Cyber Defense Search Engine

IP
119.42.115.61

Network
119.42.64.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS131090

Organization
CAT TELECOM Public Company Ltd,CAT

Protocol
ftp

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
4ebeaf69f27e86676c1812aa24e5617f

220 Welcome to virtual FTP service.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
331 Please specify the password.
530 Login incorrect.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:59:41.000Z",
   "app" : {
      "ftp" : {
         "anonymous" : "false"
      },
      "length" : 319
   },
   "asn" : "AS131090",
   "city" : "Pattaya",
   "country" : "TH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220 Welcome to virtual FTP service.\r\n530 Please login with USER and PASS.\r\n530 Please login with USER and PASS.\r\n530 Please login with USER and PASS.\r\n530 Please login with USER and PASS.\r\n530 Please login with USER and PASS.\r\n530 Please login with USER and PASS.\r\n331 Please specify the password.\n530 Login incorrect.\n",
   "datamd5" : "4ebeaf69f27e86676c1812aa24e5617f",
   "datammh3" : 1237750718,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS131090",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "TH",
      "countryname" : "Thailand",
      "domain" : [
         "cat.net.th"
      ],
      "isineu" : "false",
      "latitude" : "15.870032",
      "location" : "15.870032,100.992541",
      "longitude" : "100.992541",
      "netname" : "CAT-BB-NET",
      "organization" : "CAT Telecom Public Company Limited",
      "subnet" : "119.42.112.0/20"
   },
   "ip" : "119.42.115.61",
   "ipv6" : "false",
   "latitude" : "13.0508",
   "location" : "13.0508,100.9367",
   "longitude" : "100.9367",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CAT TELECOM Public Company Ltd,CAT",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2121,
   "protocol" : "ftp",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "119.42.64.0/18",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
124.198.118.27

Network
124.198.64.0/18

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS4766

Organization
Korea Telecom

Protocol
ftp

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e1e4e8df63c162b4a74eb2cba816e383

220 v
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
331 Password required for anonymous
530 Login or password incorrect!

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:59:10.000Z",
   "app" : {
      "ftp" : {
         "anonymous" : "false"
      },
      "length" : 322
   },
   "asn" : "AS4766",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220 v\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n331 Password required for anonymous\n530 Login or password incorrect!\n",
   "datamd5" : "e1e4e8df63c162b4a74eb2cba816e383",
   "datammh3" : -814851475,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4766",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "haion.net",
         "nic.or.kr"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "HAIONNET",
      "organization" : "HAIonNet",
      "subnet" : "124.198.0.0/17"
   },
   "ip" : "124.198.118.27",
   "ipv6" : "false",
   "latitude" : "37.5112",
   "location" : "37.5112,126.9741",
   "longitude" : "126.9741",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Korea Telecom",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 2121,
   "protocol" : "ftp",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "124.198.64.0/18",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
188.131.228.18

Network
188.131.128.0/17

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://188.131.228.18:2121/ 200

ASN
AS45090

Organization
Shenzhen Tencent Computer Systems Company Limited

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Proxy Proxy

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a32787c62396cb8fb71033a514e46fd0

HTTP Header MD5
a91a8cc9907e923eb08191fee3bb75c7

HTTP Body MD5
1be8f77253cdc518351f946c456a38fc

HTTP/1.0 200 OK
Server: Proxy




Unauthorized ...

IP Address: <srcip>
MAC Address: 
Server Time: 2024-11-21 16:59:06
Auth Result: ????.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:59:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "1be8f77253cdc518351f946c456a38fc",
         "bodymmh3" : -791201105,
         "headermd5" : "a91a8cc9907e923eb08191fee3bb75c7",
         "headermmh3" : 141730637
      },
      "length" : 154
   },
   "asn" : "AS45090",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nServer: Proxy\r\n\r\n\r\n\r\n\r\nUnauthorized ...\r\n\r\nIP Address: <srcip>\r\nMAC Address: \r\nServer Time: 2024-11-21 16:59:06\r\nAuth Result: ????.\r\n\r\n\r\n",
   "datamd5" : "a32787c62396cb8fb71033a514e46fd0",
   "datammh3" : -1021035133,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "188.131.228.18",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Shenzhen Tencent Computer Systems Company Limited",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 2121,
   "product" : "Proxy",
   "productvendor" : "Proxy",
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "188.131.128.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
212.64.65.225

Network
212.64.0.0/17

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://212.64.65.225:2121/ 200

ASN
AS45090

Organization
Shenzhen Tencent Computer Systems Company Limited

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Proxy Proxy

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
fa3337f872425a5771df0b15e8b1da90

HTTP Header MD5
a91a8cc9907e923eb08191fee3bb75c7

HTTP Body MD5
9cf3400cae8db8582f7e33a4929f6c69

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...
IP Address: <srcip>
MAC Address: 
Server Time: 2024-11-21 16:59:34
Auth Result: 无效用户.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:59:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "9cf3400cae8db8582f7e33a4929f6c69",
         "bodymmh3" : -1118260026,
         "headermd5" : "a91a8cc9907e923eb08191fee3bb75c7",
         "headermmh3" : 141730637
      },
      "length" : 148
   },
   "asn" : "AS45090",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nServer: Proxy\r\n\r\nUnauthorized ...\r\nIP Address: <srcip>\r\nMAC Address: \r\nServer Time: 2024-11-21 16:59:34\r\nAuth Result: \u65e0\u6548\u7528\u6237.",
   "datamd5" : "fa3337f872425a5771df0b15e8b1da90",
   "datammh3" : -1212749308,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS45090",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "tencent.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "TENCENT-CN",
      "organization" : "Tencent Cloud Computing (Beijing) Co., Ltd",
      "subnet" : "212.64.0.0/17"
   },
   "ip" : "212.64.65.225",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Shenzhen Tencent Computer Systems Company Limited",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 2121,
   "product" : "Proxy",
   "productvendor" : "Proxy",
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "212.64.0.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
106.58.216.201

Network
106.58.0.0/16

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://106.58.216.201:2121/ 200

ASN
AS4134

Organization
Chinanet

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Proxy Proxy

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
c79545ef8b21e37104c0071538da06e4

HTTP Header MD5
a91a8cc9907e923eb08191fee3bb75c7

HTTP Body MD5
38d054ad9c4527a62d107a9144becf00

HTTP/1.0 200 OK
Server: Proxy




Unauthorized ...

IP Address: <srcip>
MAC Address: 
Server Time: 2024-11-21 16:59:05
Auth Result: 无效用户.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:59:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "38d054ad9c4527a62d107a9144becf00",
         "bodymmh3" : 805763023,
         "headermd5" : "a91a8cc9907e923eb08191fee3bb75c7",
         "headermmh3" : 141730637
      },
      "length" : 162
   },
   "asn" : "AS4134",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nServer: Proxy\r\n\r\n\r\n\r\n\r\nUnauthorized ...\r\n\r\nIP Address: <srcip>\r\nMAC Address: \r\nServer Time: 2024-11-21 16:59:05\r\nAuth Result: \u65e0\u6548\u7528\u6237.\r\n\r\n\r\n",
   "datamd5" : "c79545ef8b21e37104c0071538da06e4",
   "datammh3" : 1430846320,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4134",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "163.com",
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-YN",
      "organization" : "CHINANET YunNan PROVINCE NETWORK",
      "subnet" : "106.58.0.0/16"
   },
   "ip" : "106.58.216.201",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Chinanet",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 2121,
   "product" : "Proxy",
   "productvendor" : "Proxy",
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "106.58.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
188.32.4.32

Network
188.32.0.0/16

Domain(s)
rt.ru

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

Reverse DNS
broadband-188-32-4-32.ip.moscow.rt.ru

ASN
AS42610

Organization
Rostelecom

Protocol
ftp

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ff893abcea3a0604196778668bc69b7f

220-GPSFTP Server 0.9.60 beta
220-Welcome CMS
220 Please visit CMS
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
331 Password required for anonymous
530 Not logged in, user account has been disabled

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:59:01.000Z",
   "app" : {
      "ftp" : {
         "anonymous" : "false"
      },
      "length" : 402
   },
   "asn" : "AS42610",
   "city" : "Moscow",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-GPSFTP Server 0.9.60 beta\r\n220-Welcome CMS\r\n220 Please visit CMS\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n331 Password required for anonymous\n530 Not logged in, user account has been disabled\n",
   "datamd5" : "ff893abcea3a0604196778668bc69b7f",
   "datammh3" : 966811426,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "rt.ru"
   ],
   "host" : [
      "broadband-188-32-4-32"
   ],
   "hostname" : [
      "broadband-188-32-4-32.ip.moscow.rt.ru"
   ],
   "ip" : "188.32.4.32",
   "ipv6" : "false",
   "latitude" : "55.7483",
   "location" : "55.7483,37.6171",
   "longitude" : "37.6171",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Rostelecom",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 2121,
   "protocol" : "ftp",
   "reverse" : [
      "broadband-188-32-4-32.ip.moscow.rt.ru"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subdomains" : [
      "ip.moscow.rt.ru",
      "moscow.rt.ru"
   ],
   "subnet" : "188.32.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ru"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
110.40.83.81

Network
110.40.64.0/18

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS38283

Organization
CHINANET SiChuan Telecom Internet Data Center

Protocol
ftp

Source
datascan
Operating System
Microsoft Windows

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
cab0570f0c916d279ecf2d43a7c6d174

220-CCProxy FTP Service
220-you need to input userid@site as login name.
220 Example: user anonymous@ftp.netscape.com

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:58:54.000Z",
   "app" : {
      "length" : 121
   },
   "asn" : "AS38283",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-CCProxy FTP Service\r\n220-you need to input userid@site as login name.\r\n220 Example: user anonymous@ftp.netscape.com\r\n",
   "datamd5" : "cab0570f0c916d279ecf2d43a7c6d174",
   "datammh3" : 2051185703,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS38283",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnnic.cn",
         "poweridc.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CDJL",
      "organization" : "Chengdu Giant Times Technology Co.,Ltd",
      "subnet" : "110.40.64.0/18"
   },
   "ip" : "110.40.83.81",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CHINANET SiChuan Telecom Internet Data Center",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 2121,
   "protocol" : "ftp",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "110.40.64.0/18",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
103.191.169.95

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://103.191.169.95:2121/ 301

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
Proxmox Virtual Environment 3.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
638c071fa5cff8f4b067f48e1d273f85

HTTP Header MD5
de2c54cdd1e009b0f283ed93c4545e2b

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=0
Connection: close
Date: Thu, 21 Nov 2024 08:58:53 GMT
Pragma: no-cache
Location: https://<ip>:2121/
Server: pve-api-daemon/3.0
Expires: Thu, 21 Nov 2024 08:58:53 GMT

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:58:53.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "de2c54cdd1e009b0f283ed93c4545e2b",
         "headermmh3" : 1525101642
      },
      "length" : 232
   },
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nCache-Control: max-age=0\r\nConnection: close\r\nDate: Thu, 21 Nov 2024 08:58:53 GMT\r\nPragma: no-cache\r\nLocation: https://<ip>:2121/\r\nServer: pve-api-daemon/3.0\r\nExpires: Thu, 21 Nov 2024 08:58:53 GMT\r\n\r\n",
   "datamd5" : "638c071fa5cff8f4b067f48e1d273f85",
   "datammh3" : 1819099344,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "sbjnet.id"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "IDNIC-SBJNET-ID",
      "organization" : "PT Sugi Bintang Jaya",
      "subnet" : "103.191.169.0/24"
   },
   "ip" : "103.191.169.95",
   "ipv6" : "false",
   "latitude" : "-6.1728",
   "location" : "-6.1728,106.8272",
   "longitude" : "106.8272",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2121,
   "product" : "Virtual Environment",
   "productvendor" : "Proxmox",
   "productversion" : "3.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 301,
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
111.231.50.144

Network
111.230.0.0/15

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://111.231.50.144:2121/ 200

ASN
AS45090

Organization
Shenzhen Tencent Computer Systems Company Limited

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Proxy Proxy

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
c4c644366c4255656145d18a1bfb2bd4

HTTP Header MD5
a91a8cc9907e923eb08191fee3bb75c7

HTTP Body MD5
5fc31e2de82a897f0e891bc84895defb

HTTP/1.0 200 OK
Server: Proxy




Unauthorized ...

IP Address: <srcip>
MAC Address: 
Server Time: 2024-11-21 16:58:52
Auth Result: 无效用户.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:58:52.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "5fc31e2de82a897f0e891bc84895defb",
         "bodymmh3" : 1158863068,
         "headermd5" : "a91a8cc9907e923eb08191fee3bb75c7",
         "headermmh3" : 141730637
      },
      "length" : 162
   },
   "asn" : "AS45090",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nServer: Proxy\r\n\r\n\r\n\r\n\r\nUnauthorized ...\r\n\r\nIP Address: <srcip>\r\nMAC Address: \r\nServer Time: 2024-11-21 16:58:52\r\nAuth Result: \u65e0\u6548\u7528\u6237.\r\n\r\n\r\n",
   "datamd5" : "c4c644366c4255656145d18a1bfb2bd4",
   "datammh3" : -1628667405,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS45090",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnnic.cn",
         "tencent.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "TencentCloud",
      "organization" : "TencentCloud",
      "subnet" : "111.230.0.0/15"
   },
   "ip" : "111.231.50.144",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Shenzhen Tencent Computer Systems Company Limited",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 2121,
   "product" : "Proxy",
   "productvendor" : "Proxy",
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "111.230.0.0/15",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
41.105.188.81

Network
41.96.0.0/12

Device

<enterprise field>: device.class

ASN
AS36947

Organization
Telecom Algeria

Protocol
ftp

Source
datascan

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
512481217783e38208c82be81fae06ca

220 TBS ftpd 2.2 at <ip> ready.
500 Unknown command: "GET / HTTP/1.1"
500 Unknown command: "Host: <ip>:2121"
500 Unknown command: "Connection: close"
331 Password please.
500 Unknown command: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
500 Unknown command: "Accept-Language: en-US,en;q=0.5"
500 Unknown command: ""
503 Username already given.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:58:38.000Z",
   "app" : {
      "ftp" : {
         "anonymous" : "false"
      },
      "length" : 381
   },
   "asn" : "AS36947",
   "city" : "El Hadjira",
   "country" : "DZ",
   "data" : "220 TBS ftpd 2.2 at <ip> ready.\r\n500 Unknown command: \"GET / HTTP/1.1\"\r\n500 Unknown command: \"Host: <ip>:2121\"\r\n500 Unknown command: \"Connection: close\"\r\n331 Password please.\r\n500 Unknown command: \"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\"\r\n500 Unknown command: \"Accept-Language: en-US,en;q=0.5\"\r\n500 Unknown command: \"\"\r\n503 Username already given.\n",
   "datamd5" : "512481217783e38208c82be81fae06ca",
   "datammh3" : -518646196,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS36947",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "DZ",
      "countryname" : "Algeria",
      "isineu" : "false",
      "latitude" : "28.033886",
      "location" : "28.033886,1.659626",
      "longitude" : "1.659626",
      "netname" : "OUARGLA",
      "organization" : "Algerie Telecom",
      "subnet" : "41.105.0.0/16"
   },
   "ip" : "41.105.188.81",
   "ipv6" : "false",
   "latitude" : "32.6027",
   "location" : "32.6027,5.9135",
   "longitude" : "5.9135",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Telecom Algeria",
   "port" : 2121,
   "protocol" : "ftp",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "41.96.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 296,341 in 0.211 second(s)

119.42.115.61:2121 (tcp/ftp) - last seen on 2024-11-21 at 08:59:41 UTC

124.198.118.27:2121 (tcp/ftp) - last seen on 2024-11-21 at 08:59:10 UTC

188.131.228.18:2121 (tcp/http) - last seen on 2024-11-21 at 08:59:06 UTC

212.64.65.225:2121 (tcp/http) - last seen on 2024-11-21 at 08:59:05 UTC

106.58.216.201:2121 (tcp/http) - last seen on 2024-11-21 at 08:59:05 UTC

188.32.4.32:2121 (tcp/ftp) - last seen on 2024-11-21 at 08:59:01 UTC

110.40.83.81:2121 (tcp/ftp) - last seen on 2024-11-21 at 08:58:54 UTC

103.191.169.95:2121 (tcp/http) - last seen on 2024-11-21 at 08:58:53 UTC

111.231.50.144:2121 (tcp/http) - last seen on 2024-11-21 at 08:58:52 UTC

41.105.188.81:2121 (tcp/ftp) - last seen on 2024-11-21 at 08:58:38 UTC