Cyber Defense Search Engine

IP
13.245.136.10

Network
13.244.0.0/14

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://13.245.136.10:2376/ 200

Reverse DNS
ec2-13-245-136-10.af-south-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
1cc70735a50690e7e91722555052e7e5

HTTP Header MD5
b9e48885c4ec6c85f645f158779f5581

HTTP Body MD5
21dde95d9d269cbb2fa6560309dca40c

HTTP/1.1 200 OK
Content-Length: 177

<html><body><h1>It works!</h1>
<p>This is the default web page for this server.</p>
<p>The web server software is running but no content has been added, yet.</p>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:26:10.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "21dde95d9d269cbb2fa6560309dca40c",
         "bodymmh3" : 896066839,
         "headermd5" : "b9e48885c4ec6c85f645f158779f5581",
         "headermmh3" : -397501074
      },
      "length" : 214
   },
   "asn" : "AS16509",
   "city" : "Cape Town",
   "country" : "ZA",
   "data" : "HTTP/1.1 200 OK\nContent-Length: 177\n\n<html><body><h1>It works!</h1>\n<p>This is the default web page for this server.</p>\n<p>The web server software is running but no content has been added, yet.</p>\n</body></html>\n",
   "datamd5" : "1cc70735a50690e7e91722555052e7e5",
   "datammh3" : -1295061933,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "ZA",
      "countryname" : "South Africa",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "-30.559482",
      "location" : "-30.559482,22.937506",
      "longitude" : "22.937506",
      "netname" : "AMAZON-CPT",
      "organization" : "Amazon Data Services South Africa",
      "subnet" : "13.244.0.0/14"
   },
   "host" : [
      "ec2-13-245-136-10"
   ],
   "hostname" : [
      "ec2-13-245-136-10.af-south-1.compute.amazonaws.com"
   ],
   "ip" : "13.245.136.10",
   "ipv6" : "false",
   "latitude" : "-34.0486",
   "location" : "-34.0486,18.4811",
   "longitude" : "18.4811",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2376,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-13-245-136-10.af-south-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "af-south-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "13.244.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
43.207.56.66

Network
43.200.0.0/13

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
ec2-43-207-56-66.ap-northeast-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
telnet

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a0208af99d532e1084d6ea1e5462089e

\xff\xfb\x01\xff\xfb\x03\xff\xfc'\xff\xfe\x01\xff\xfd\x03\xff\xfe"\xff\xfd'\xff\xfd\x18\xff\xfe\x1fUsername: GET / HTTP/1.1\x0d
Password:

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:01:33.000Z",
   "app" : {
      "length" : 63
   },
   "asn" : "AS16509",
   "city" : "Tokyo",
   "country" : "JP",
   "data" : "\\xff\\xfb\\x01\\xff\\xfb\\x03\\xff\\xfc'\\xff\\xfe\\x01\\xff\\xfd\\x03\\xff\\xfe\"\\xff\\xfd'\\xff\\xfd\\x18\\xff\\xfe\\x1fUsername: GET / HTTP/1.1\\x0d\nPassword: ",
   "datamd5" : "a0208af99d532e1084d6ea1e5462089e",
   "datammh3" : -1872544805,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AMAZON-AS-AP",
      "organization" : "Amazon.com, Inc.",
      "subnet" : "43.206.0.0/15"
   },
   "host" : [
      "ec2-43-207-56-66"
   ],
   "hostname" : [
      "ec2-43-207-56-66.ap-northeast-1.compute.amazonaws.com"
   ],
   "ip" : "43.207.56.66",
   "ipv6" : "false",
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2376,
   "protocol" : "telnet",
   "reverse" : [
      "ec2-43-207-56-66.ap-northeast-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subdomains" : [
      "ap-northeast-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "43.200.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
18.132.245.254

Network
18.132.0.0/14

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

Operating System
Cisco IOS

URL

http://18.132.245.254:2376/ 200

HTTP Title
SSL VPN Service

Reverse DNS
ec2-18-132-245-254.eu-west-2.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Cisco IOS

Product
F5 Nginx

HTTP Component(s)
Cisco WebVPN

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e73fb32120bbccbb6ce84d72a9811f27

HTTP Header MD5
9f060a9cb1b31c417a3a68e629ae97e3

HTTP Body MD5
f7876d48967864b57d32b168c0fba837

HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 Nov 2024 10:00:25 GMT
Server: nginx
Content-Length: 627
Content-Type: text/html

<?xml version="1.0" encoding="UTF-8"?>
<auth id="main">
<title>SSL VPN Service</title>
<ca status="disabled" href="/+CSCOCA+/login.html" />



<banner></banner>
<message>Please enter your username and password.</message>


<form method="post" action="/+webvpn+/index.html">

<input type="text" name="username" label="Username:" />
<input type="password" name="password" label="Password:" />


<select name="group_list" label="GROUP:">
<option value="telecommuters" noaaa="0" >Remote_Users</option></select>

<input type="submit" name="Login" value="Login" />
<input type="reset" name="Clear" value="Clear" />


</form>
</auth>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:00:26.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "f7876d48967864b57d32b168c0fba837",
         "bodymmh3" : 353668724,
         "component" : [
            {
               "product" : "WebVPN",
               "productvendor" : "Cisco"
            }
         ],
         "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
         "headermmh3" : -2017433680,
         "title" : "SSL VPN Service"
      },
      "length" : 763
   },
   "asn" : "AS16509",
   "city" : "London",
   "country" : "GB",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 21 Nov 2024 10:00:25 GMT\r\nServer: nginx\r\nContent-Length: 627\r\nContent-Type: text/html\r\n\r\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<auth id=\"main\">\n<title>SSL VPN Service</title>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n\n\n\n<banner></banner>\n<message>Please enter your username and password.</message>\n\n\n<form method=\"post\" action=\"/+webvpn+/index.html\">\n\n<input type=\"text\" name=\"username\" label=\"Username:\" />\n<input type=\"password\" name=\"password\" label=\"Password:\" />\n\n\n<select name=\"group_list\" label=\"GROUP:\">\n<option value=\"telecommuters\" noaaa=\"0\" >Remote_Users</option></select>\n\n<input type=\"submit\" name=\"Login\" value=\"Login\" />\n<input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n\n\n</form>\n</auth>\n",
   "datamd5" : "e73fb32120bbccbb6ce84d72a9811f27",
   "datammh3" : 1679286467,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "GB",
      "countryname" : "United Kingdom",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "55.378051",
      "location" : "55.378051,-3.435973",
      "longitude" : "-3.435973",
      "netname" : "AMAZON-LHR",
      "organization" : "Amazon Data Services UK",
      "subnet" : "18.132.0.0/14"
   },
   "host" : [
      "ec2-18-132-245-254"
   ],
   "hostname" : [
      "ec2-18-132-245-254.eu-west-2.compute.amazonaws.com"
   ],
   "ip" : "18.132.245.254",
   "ipv6" : "false",
   "latitude" : "51.5088",
   "location" : "51.5088,-0.0930",
   "longitude" : "-0.0930",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "IOS",
   "osvendor" : "Cisco",
   "port" : 2376,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-18-132-245-254.eu-west-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-west-2.compute.amazonaws.com"
   ],
   "subnet" : "18.132.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
52.29.245.13

Network
52.24.0.0/13

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://52.29.245.13:2376/ 400

Reverse DNS
ec2-52-29-245-13.eu-central-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7ec6fc76f1262fda24211ad1f325a0f1

HTTP Header MD5
e1ac934a33d282a0f9203d1f38959cd4

HTTP Body MD5
b634668f41ef53ef6d608dc70c4e0dcb

HTTP/1.0 400 Bad Request

Client sent an HTTP request to an HTTPS server.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:00:24.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b634668f41ef53ef6d608dc70c4e0dcb",
         "bodymmh3" : 759042204,
         "headermd5" : "e1ac934a33d282a0f9203d1f38959cd4",
         "headermmh3" : 247729568
      },
      "length" : 76
   },
   "asn" : "AS16509",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "data" : "HTTP/1.0 400 Bad Request\r\n\r\nClient sent an HTTP request to an HTTPS server.\n",
   "datamd5" : "7ec6fc76f1262fda24211ad1f325a0f1",
   "datammh3" : 785411303,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "DE",
      "countryname" : "Germany",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "true",
      "latitude" : "51.165691",
      "location" : "51.165691,10.451526",
      "longitude" : "10.451526",
      "netname" : "AMAZO-ZFRA",
      "organization" : "A100 ROW GmbH",
      "subnet" : "52.28.0.0/15"
   },
   "host" : [
      "ec2-52-29-245-13"
   ],
   "hostname" : [
      "ec2-52-29-245-13.eu-central-1.compute.amazonaws.com"
   ],
   "ip" : "52.29.245.13",
   "ipv6" : "false",
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2376,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Bad Request",
   "reverse" : [
      "ec2-52-29-245-13.eu-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-central-1.compute.amazonaws.com"
   ],
   "subnet" : "52.24.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
13.234.232.192

Network
13.232.0.0/13

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://13.234.232.192:2376/ 400

Reverse DNS
ec2-13-234-232-192.ap-south-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7ec6fc76f1262fda24211ad1f325a0f1

HTTP Header MD5
e1ac934a33d282a0f9203d1f38959cd4

HTTP Body MD5
b634668f41ef53ef6d608dc70c4e0dcb

HTTP/1.0 400 Bad Request

Client sent an HTTP request to an HTTPS server.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:00:08.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b634668f41ef53ef6d608dc70c4e0dcb",
         "bodymmh3" : 759042204,
         "headermd5" : "e1ac934a33d282a0f9203d1f38959cd4",
         "headermmh3" : 247729568
      },
      "length" : 76
   },
   "asn" : "AS16509",
   "city" : "Mumbai",
   "country" : "IN",
   "data" : "HTTP/1.0 400 Bad Request\r\n\r\nClient sent an HTTP request to an HTTPS server.\n",
   "datamd5" : "7ec6fc76f1262fda24211ad1f325a0f1",
   "datammh3" : 785411303,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IN",
      "countryname" : "India",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "20.593684",
      "location" : "20.593684,78.96288",
      "longitude" : "78.96288",
      "netname" : "AMAZON-BOM",
      "organization" : "Amazon Data Services India",
      "subnet" : "13.232.0.0/14"
   },
   "host" : [
      "ec2-13-234-232-192"
   ],
   "hostname" : [
      "ec2-13-234-232-192.ap-south-1.compute.amazonaws.com"
   ],
   "ip" : "13.234.232.192",
   "ipv6" : "false",
   "latitude" : "19.0748",
   "location" : "19.0748,72.8856",
   "longitude" : "72.8856",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2376,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Bad Request",
   "reverse" : [
      "ec2-13-234-232-192.ap-south-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "ap-south-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "13.232.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
18.198.186.186

Network
18.192.0.0/13

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://18.198.186.186:2376/ 400

Reverse DNS
ec2-18-198-186-186.eu-central-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7ec6fc76f1262fda24211ad1f325a0f1

HTTP Header MD5
e1ac934a33d282a0f9203d1f38959cd4

HTTP Body MD5
b634668f41ef53ef6d608dc70c4e0dcb

HTTP/1.0 400 Bad Request

Client sent an HTTP request to an HTTPS server.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:58:30.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b634668f41ef53ef6d608dc70c4e0dcb",
         "bodymmh3" : 759042204,
         "headermd5" : "e1ac934a33d282a0f9203d1f38959cd4",
         "headermmh3" : 247729568
      },
      "length" : 76
   },
   "asn" : "AS16509",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "data" : "HTTP/1.0 400 Bad Request\r\n\r\nClient sent an HTTP request to an HTTPS server.\n",
   "datamd5" : "7ec6fc76f1262fda24211ad1f325a0f1",
   "datammh3" : 785411303,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "DE",
      "countryname" : "Germany",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "true",
      "latitude" : "51.165691",
      "location" : "51.165691,10.451526",
      "longitude" : "10.451526",
      "netname" : "AMAZO-ZFRA",
      "organization" : "A100 ROW GmbH",
      "subnet" : "18.198.0.0/15"
   },
   "host" : [
      "ec2-18-198-186-186"
   ],
   "hostname" : [
      "ec2-18-198-186-186.eu-central-1.compute.amazonaws.com"
   ],
   "ip" : "18.198.186.186",
   "ipv6" : "false",
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2376,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Bad Request",
   "reverse" : [
      "ec2-18-198-186-186.eu-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-central-1.compute.amazonaws.com"
   ],
   "subnet" : "18.192.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
3.99.189.3

Network
3.96.0.0/14

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://3.99.189.3:2376/ 200

Reverse DNS
ec2-3-99-189-3.ca-central-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
434d8c65c52c439ec9d64db9c2d964d6

HTTP Header MD5
d895d9236422dbc747e97e3606a50c0f

HTTP Body MD5
99c21cbcc0452ca85e724381f73a3d1b

HTTP/1.1 200 OK
Connection: keep-alive
Date: Thu, 21 Nov 2024 09:57:30 GMT
Content-Type: text/html
Pragma: private
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Content-Length: 188

<script LANGUAGE=JavaScript>
    window.location = "/global-protect/login.esp"; 
</script>
<html>

<head></head>

<body>
    <p>JavaScript must be enabled to continue!</p>
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:57:31.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "99c21cbcc0452ca85e724381f73a3d1b",
         "bodymmh3" : 956805313,
         "headermd5" : "d895d9236422dbc747e97e3606a50c0f",
         "headermmh3" : 1404111571
      },
      "length" : 689
   },
   "asn" : "AS16509",
   "city" : "Montreal",
   "country" : "CA",
   "data" : "HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nDate: Thu, 21 Nov 2024 09:57:30 GMT\r\nContent-Type: text/html\r\nPragma: private\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=31536000;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';\r\nContent-Length: 188\r\n\r\n<script LANGUAGE=JavaScript>\n    window.location = \"/global-protect/login.esp\"; \n</script>\n<html>\n\n<head></head>\n\n<body>\n    <p>JavaScript must be enabled to continue!</p>\n</body>\n\n</html>",
   "datamd5" : "434d8c65c52c439ec9d64db9c2d964d6",
   "datammh3" : -985819055,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "AMAZON-YUL",
      "organization" : "Amazon Data Services Canada",
      "subnet" : "3.96.0.0/14"
   },
   "host" : [
      "ec2-3-99-189-3"
   ],
   "hostname" : [
      "ec2-3-99-189-3.ca-central-1.compute.amazonaws.com"
   ],
   "ip" : "3.99.189.3",
   "ipv6" : "false",
   "latitude" : "45.5075",
   "location" : "45.5075,-73.5887",
   "longitude" : "-73.5887",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2376,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-3-99-189-3.ca-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ca-central-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "3.96.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
54.95.175.108

Network
54.94.0.0/15

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://54.95.175.108:2376/ 200

Reverse DNS
ec2-54-95-175-108.ap-northeast-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
841ef049931f2abf64cb8efe40b3361a

HTTP Header MD5
9f060a9cb1b31c417a3a68e629ae97e3

HTTP Body MD5
7247f7a69fe8c58679f8e1859605c9b1

HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 Nov 2024 09:50:13 GMT
Server: nginx
Content-Length: 88
Content-Type: text/html

<HTML><HEAD><script>window.top.location.href='/Main_Login.asp';</script>
</HEAD></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:50:14.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "7247f7a69fe8c58679f8e1859605c9b1",
         "bodymmh3" : -1161513703,
         "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
         "headermmh3" : -1817828653
      },
      "length" : 223
   },
   "asn" : "AS16509",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 21 Nov 2024 09:50:13 GMT\r\nServer: nginx\r\nContent-Length: 88\r\nContent-Type: text/html\r\n\r\n<HTML><HEAD><script>window.top.location.href='/Main_Login.asp';</script>\n</HEAD></HTML>\n",
   "datamd5" : "841ef049931f2abf64cb8efe40b3361a",
   "datammh3" : -116911898,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "AMAZON-NRT",
      "organization" : "Amazon Data Services Japan",
      "subnet" : "54.95.0.0/16"
   },
   "host" : [
      "ec2-54-95-175-108"
   ],
   "hostname" : [
      "ec2-54-95-175-108.ap-northeast-1.compute.amazonaws.com"
   ],
   "ip" : "54.95.175.108",
   "ipv6" : "false",
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2376,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-54-95-175-108.ap-northeast-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ap-northeast-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "54.94.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
3.120.30.70

Network
3.120.0.0/13

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
ec2-3-120-30-70.eu-central-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
bca5bbe9fd2fdb94963c5d303418cb87
```
\x15\x03\x01\x00\x02\x02
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:42:47.000Z",
   "app" : {
      "length" : 7
   },
   "asn" : "AS16509",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "data" : "\\x15\\x03\\x01\\x00\\x02\\x02\n",
   "datamd5" : "bca5bbe9fd2fdb94963c5d303418cb87",
   "datammh3" : 1602334322,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "DE",
      "countryname" : "Germany",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "true",
      "latitude" : "51.165691",
      "location" : "51.165691,10.451526",
      "longitude" : "10.451526",
      "netname" : "AMAZO-ZFRA",
      "organization" : "A100 ROW GmbH",
      "subnet" : "3.120.0.0/14"
   },
   "host" : [
      "ec2-3-120-30-70"
   ],
   "hostname" : [
      "ec2-3-120-30-70.eu-central-1.compute.amazonaws.com"
   ],
   "ip" : "3.120.30.70",
   "ipv6" : "false",
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2376,
   "protocol" : "unknown",
   "reverse" : [
      "ec2-3-120-30-70.eu-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-central-1.compute.amazonaws.com"
   ],
   "subnet" : "3.120.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
18.156.77.189

Network
18.156.0.0/14

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
ec2-18-156-77-189.eu-central-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
bca5bbe9fd2fdb94963c5d303418cb87
```
\x15\x03\x01\x00\x02\x02
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:42:44.000Z",
   "app" : {
      "length" : 7
   },
   "asn" : "AS16509",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "data" : "\\x15\\x03\\x01\\x00\\x02\\x02\n",
   "datamd5" : "bca5bbe9fd2fdb94963c5d303418cb87",
   "datammh3" : 1602334322,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "DE",
      "countryname" : "Germany",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "true",
      "latitude" : "51.165691",
      "location" : "51.165691,10.451526",
      "longitude" : "10.451526",
      "netname" : "AMAZO-ZFRA",
      "organization" : "A100 ROW GmbH",
      "subnet" : "18.156.0.0/14"
   },
   "host" : [
      "ec2-18-156-77-189"
   ],
   "hostname" : [
      "ec2-18-156-77-189.eu-central-1.compute.amazonaws.com"
   ],
   "ip" : "18.156.77.189",
   "ipv6" : "false",
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 2376,
   "protocol" : "unknown",
   "reverse" : [
      "ec2-18-156-77-189.eu-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-central-1.compute.amazonaws.com"
   ],
   "subnet" : "18.156.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 4,104 in 0.124 second(s)

13.245.136.10:2376 (tcp/http) - last seen on 2024-11-21 at 10:26:10 UTC

43.207.56.66:2376 (tcp/telnet) - last seen on 2024-11-21 at 10:01:33 UTC

18.132.245.254:2376 (tcp/http) - last seen on 2024-11-21 at 10:00:26 UTC

52.29.245.13:2376 (tcp/http) - last seen on 2024-11-21 at 10:00:24 UTC

13.234.232.192:2376 (tcp/http) - last seen on 2024-11-21 at 10:00:08 UTC

18.198.186.186:2376 (tcp/http) - last seen on 2024-11-21 at 09:58:30 UTC

3.99.189.3:2376 (tcp/http) - last seen on 2024-11-21 at 09:57:31 UTC

54.95.175.108:2376 (tcp/http) - last seen on 2024-11-21 at 09:50:14 UTC

3.120.30.70:2376 (tcp/unknown) - last seen on 2024-11-21 at 09:42:47 UTC

18.156.77.189:2376 (tcp/unknown) - last seen on 2024-11-21 at 09:42:44 UTC