29 Oct 2024 12:54:38 GMT\r\nCache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Tue, 29 Oct 2024 12:54:38 GMT\r\nSet-Cookie: cas_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\r\nLocation: ./?_task=mail&_action=login\r\n\r\n",
   "datamd5" : "a3b7da2acdf614814a38a8119883e8b2",
   "datammh3" : -645346633,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ac-versailles.fr",
      "siamko.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "8eff8835d734d9360c4897884dad8c19",
      "sha1" : "0e7e8aa361b1abe1612bacc2159845df60dff73e",
      "sha256" : "b8566fe6753ce4e8bf5422c81a171ff36c862698e07ddab7085c0fa9cf697e4f"
   },
   "forward" : "clg-0950046j.ac-versailles.fr",
   "geolocus" : {
      "asn" : "AS201699",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "siamko.com"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "NET-LEVELSYS-100",
      "organization" : "FR-SIAMKO",
      "subnet" : "185.187.164.0/22"
   },
   "host" : [
      150,
      "amon-0950046j",
      "clg-0950046j"
   ],
   "hostname" : [
      "150.165.187.185.rev.siamko.com",
      "amon-0950046j.0950046j.in.ac-versailles.fr",
      "clg-0950046j.ac-versailles.fr"
   ],
   "ip" : "185.187.165.150",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "GEANT OV RSA CA 4",
      "country" : "NL",
      "organization" : "GEANT Vereniging"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "48.9512",
   "location" : "48.9512,2.3144",
   "longitude" : "2.3144",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Level Sys SAS",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 3072
   },
   "reason" : "Found",
   "reverse" : [
      "150.165.187.185.rev.siamko.com"
   ],
   "seen_date" : "2024-10-29",
   "serial" : "9e:12:32:ec:6a:44:eb:a2:3b:56:30:0e:7a:e7:61:85",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "urlscan::redirect",
   "status" : 302,
   "subdomains" : [
      "0950046j.in.ac-versailles.fr",
      "165.187.185.rev.siamko.com",
      "185.rev.siamko.com",
      "187.185.rev.siamko.com",
      "in.ac-versailles.fr",
      "rev.siamko.com"
   ],
   "subject" : {
      "altname" : [
         "clg-0950046j.ac-versailles.fr",
         "amon-0950046j.0950046j.in.ac-versailles.fr"
      ],
      "commonname" : "clg-0950046j.ac-versailles.fr",
      "country" : "FR",
      "organization" : "Acad\u00e9mie de Versailles"
   },
   "subnet" : "185.187.164.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "fr"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/roundcube/",
   "validity" : {
      "notafter" : "2025-03-07T23:59:59Z",
      "notbefore" : "2024-03-07T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
162.216.17.84

Network
162.216.16.0/22

Domain(s)
poweredbymomentum.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

http://162.216.17.84/mail/ 302

Reverse DNS
momentum1.poweredbymomentum.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
urlscan::redirect
Operating System
Linux Linux Ubuntu

Product
Apache HTTP Server 2.4.18

HTTP Component(s)
Roundcube Webmail

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
bfcd6c9fb59a08ce1708e101804047a6

HTTP Header MD5
6b2cd1f7537b51edd5f4ee5f153e6443

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Date: Tue, 29 Oct 2024 12:08:53 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: roundcube_sessid=9tmo2j5okcrifcl0rkvipt0qu5; path=/; HttpOnly
Expires: Tue, 29 Oct 2024 12:08:53 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Tue, 29 Oct 2024 12:08:53 GMT
X-DNS-Prefetch-Control: off
Location: https://<ip>/mail/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-29T12:08:54.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "product" : "Webmail",
               "productvendor" : "Roundcube"
            }
         ],
         "header" : [
            {
               "value" : "Tue, 29 Oct 2024 12:08:53 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "6b2cd1f7537b51edd5f4ee5f153e6443",
         "headermmh3" : 1445743214
      },
      "length" : 495
   },
   "asn" : "AS63949",
   "city" : "Cedar Knolls",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Tue, 29 Oct 2024 12:08:53 GMT\r\nServer: Apache/2.4.18 (Ubuntu)\r\nSet-Cookie: roundcube_sessid=9tmo2j5okcrifcl0rkvipt0qu5; path=/; HttpOnly\r\nExpires: Tue, 29 Oct 2024 12:08:53 GMT\r\nCache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Tue, 29 Oct 2024 12:08:53 GMT\r\nX-DNS-Prefetch-Control: off\r\nLocation: https://<ip>/mail/\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n",
   "datamd5" : "bfcd6c9fb59a08ce1708e101804047a6",
   "datammh3" : 2087228668,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "poweredbymomentum.com"
   ],
   "forward" : "162.216.17.84",
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "162.216.16.0/22"
   },
   "host" : [
      "momentum1"
   ],
   "hostname" : [
      "162.216.17.84",
      "momentum1.poweredbymomentum.com"
   ],
   "ip" : "162.216.17.84",
   "ipv6" : "false",
   "latitude" : "40.8229",
   "location" : "40.8229,-74.4592",
   "longitude" : "-74.4592",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 80,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.18",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "momentum1.poweredbymomentum.com"
   ],
   "seen_date" : "2024-10-29",
   "source" : "urlscan::redirect",
   "status" : 302,
   "subnet" : "162.216.16.0/22",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/mail/"
}

IP
185.58.9.110

Network
185.58.8.0/22

Domain(s)
ac-versailles.fr levelsys.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

https://clg-0950723v.ac-versailles.fr/roundcube/ 302

Reverse DNS
110.9.58.185.rev.levelsys.com

ASN
AS201699

Organization
Level Sys SAS

Protocol
http Cert not expired http

Source
urlscan::redirect
Operating System
Linux Linux Ubuntu

Product
F5 Nginx 1.14.0

HTTP Component(s)
Roundcube Webmail

CPE(s)

<enterprise field>: cpe
Issuer Common Name
GEANT OV RSA CA 4

Issuer Organization
GEANT Vereniging

Subject Organization
Académie de Versailles

Subject Common Name
clg-0950723v.ac-versailles.fr

Subject Alt Name
clg-0950723v.ac-versailles.fr amon-0950723v.0950723v.in.ac-versailles.fr

SHA256 Fingerprint
5709d1e6d9045d317eb7bcbdede8f395c3fdc7ddfbc7942aad3db50dc6bb218b

Validity Not Before
2024-03-07T00:00:00Z

Validity Not After
2025-03-07T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a3b7da2acdf614814a38a8119883e8b2

HTTP Header MD5
1a041fef5519c236a1493d185c7672d4

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 29 Oct 2024 11:58:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: close
Set-Cookie: roundcube_sessid=tladsu59r8hgduh79mlnkft1m7; path=/; HttpOnly
Expires: Tue, 29 Oct 2024 11:58:53 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Tue, 29 Oct 2024 11:58:53 GMT
Set-Cookie: cas_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Location: ./?_task=mail&_action=login

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-29T11:58:55.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "product" : "Webmail",
               "productvendor" : "Roundcube"
            }
         ],
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 29 Oct 2024 11:58:53 GMT"
            }
         ],
         "headermd5" : "1a041fef5519c236a1493d185c7672d4",
         "headermmh3" : 19166526
      },
      "length" : 538
   },
   "asn" : "AS201699",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Pierrelaye",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nServer: nginx/1.14.0 (Ubuntu)\r\nDate: Tue, 29 Oct 2024 11:58:53 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: close\r\nSet-Cookie: roundcube_sessid=tladsu59r8hgduh79mlnkft1m7; path=/; HttpOnly\r\nExpires: Tue, 29 Oct 2024 11:58:53 GMT\r\nCache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Tue, 29 Oct 2024 11:58:53 GMT\r\nSet-Cookie: cas_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0\r\nLocation: ./?_task=mail&_action=login\r\n\r\n",
   "datamd5" : "a3b7da2acdf614814a38a8119883e8b2",
   "datammh3" : -645346633,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ac-versailles.fr",
      "levelsys.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "9659cea72232d13f4306e69f7ead6fd3",
      "sha1" : "82a52ea2e75fe6585d3c267d0247d4b5e9597076",
      "sha256" : "5709d1e6d9045d317eb7bcbdede8f395c3fdc7ddfbc7942aad3db50dc6bb218b"
   },
   "forward" : "clg-0950723v.ac-versailles.fr",
   "host" : [
      110,
      "amon-0950723v",
      "clg-0950723v"
   ],
   "hostname" : [
      "110.9.58.185.rev.levelsys.com",
      "amon-0950723v.0950723v.in.ac-versailles.fr",
      "clg-0950723v.ac-versailles.fr"
   ],
   "ip" : "185.58.9.110",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "GEANT OV RSA CA 4",
      "country" : "NL",
      "organization" : "GEANT Vereniging"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "49.0231",
   "location" : "49.0231,2.1514",
   "longitude" : "2.1514",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Level Sys SAS",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 3072
   },
   "reason" : "Found",
   "reverse" : [
      "110.9.58.185.rev.levelsys.com"
   ],
   "seen_date" : "2024-10-29",
   "serial" : "86:f2:e3:42:c6:42:32:d6:5e:3c:b5:af:1e:25:a9:bd",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "urlscan::redirect",
   "status" : 302,
   "subdomains" : [
      "0950723v.in.ac-versailles.fr",
      "185.rev.levelsys.com",
      "58.185.rev.levelsys.com",
      "9.58.185.rev.levelsys.com",
      "in.ac-versailles.fr",
      "rev.levelsys.com"
   ],
   "subject" : {
      "altname" : [
         "clg-0950723v.ac-versailles.fr",
         "amon-0950723v.0950723v.in.ac-versailles.fr"
      ],
      "commonname" : "clg-0950723v.ac-versailles.fr",
      "country" : "FR",
      "organization" : "Acad\u00e9mie de Versailles"
   },
   "subnet" : "185.58.8.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "fr"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/roundcube/",
   "validity" : {
      "notafter" : "2025-03-07T23:59:59Z",
      "notbefore" : "2024-03-07T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

Returning 10 result(s) out of 595 in 0.083 second(s)

46.20.228.199:80 (tcp/http) - last seen on 2024-11-01 at 02:20:25 UTC

90.147.34.6:80 (tcp/http) - last seen on 2024-11-01 at 01:25:20 UTC

90.147.34.6:80 (tcp/http) - last seen on 2024-10-31 at 18:35:09 UTC

185.58.11.158:443 (tcp/http/tls) - last seen on 2024-10-30 at 05:48:56 UTC

185.58.11.222:443 (tcp/http/tls) - last seen on 2024-10-29 at 23:56:44 UTC

185.58.9.6:443 (tcp/http/tls) - last seen on 2024-10-29 at 13:43:07 UTC

185.58.11.230:443 (tcp/http/tls) - last seen on 2024-10-29 at 12:54:41 UTC

185.187.165.150:443 (tcp/http/tls) - last seen on 2024-10-29 at 12:54:40 UTC

162.216.17.84:80 (tcp/http) - last seen on 2024-10-29 at 12:08:54 UTC

185.58.9.110:443 (tcp/http/tls) - last seen on 2024-10-29 at 11:58:55 UTC