Cyber Defense Search Engine

IP
41.175.139.40

Network
41.175.128.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS37332

Organization
ZOL

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5ffc99e5f2319431d4e598a1288143d7
```
\x0d
ERROR\x0d
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:04:09.000Z",
   "app" : {
      "length" : 9
   },
   "asn" : "AS37332",
   "city" : "Bulawayo",
   "country" : "ZW",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\\x0d\nERROR\\x0d\n",
   "datamd5" : "5ffc99e5f2319431d4e598a1288143d7",
   "datammh3" : 1437819170,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS30844",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "MU",
      "countryname" : "Mauritius",
      "isineu" : "false",
      "latitude" : "-20.348404",
      "location" : "-20.348404,57.552152",
      "longitude" : "57.552152",
      "netname" : "Liquid-Telecommunications",
      "organization" : "Liquid Telecommunications Operations Limited",
      "subnet" : "41.175.128.0/20"
   },
   "ip" : "41.175.139.40",
   "ipv6" : "false",
   "latitude" : "-20.1452",
   "location" : "-20.1452,28.5889",
   "longitude" : "28.5889",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ZOL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4664,
   "protocol" : "unknown",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "41.175.128.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
116.106.67.253

Alternative IP(s)
125.235.4.59

Network
116.106.64.0/19

Domain(s)
viettel.vn

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://116.106.67.253:4664/ 200

Reverse DNS
dynamic-ip-adsl.viettel.vn

ASN
AS24086

Organization
Viettel Corporation

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
43f617e14b1cb912245557db598906db

HTTP Header MD5
f620e9aa6fa885cb3ba70c96073f3028

HTTP Body MD5
13b8369f911fb613be01e0f8564c9b79

Favicon MD5
89b932fcc47cf4ca3faadb0cfdef89cf

Favicon MMH3
999357577

HTTP/1.1 200 OK
Date: Thu, 21 Nov 2024 15:07:26 GMT
Server: Webs
X-Frame-Options: SAMEORIGIN
ETag: "0-5c9-1e0"
Content-Length: 480
Content-Type: text/html
Connection: close
Last-Modified: Sun, 28 Jun 2020 02:17:11 GMT

<!doctype html>
<html>
<head>
	<title></title>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta http-equiv="X-UA-Compatible" content="IE=edge" >
	<meta http-equiv="Pragma" content="no-cache" />
	<meta http-equiv="Cache-Control" content="no-cache, must-revalidate" />
	<meta http-equiv="Expires" content="0" />
</head>
<body>
</body>
<script>
	window.location.href = "/doc/page/login.asp?_" + (new Date()).getTime();
</script>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:04:07.000Z",
   "alternativeip" : [
      "125.235.4.59"
   ],
   "app" : {
      "favicon" : {
         "image" : "AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkJCSYJCQksmQkJL/kJCS/5CQkv+QkJL/kJCS/5CQkv+QkJL/kJCS/5CQkv+QkJL/kJCS25CQknIAAAAAkpKUb6Cgov/ExMr/0tLY/9LS2P/S0tj/0tLY/9LS2P/S0tj/0tLY/9LS2P/S0tj/0tLY/8nJzv+np6r/kpKUkJWVlti/v8D/xsbI/8bGyP/CwsT/jo6Q/11dXv8vLy//KCgp/1FRUv+OjpD/wMDC/8bGyP/Gxsj/xcXH/5iYmf+YmJn/x8fI/8fHyP/Dw8T/aGhp/xISEv8HBwf/FxcV/x4eHP8JCQn/CAgI/z09Pf/CwsL/x8fI/8fHyP+goKH/m5ud/8jIyf/IyMn/kJCQ/xEREf8YGBf/R0dG/2BgZf9/fYT/pqaj/1paVf8CAgL/X19g/8jIyf/IyMn/o6Ol/5+fof/Kysv/w8PD/yEgIf8XFxf/NDQ0/ygpLP8SECj/Cwk5/0VEdP+rqLT/b3Fs/wAAAP+jo6T/ysrL/6enqP+ioqT/zMzN/4ODhP8TExP/IiIi/wwNDf8AAAD/AAAm/ywpcP8rKW//JiNp/5eWnP8sLCn/OTk6/8zMzf+pqav/pqao/8/Pz/9ZWVn/Ghoa/xUUE/8mIA7/FxQQ/wAAMP9xbb3/jYnQ/wsLTP9CQWP/UFBK/wUFBf/Pz8//ra2v/6urrf/T09T/XV1d/xsbHv8iHxL/s5tV/0E4H/9wY0L/LSg1/wICPv8AADD/Hx5C/0pKRv8HBwb/09PU/7KytP+vr7H/3t7f/4iIif8nJyv/FhQL/8etXf+mkU7/V04y/y0pF/8AAAD/AAAM/ycmNP80NDP/Kysr/97e3/+3t7n/srK0/+Pj5P/Fxcb/SkpL/wMFBf+WgkT/07Vj/6+WUv9HPSH/BQQA/wUFBf82Njb/FRUU/4qKi//j4+T/u7u8/7a2uP/o6Or/6Ojq/4+Pj/84ODv/AAAA/415Qf+xmFT/SD4i/wYFBf8dHR3/JiYm/ysrK//l5ef/6Ojq/7+/wf+5ubz/7u7w/+7u8P/p6ev/l5eY/z9AQf8JCw7/AAAC/wcHCP8XFxf/Hx8f/0tLTP/f3+D/7u7w/+7u8P/CwsX/vLy/2+vr7f/z8/X/8/P1//Pz9f/ExMb/hYWG/0xMTv8/QUH/aGho/6Ojpf/z8/X/8/P1//Pz9f/y8vT/wMDD/7+/wXLNzc//7u7x//b2+f/29vn/9vb5//b2+f/29vn/9vb5//b2+f/29vn/9vb5//b2+f/x8fT/1NTX/7+/wZAAAAAAwcHDcsHBw9vBwcP/wcHD/8HBw//BwcP/wcHD/8HBw//BwcP/wcHD/8HBw//BwcP/wcHD6sHBw4EAAAAAgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAEAAA==",
         "imagemd5" : "89b932fcc47cf4ca3faadb0cfdef89cf",
         "imagemmh3" : 999357577,
         "length" : 1150,
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "13b8369f911fb613be01e0f8564c9b79",
         "bodymmh3" : 1400196417,
         "header" : [
            {
               "name" : "ETag",
               "value" : "0-5c9-1e0"
            },
            {
               "name" : "Last-Modified",
               "value" : "Sun, 28 Jun 2020 02:17:11 GMT"
            }
         ],
         "headermd5" : "f620e9aa6fa885cb3ba70c96073f3028",
         "headermmh3" : -1739037472
      },
      "length" : 709
   },
   "asn" : "AS24086",
   "city" : "Bi\u00ean H\u00f2a",
   "country" : "VN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 21 Nov 2024 15:07:26 GMT\r\nServer: Webs\r\nX-Frame-Options: SAMEORIGIN\r\nETag: \"0-5c9-1e0\"\r\nContent-Length: 480\r\nContent-Type: text/html\r\nConnection: close\r\nLast-Modified: Sun, 28 Jun 2020 02:17:11 GMT\r\n\r\n\ufeff<!doctype html>\r\n<html>\r\n<head>\r\n\t<title></title>\r\n\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" >\r\n\t<meta http-equiv=\"Pragma\" content=\"no-cache\" />\r\n\t<meta http-equiv=\"Cache-Control\" content=\"no-cache, must-revalidate\" />\r\n\t<meta http-equiv=\"Expires\" content=\"0\" />\r\n</head>\r\n<body>\r\n</body>\r\n<script>\r\n\twindow.location.href = \"/doc/page/login.asp?_\" + (new Date()).getTime();\r\n</script>\r\n</html>",
   "datamd5" : "43f617e14b1cb912245557db598906db",
   "datammh3" : -1984802626,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "viettel.vn"
   ],
   "geolocus" : {
      "asn" : "AS24086",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "VN",
      "countryname" : "Vietnam",
      "domain" : [
         "viettel.com.vn",
         "vnnic.vn"
      ],
      "isineu" : "false",
      "latitude" : "14.058324",
      "location" : "14.058324,108.277199",
      "longitude" : "108.277199",
      "netname" : "VIETTEL-VN",
      "organization" : "VIETTEL-VN",
      "subnet" : "116.106.64.0/18"
   },
   "host" : [
      "dynamic-ip-adsl"
   ],
   "hostname" : [
      "dynamic-ip-adsl.viettel.vn"
   ],
   "ip" : "116.106.67.253",
   "ipv6" : "false",
   "latitude" : "10.9413",
   "location" : "10.9413,106.8221",
   "longitude" : "106.8221",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Viettel Corporation",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4664,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "dynamic-ip-adsl.viettel.vn"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "116.106.64.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "vn"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
15.229.13.194

Network
15.228.0.0/15

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://15.229.13.194:4664/ 301

Reverse DNS
ec2-15-229-13-194.sa-east-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

HTTP Component(s)
Oracle Java Atlassian Confluence

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
cc52ff5f467c565b5c84ebe2120c4f94

HTTP Header MD5
cd0c5e2cd6bc1defc66b536fae5a2e68

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Date: Thu, 21 Nov 2024 09:03:57 GMT
Server: nginx
X-Confluence-Request-Time: 1732179837
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=2pnvr3gbaq8wrbeucciv2shz4zz0rtil; Path=/; Secure; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=63072000
Location: ./login.action
Content-Length: 0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:03:57.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1636538602,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            },
            {
               "productvendor" : "Atlassian",
               "product" : "Confluence"
            }
         ],
         "headermd5" : "cd0c5e2cd6bc1defc66b536fae5a2e68",
         "headermmh3" : 1957031361
      },
      "length" : 587
   },
   "asn" : "AS16509",
   "city" : "S\u00e3o Paulo",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nConnection: keep-alive\r\nDate: Thu, 21 Nov 2024 09:03:57 GMT\r\nServer: nginx\r\nX-Confluence-Request-Time: 1732179837\r\nContent-Type: text/html;charset=UTF-8\r\nCache-Control: no-cache, must-revalidate\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nSet-Cookie: JSESSIONID=2pnvr3gbaq8wrbeucciv2shz4zz0rtil; Path=/; Secure; HttpOnly\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'\r\nStrict-Transport-Security: max-age=63072000\r\nLocation: ./login.action\r\nContent-Length: 0\r\n\r\n",
   "datamd5" : "cc52ff5f467c565b5c84ebe2120c4f94",
   "datammh3" : -523909345,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "AMAZON-GRU",
      "organization" : "Amazon Data Services Brazil",
      "subnet" : "15.228.0.0/15"
   },
   "host" : [
      "ec2-15-229-13-194"
   ],
   "hostname" : [
      "ec2-15-229-13-194.sa-east-1.compute.amazonaws.com"
   ],
   "ip" : "15.229.13.194",
   "ipv6" : "false",
   "latitude" : "-23.5335",
   "location" : "-23.5335,-46.6359",
   "longitude" : "-46.6359",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4664,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "reverse" : [
      "ec2-15-229-13-194.sa-east-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 301,
   "subdomains" : [
      "compute.amazonaws.com",
      "sa-east-1.compute.amazonaws.com"
   ],
   "subnet" : "15.228.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
113.134.100.54

Network
113.134.0.0/17

Operating System
Linux Linux Kernel

ASN
AS4134

Organization
Chinanet

Protocol
socks4a

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e5a878a6ceef50f0c3212221b6a9b5b6
```
\x00[\x048\xac\x11\x00C
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:03:57.000Z",
   "app" : {
      "length" : 8
   },
   "asn" : "AS4134",
   "city" : "Xi'an",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\\x00[\\x048\\xac\\x11\\x00C",
   "datamd5" : "e5a878a6ceef50f0c3212221b6a9b5b6",
   "datammh3" : 1027700689,
   "geolocus" : {
      "asn" : "AS4134",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn",
         "xa.sn.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SN",
      "organization" : "CHINANET SHAANXI PROVINCE NETWORK",
      "subnet" : "113.134.0.0/17"
   },
   "ip" : "113.134.100.54",
   "ipv6" : "false",
   "latitude" : "34.3287",
   "location" : "34.3287,109.0337",
   "longitude" : "109.0337",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Chinanet",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4664,
   "protocol" : "socks4a",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "113.134.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP
211.105.193.137

Network
211.105.128.0/17

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://211.105.193.137:4664/ 200

HTTP Title
main page

ASN
AS4766

Organization
Korea Telecom

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
WebServer WebServer

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
64b1eedf7948473edeebe55d6a285aca

HTTP Header MD5
979761cd6f49e9ef5f8bb5795302f113

HTTP Body MD5
60b91305d545bb4d77592787df00080d

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "776083311"
Last-Modified: Thu, 01 Jan 1970 00:00:24 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Server: WebServer
Content-Length: 289
Connection: close
Date: Thu, 21 Nov 2024 09:03:35 GMT

<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso8859-1">
<title>main page</title>
<script language="javascript">

function redirect() {
	location.href = "/cgi-bin/login.cgi";
}

</script>
</head>

<body onload="redirect()">
</body>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:03:34.000Z",
   "app" : {
      "extract" : {
         "file" : [
            "login.cgi"
         ]
      },
      "http" : {
         "bodymd5" : "60b91305d545bb4d77592787df00080d",
         "bodymmh3" : -1159873339,
         "header" : [
            {
               "name" : "ETag",
               "value" : 776083311
            },
            {
               "name" : "Last-Modified",
               "value" : "Thu, 01 Jan 1970 00:00:24 GMT"
            }
         ],
         "headermd5" : "979761cd6f49e9ef5f8bb5795302f113",
         "headermmh3" : 1147304114,
         "title" : "main page"
      },
      "length" : 613
   },
   "asn" : "AS4766",
   "city" : "Yongsan-gu",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nAccept-Ranges: bytes\r\nETag: \"776083311\"\r\nLast-Modified: Thu, 01 Jan 1970 00:00:24 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nServer: WebServer\r\nContent-Length: 289\r\nConnection: close\r\nDate: Thu, 21 Nov 2024 09:03:35 GMT\r\n\r\n<html>\r\n<head>\r\n<meta http-equiv=\"content-type\" content=\"text/html; charset=iso8859-1\">\r\n<title>main page</title>\r\n<script language=\"javascript\">\r\n\r\nfunction redirect() {\r\n\tlocation.href = \"/cgi-bin/login.cgi\";\r\n}\r\n\r\n</script>\r\n</head>\r\n\r\n<body onload=\"redirect()\">\r\n</body>\r\n\r\n</html>\r\n\r\n",
   "datamd5" : "64b1eedf7948473edeebe55d6a285aca",
   "datammh3" : -215358228,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4766",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "kt.com",
         "nic.or.kr"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "KORNET",
      "organization" : "Korea Telecom",
      "subnet" : "211.105.128.0/17"
   },
   "ip" : "211.105.193.137",
   "ipv6" : "false",
   "latitude" : "37.5332",
   "location" : "37.5332,126.9692",
   "longitude" : "126.9692",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Korea Telecom",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4664,
   "product" : "WebServer",
   "productvendor" : "WebServer",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.105.128.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
5.202.19.93

Network
5.202.18.0/23

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS201150

Organization
Didehban Net Company PJS

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5ffc99e5f2319431d4e598a1288143d7
```
\x0d
ERROR\x0d
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:03:17.000Z",
   "app" : {
      "length" : 9
   },
   "asn" : "AS201150",
   "country" : "IR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\\x0d\nERROR\\x0d\n",
   "datamd5" : "5ffc99e5f2319431d4e598a1288143d7",
   "datammh3" : 1437819170,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS201150",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IR",
      "countryname" : "Iran",
      "domain" : [
         "pishgaman.net"
      ],
      "isineu" : "false",
      "latitude" : "32.427908",
      "location" : "32.427908,53.688046",
      "longitude" : "53.688046",
      "netname" : "IR-PISHGAMAN-NET",
      "organization" : "Pishgaman Toseeh Ertebatat Company (Private Joint Stock)",
      "subnet" : "5.202.0.0/19"
   },
   "ip" : "5.202.19.93",
   "ipv6" : "false",
   "latitude" : "35.6980",
   "location" : "35.6980,51.4115",
   "longitude" : "51.4115",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Didehban Net Company PJS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4664,
   "protocol" : "unknown",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "5.202.18.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
185.129.229.77

Network
185.129.228.0/23

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS48359

Organization
Hesabgar Pardaz Gharb PJSC

Protocol
unknown

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5ffc99e5f2319431d4e598a1288143d7
```
\x0d
ERROR\x0d
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:03:16.000Z",
   "app" : {
      "length" : 9
   },
   "asn" : "AS48359",
   "country" : "IR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\\x0d\nERROR\\x0d\n",
   "datamd5" : "5ffc99e5f2319431d4e598a1288143d7",
   "datammh3" : 1437819170,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS48359",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IR",
      "countryname" : "Iran",
      "domain" : [
         "pishgaman.net"
      ],
      "isineu" : "false",
      "latitude" : "32.427908",
      "location" : "32.427908,53.688046",
      "longitude" : "53.688046",
      "netname" : "PTE",
      "organization" : "PTE",
      "subnet" : "185.129.229.0/24"
   },
   "ip" : "185.129.229.77",
   "ipv6" : "false",
   "latitude" : "35.6980",
   "location" : "35.6980,51.4115",
   "longitude" : "51.4115",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hesabgar Pardaz Gharb PJSC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4664,
   "protocol" : "unknown",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "185.129.228.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
111.118.129.225

Network
111.118.128.0/19

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://111.118.129.225:4664/ 302

ASN
AS38623

Organization
ISPIXP IN CAMBODIA WITH THE BEST VERVICE IN THERE.

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft IIS 10.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a142004f9e80f14b4311fa09146d407e

HTTP Header MD5
57d297496eca6f9d04c6e0bd5e105916

HTTP Body MD5
465981b2c7142b9fb660b39e2de874c1

HTTP/1.1 302 Found
Transfer-Encoding: chunked
Location: /System/Validate
Server: Microsoft-IIS/10.0
Date: Thu, 21 Nov 2024 09:03:08 GMT
Connection: close

0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:03:10.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "465981b2c7142b9fb660b39e2de874c1",
         "bodymmh3" : -421333641,
         "headermd5" : "57d297496eca6f9d04c6e0bd5e105916",
         "headermmh3" : 1944001622
      },
      "length" : 167
   },
   "asn" : "AS38623",
   "city" : "Phnom Penh",
   "country" : "KH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nTransfer-Encoding: chunked\r\nLocation: /System/Validate\r\nServer: Microsoft-IIS/10.0\r\nDate: Thu, 21 Nov 2024 09:03:08 GMT\r\nConnection: close\r\n\r\n0\r\n\r\n",
   "datamd5" : "a142004f9e80f14b4311fa09146d407e",
   "datammh3" : -1002270161,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS38623",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KH",
      "countryname" : "Cambodia",
      "domain" : [
         "viettel.com.vn"
      ],
      "isineu" : "false",
      "latitude" : "12.565679",
      "location" : "12.565679,104.990963",
      "longitude" : "104.990963",
      "netname" : "VIETTEL-CAMBODIA",
      "organization" : "VIETTEL (CAMBODIA) PTE., LTD.",
      "subnet" : "111.118.128.0/19"
   },
   "ip" : "111.118.129.225",
   "ipv6" : "false",
   "latitude" : "11.5583",
   "location" : "11.5583,104.9121",
   "longitude" : "104.9121",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ISPIXP IN CAMBODIA WITH THE BEST VERVICE IN THERE.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 4664,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "111.118.128.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
35.164.154.234

Network
35.160.0.0/13

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://35.164.154.234:4664/ 200

Reverse DNS
ec2-35-164-154-234.us-west-2.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
d63cb7eed856963ab82852e1f200cf51

HTTP Header MD5
26c1e7b2e4b9c3ad6ee704fe983ca1d9

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e
```
HTTP/1.1 200 OK
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:02:33.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "26c1e7b2e4b9c3ad6ee704fe983ca1d9",
         "headermmh3" : 1529339778
      },
      "length" : 19
   },
   "asn" : "AS16509",
   "city" : "Boardman",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\n\r\n",
   "datamd5" : "d63cb7eed856963ab82852e1f200cf51",
   "datammh3" : 1527519102,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AMAZO-ZPDX9",
      "organization" : "Amazon.com, Inc.",
      "subnet" : "35.160.0.0/13"
   },
   "host" : [
      "ec2-35-164-154-234"
   ],
   "hostname" : [
      "ec2-35-164-154-234.us-west-2.compute.amazonaws.com"
   ],
   "ip" : "35.164.154.234",
   "ipv6" : "false",
   "latitude" : "45.8491",
   "location" : "45.8491,-119.7143",
   "longitude" : "-119.7143",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4664,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-35-164-154-234.us-west-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "us-west-2.compute.amazonaws.com"
   ],
   "subnet" : "35.160.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
194.46.220.150

Network
194.46.192.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://194.46.220.150:4664/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS2110

Organization
BT Communications Ireland Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0c1820e0d381850a77897bf32978a1f0

HTTP Header MD5
a629a0fe278971ad61801ba6975ba467

HTTP Body MD5
ea425366a98dfc499c0cbeedb9a4f02a

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 21 Nov 2024 08:58:51 GMT
Content-Type: text/html
Content-Length: 248
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:58:51.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ea425366a98dfc499c0cbeedb9a4f02a",
         "bodymmh3" : 1153229498,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 639049643,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 393
   },
   "asn" : "AS2110",
   "city" : "Kilkenny",
   "country" : "IE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Thu, 21 Nov 2024 08:58:51 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "0c1820e0d381850a77897bf32978a1f0",
   "datammh3" : 190190724,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "194.46.220.150",
   "ipv6" : "false",
   "latitude" : "52.6610",
   "location" : "52.6610,-7.2551",
   "longitude" : "-7.2551",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "BT Communications Ireland Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4664,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "194.46.192.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 16,400 in 0.156 second(s)

41.175.139.40:4664 (tcp/unknown) - last seen on 2024-11-21 at 09:04:09 UTC

116.106.67.253:4664 (tcp/http) - last seen on 2024-11-21 at 09:04:07 UTC

15.229.13.194:4664 (tcp/http) - last seen on 2024-11-21 at 09:03:57 UTC

113.134.100.54:4664 (tcp/socks4a) - last seen on 2024-11-21 at 09:03:57 UTC

211.105.193.137:4664 (tcp/http) - last seen on 2024-11-21 at 09:03:34 UTC

5.202.19.93:4664 (tcp/unknown) - last seen on 2024-11-21 at 09:03:17 UTC

185.129.229.77:4664 (tcp/unknown) - last seen on 2024-11-21 at 09:03:16 UTC

111.118.129.225:4664 (tcp/http) - last seen on 2024-11-21 at 09:03:10 UTC

35.164.154.234:4664 (tcp/http) - last seen on 2024-11-21 at 09:02:33 UTC

194.46.220.150:4664 (tcp/http) - last seen on 2024-11-21 at 08:58:51 UTC