The new Censys Platform is live! Free, Solo & Teams users can try it now — Enterprise customers, contact your rep.
Try it today!

3.104.54.39

As of: Mar 18, 2025 10:49pm UTC | Latest

Basic Information

Reverse DNS
ec2-3-104-54-39.ap-southeast-2.compute.amazonaws.com
Forward DNS
ec2-3-104-54-39.ap-southeast-2.compute.amazonaws.com
Routing
3.104.0.0/14  via AMAZON-02, US (AS16509)
OS
Ubuntu Linux
Services (30)
21/FTP, 22/SSH, 23/UNKNOWN, 25/SMTP, 80/HTTP, 102/S7, 104/UNKNOWN, 135/DCERPC, 143/IMAP, 161/SNMP, 389/LDAP, 443/HTTP, 445/SMB, 1723/PPTP, 1883/MQTT, 3000/HTTP, 3306/MYSQL, 3389/UNKNOWN, 5060/SIP, 5061/SIP, 5432/UNKNOWN, 9100/PJL, 9200/ELASTICSEARCH, 10000/UNKNOWN, 11112/DICOM, 20000/UNKNOWN, 27017/MONGODB, 44818/EIP, 53322/SSH, 55688/HTTP
Labels
Database Email File Sharing Honeypot Ics Iot Medical Device Network Administration Open Dir Printer Remote Access Voip

FTP 21/TCP
03/18/2025 16:38 UTC

File Sharing

Software

Linux
GNU SmbFTPD

Details

Banner
220 DiskStation FTP server ready.
Auth TLS Response
530 Please login with USER and PASS.
Auth SSL Response
530 Please login with USER and PASS.
Status Code
220
Status Meaning
Service ready for new user.

SSH 22/TCP
03/17/2025 07:37 UTC

Pending Removal Remote Access

Software

OpenBSD OpenSSH 7.9p1

Details

Host Key
Algorithm
ecdsa-sha2-nistp256
Fingerprint
260648c7b1b072238028bd148d74ccdd14fe35ac7292ec6ec3d7103cdc081842
Negotiated
Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] aes128-ctr []
MAC
hmac-sha1 [] hmac-sha1 []

UNKNOWN 23/TCP
03/17/2025 07:34 UTC

Pending Removal

Details

Banner
login:

SMTP 25/TCP
03/17/2025 17:24 UTC

Email

Software

Postfix
Ubuntu Linux

Details

Banner
220 smtp.xdeath.tw ESMTP Postfix (Ubuntu)
EHLO
250-smtp.xdeath.tw
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
Start TLS
220 2.0.0 Ready to start TLS

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Certificate
Fingerprint
2e81a0672c63818b5734e04a55756c4f566b5519a49647da4abd1787f6a4616e
Subject
CN=localhost
Issuer
CN=localhost
Names
localhost
Fingerprint
JA3S
475c9302dc42b2751db9edcac3b74891
JA4S
t130200_1303_a56c5b993250

HTTP 80/TCP
03/18/2025 12:20 UTC

Open Dir

Software

nginx

Details

http://3.104.54.39/
Status
200  OK
Body Hash
sha1:2192b0ce3ff1915c07d169d476a1e00a372e83e6
HTML Title
Directory listing for /
Response Body
      Directory listing for /

## Directory listing for /

* * *

  * [../](../) 

* * *

S7 102/TCP
03/17/2025 15:33 UTC

Honeypot Ics

Software

Conpot

Details

System
Technodrome
Module
Siemens, SIMATIC, S7-200
Plant ID
Mouser Factory
Copyright
Original Siemens Equipment
Serial Number
88111222
Module Type
IM151-8 PN/DP CPU

UNKNOWN 104/TCP
03/18/2025 12:15 UTC

Details

Banner
Unknown command

DCERPC 135/TCP
03/17/2025 07:33 UTC

Pending Removal

Details

Could Bind
True

IMAP 143/TCP
03/18/2025 16:42 UTC

Email

Details

Banner
* OK [CAPABILITY IMAP4 IMAP4REV1 LOGIN-REFERRALS AUTH=LOGIN] albertine IMAP4 2.115 at Tue, 18 Mar 2025 16:42:26 +0000 (UTC)

SNMP 161/UDP
03/18/2025 20:42 UTC

Honeypot Ics Network Administration

Software

Siemens S7-200
Conpot

Details

OID System
Object ID
Unknown
Description
Siemens, SIMATIC, S7-200
Uptime
Unknown
Contact
Unknown
Name
Unknown
Location
Unknown

LDAP 389/TCP
03/18/2025 16:36 UTC

Network Administration

Details

Allows Anonymous Bind
True

HTTP 443/TCP
03/18/2025 09:16 UTC

Open Dir

Software

nginx

Details

https://3.104.54.39/
Status
200  OK
Body Hash
sha1:2192b0ce3ff1915c07d169d476a1e00a372e83e6
HTML Title
Directory listing for /
Response Body
      Directory listing for /

## Directory listing for /

* * *

  * [../](../) 

* * *

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Certificate
Fingerprint
1c849548bd43c073b5df794e752260892d344b8ca6da68333184d3e9b8c2e1df
Subject
C=TW, CN=this is test, O=dyoyo.small.yoyo, OU=MDFK
Issuer
C=TW, CN=this is test, O=dyoyo.small.yoyo, OU=MDFK
Fingerprint
JA3S
475c9302dc42b2751db9edcac3b74891
JA4S
t130200_1303_a56c5b993250

SMB 445/TCP
03/18/2025 16:35 UTC

File Sharing

Details

Server
SMBv1 Support
True

PPTP 1723/TCP
03/18/2025 20:43 UTC

Details

Banner
  1.0 0.1
Maximum Channels
1

MQTT 1883/TCP
03/17/2025 17:25 UTC

Iot

Details

Connection Status
Connection Accepted
Subscription Status
Subscription Accepted With QoS 0

HTTP 3000/TCP
03/18/2025 20:49 UTC

Software

Zeit Next.js

Details

http://3.104.54.39:3000/
Status
200  OK
Body Hash
sha1:51f89108381310db266a1ccdea8440836c221f90
HTML Title
Hydradefender
Response Body

MYSQL 3306/TCP
03/18/2025 20:53 UTC

Database

Software

Oracle MySQL 5.7.16

Details

Protocol Version
10
Character Set
33

UNKNOWN 3389/TCP
03/18/2025 16:42 UTC

Details

Banner


SIP 5060/TCP
03/18/2025 22:48 UTC

Voip

Details

Version
SIP/2.0
Code
200
Status
OK

SIP 5061/TCP
03/18/2025 16:37 UTC

Voip

Details

Version
SIP/2.0
Code
200
Status
OK

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Certificate
Fingerprint
4b027679ad5973ff8eaadb872db91b6a3a7e53a730a85cf2739d7d6825fa7585
Subject
C=TW, CN=this is test, O=dyoyo.small.yoyo, OU=MDFK
Issuer
C=TW, CN=this is test, O=dyoyo.small.yoyo, OU=MDFK
Fingerprint
JA3S
475c9302dc42b2751db9edcac3b74891
JA4S
t130200_1303_a56c5b993250

UNKNOWN 5432/TCP
03/17/2025 12:58 UTC

Details

Banner
N

PJL 9100/TCP
03/18/2025 05:38 UTC

Iot Printer

Details

Banner
@PJL INFO STATUS
CODE=10001
DISPLAY="Ready"
ONLINE=True

ELASTICSEARCH 9200/TCP
03/16/2025 20:27 UTC

Pending Removal Database Honeypot

Software

Apache Lucene 4.10.4
Elasticsearch 1.4.1
ElasticPot

Details

System Information
Name
Green Goblin
Build Hash
b88f43fc40b0bcd7f173a1f9ee2e97816de80b19

UNKNOWN 10000/TCP
03/18/2025 01:46 UTC

Details

Banner (Hex)
  
00000000
00 00 00 0e 01 04 40  68 70 32 24 32 7b c2 
......@hp2$2{.

DICOM 11112/TCP
03/18/2025 15:15 UTC

Medical Device

Details

Banner (Hex)
  
00000000
00000010
00000020
00000030
00000040
00000050
00000060
00000070
00000080
00000090
000000A0
000000B0
000000C0
02 00 00 00 00 bc 00 01  00 00 41 4e 59 2d 53 43 
50 20 20 20 20 20 20 20  20 20 45 43 48 4f 53 43 
55 20 20 20 20 20 20 20  20 20 00 00 00 00 00 00 
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00  00 00 10 00 00 15 31 2e 
32 2e 38 34 30 2e 31 30  30 30 38 2e 33 2e 31 2e 
31 2e 31 21 00 00 19 01  00 00 00 40 00 00 11 31 
2e 32 2e 38 34 30 2e 31  30 30 30 38 2e 31 2e 32 
50 00 00 3e 51 00 00 04  00 00 3f fe 52 00 00 20 
31 2e 32 2e 38 32 36 2e  30 2e 31 2e 33 36 38 30 
30 34 33 2e 39 2e 33 38  31 31 2e 32 2e 31 2e 30 
55 00 00 0e 50 59 4e 45  54 44 49 43 4f 4d 5f 32 
31 30                                            
..........ANY-SC
P         ECHOSC
U         ......
................
..............1.
2.840.10008.3.1.
[email protected]
.2.840.10008.1.2
P..>Q.....?.R.. 
1.2.826.0.1.3680
043.9.3811.2.1.0
U...PYNETDICOM_2
10

UNKNOWN 20000/TCP
03/17/2025 17:23 UTC

Details

Banner
Error: Command Not Found

MONGODB 27017/TCP
03/17/2025 00:51 UTC

Pending Removal Database

Software

Mongodb

Details

Master Node
True

EIP 44818/TCP
03/18/2025 02:37 UTC

Honeypot Ics

Software

Conpot

Details

Banner (Hex)
  
00000000
00000010
00000020
00000030
00000040
00000050
00000060
00000070
00000080
63 00 3c 00 00 00 00 00  00 00 00 00 4f 49 53 59 
53 4e 45 43 00 00 00 00  01 00 0c 00 36 00 01 00 
00 02 af 12 00 00 00 00  00 00 00 00 00 00 00 00 
01 00 0e 00 36 00 14 0b  60 31 1a 06 6c 00 14 31 
37 35 36 2d 4c 36 31 2f  42 20 4c 4f 47 49 58 35 
35 36 31 ff 04 00 19 00  00 00 00 00 00 00 00 00 
4f 49 53 59 53 4e 45 43  00 00 00 00 01 00 00 01 
13 00 01 00 20 00 43 6f  6d 6d 75 6e 69 63 61 74 
69 6f 6e 73 00                                   
c.<.........OISY
SNEC........6...
................
....6...`1..l..1
756-L61/B LOGIX5
561.............
OISYSNEC........
.... .Communicat
ions.

SSH 53322/TCP
03/18/2025 20:57 UTC

Remote Access

Software

Ubuntu Linux
OpenBSD OpenSSH 8.9p1

Details

Host Key
Algorithm
ecdsa-sha2-nistp256
Fingerprint
f955af84f8335ba107fbb918442dd66c349838f954bac493e28ad0e224dfa28c
Negotiated
Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] aes128-ctr []
MAC
hmac-sha2-256 [] hmac-sha2-256 []

HTTP 55688/TCP
03/17/2025 21:19 UTC

Software

Zeit Next.js
nginx 1.18.0

Details

https://3.104.54.39:55688/
Status
200  OK
Body Hash
sha1:51f89108381310db266a1ccdea8440836c221f90
HTML Title
Hydradefender
Response Body

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
d98c254051fb24b22492300d12f0d6b438bbdf98b7ae21b8252e0f885da5c80a
Subject
C=AU, ST=Some-State, O=Internet Widgits Pty Ltd
Issuer
C=AU, ST=Some-State, O=Internet Widgits Pty Ltd
Fingerprint
JARM
2ad2ad0002ad2ad00042d42d000000301510f56407964db9434a9bb0d4ee4a
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t130200_1302_a56c5b993250

Geographic Location

City
Sydney
State
New South Wales
Country
Australia (AU)
Coordinates
-33.86785, 151.20732
Timezone
Australia/Sydney