Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
137.220.160.198

Network
137.220.160.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://137.220.160.198:12443/ 200

HTTP Title
BET365�� www.011.com

ASN
AS152194

Organization
CTG Server Limited

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
137.220.160.194

SHA256 Fingerprint
63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95

Validity Not Before
2024-09-21T00:00:00Z

Validity Not After
2025-09-21T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5b5c3aac2c92a1bda2406f15abbd56e0

HTTP Header MD5
074ccfd1dea624296256185ccafd1f18

HTTP Body MD5
6233e72dde1921949bc3079a7a2f49ee

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Nov 2024 03:37:13 GMT
Content-Type: text/html
Content-Length: 1217
Connection: close
Vary: Accept-Encoding
Last-Modified: Sat, 29 Jun 2024 20:13:51 GMT
Vary: Accept-Encoding
ETag: "66806aff-4c1"
Via: mycdn
CDN-Cache: REVALIDATED
Cache-Control: no-cache
Accept-Ranges: bytes

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD>
<title>BET365������ www.011.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<BODY>

<P>��</P><br><br><br><br><br><br><br><br>
<P align=center><B><FONT size=7><a href="javascript:test()">����������</a></FONT></B></P>



<script language="javascript">

   function test(){

	 var url=new Array();

	 url[0]="https://137.220.163.106:39999/999.php/";

	 url[1]="https://137.220.163.106:39999/999.php/";

	 url[2]="https://137.220.163.106:39999/999.php/";

	 url[3]="https://137.220.163.106:39999/999.php/";

	 url[4]="https://137.220.163.106:39999/999.php/";

	 url[5]="https://137.220.163.106:39999/999.php/";

	 url[6]="https://137.220.163.106:39999/999.php/";

	 url[7]="https://137.220.163.106:39999/999.php/";

	 url[8]="https://137.220.163.106:39999/999.php/";
	 
	 url[9]="https://137.220.163.106:39999/999.php/";
	 
	 url[10]="https://137.220.163.106:39999/999.php/";


	 var ints=parseInt(Math.random()*(url.length));

	 window.open(url[ints]);//�����ڴ�	 

	 //window.location=url[ints];//�´��ڴ� 

	}



 </script>

</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:37:13.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "137.220.163.106"
         ],
         "url" : [
            "https://137.220.163.106:39999/999.php/"
         ]
      },
      "http" : {
         "bodymd5" : "6233e72dde1921949bc3079a7a2f49ee",
         "bodymmh3" : -628261066,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Sat, 29 Jun 2024 20:13:51 GMT"
            },
            {
               "name" : "ETag",
               "value" : "66806aff-4c1"
            }
         ],
         "headermd5" : "074ccfd1dea624296256185ccafd1f18",
         "headermmh3" : 301101228,
         "title" : "BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com"
      },
      "length" : 1551
   },
   "asn" : "AS152194",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:37:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 1217\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Sat, 29 Jun 2024 20:13:51 GMT\r\nVary: Accept-Encoding\r\nETag: \"66806aff-4c1\"\r\nVia: mycdn\r\nCDN-Cache: REVALIDATED\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"><HTML><HEAD>\r\n<title>BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n\r\n<BODY>\r\n\r\n<P>\ufffd\ufffd</P><br><br><br><br><br><br><br><br>\r\n<P align=center><B><FONT size=7><a href=\"javascript:test()\">\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd</a></FONT></B></P>\r\n\r\n\r\n\r\n<script language=\"javascript\">\r\n\r\n   function test(){\r\n\r\n\t var url=new Array();\r\n\r\n\t url[0]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[1]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[2]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[3]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[4]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[5]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[6]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[7]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[8]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[9]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[10]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\r\n\t var ints=parseInt(Math.random()*(url.length));\r\n\r\n\t window.open(url[ints]);//\ufffd\ufffd\ufffd\ufffd\ufffd\u06b4\ufffd\t \r\n\r\n\t //window.location=url[ints];//\ufffd\u00b4\ufffd\ufffd\u06b4\ufffd \r\n\r\n\t}\r\n\r\n\r\n\r\n </script>\r\n\r\n</BODY></HTML>\r\n\r\n\r\n",
   "datamd5" : "5b5c3aac2c92a1bda2406f15abbd56e0",
   "datammh3" : 1333747132,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "aca6307b11aa18889ac73e141347098a",
      "sha1" : "c063ef5f25b042ac0b9f2500cf89602d0f1173ea",
      "sha256" : "63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95"
   },
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "ctgserver.com",
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "CTG220-128-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "137.220.160.0/20"
   },
   "ip" : "137.220.160.198",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 12443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "serial" : "e4:05:9a:64:91:be:f0:66:50:4f:18:80:a0:9a:b0:76",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "commonname" : "137.220.160.194"
   },
   "subnet" : "137.220.160.0/19",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-09-21T23:59:59Z",
      "notbefore" : "2024-09-21T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
137.220.160.198

Network
137.220.160.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://137.220.160.198:12443/ 200

HTTP Title
BET365�� www.011.com

ASN
AS152194

Organization
CTG Server Limited

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
137.220.160.194

SHA256 Fingerprint
63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95

Validity Not Before
2024-09-21T00:00:00Z

Validity Not After
2025-09-21T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
26b48075123d7d47a10fd3010f75b503

HTTP Header MD5
a2f84633bd6b45ea23aeee8c0d8e5904

HTTP Body MD5
6233e72dde1921949bc3079a7a2f49ee

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Nov 2024 03:34:56 GMT
Content-Type: text/html
Content-Length: 1217
Connection: close
Vary: Accept-Encoding
Last-Modified: Sat, 29 Jun 2024 20:13:51 GMT
Vary: Accept-Encoding
ETag: "66806aff-4c1"
Via: mycdn
CDN-Cache: HIT
Cache-Control: no-cache
Accept-Ranges: bytes

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD>
<title>BET365������ www.011.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<BODY>

<P>��</P><br><br><br><br><br><br><br><br>
<P align=center><B><FONT size=7><a href="javascript:test()">����������</a></FONT></B></P>



<script language="javascript">

   function test(){

	 var url=new Array();

	 url[0]="https://137.220.163.106:39999/999.php/";

	 url[1]="https://137.220.163.106:39999/999.php/";

	 url[2]="https://137.220.163.106:39999/999.php/";

	 url[3]="https://137.220.163.106:39999/999.php/";

	 url[4]="https://137.220.163.106:39999/999.php/";

	 url[5]="https://137.220.163.106:39999/999.php/";

	 url[6]="https://137.220.163.106:39999/999.php/";

	 url[7]="https://137.220.163.106:39999/999.php/";

	 url[8]="https://137.220.163.106:39999/999.php/";
	 
	 url[9]="https://137.220.163.106:39999/999.php/";
	 
	 url[10]="https://137.220.163.106:39999/999.php/";


	 var ints=parseInt(Math.random()*(url.length));

	 window.open(url[ints]);//�����ڴ�	 

	 //window.location=url[ints];//�´��ڴ� 

	}



 </script>

</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:34:56.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "137.220.163.106"
         ],
         "url" : [
            "https://137.220.163.106:39999/999.php/"
         ]
      },
      "http" : {
         "bodymd5" : "6233e72dde1921949bc3079a7a2f49ee",
         "bodymmh3" : -628261066,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Sat, 29 Jun 2024 20:13:51 GMT"
            },
            {
               "value" : "66806aff-4c1",
               "name" : "ETag"
            }
         ],
         "headermd5" : "a2f84633bd6b45ea23aeee8c0d8e5904",
         "headermmh3" : -1888620578,
         "title" : "BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com"
      },
      "length" : 1543
   },
   "asn" : "AS152194",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:34:56 GMT\r\nContent-Type: text/html\r\nContent-Length: 1217\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Sat, 29 Jun 2024 20:13:51 GMT\r\nVary: Accept-Encoding\r\nETag: \"66806aff-4c1\"\r\nVia: mycdn\r\nCDN-Cache: HIT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"><HTML><HEAD>\r\n<title>BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n\r\n<BODY>\r\n\r\n<P>\ufffd\ufffd</P><br><br><br><br><br><br><br><br>\r\n<P align=center><B><FONT size=7><a href=\"javascript:test()\">\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd</a></FONT></B></P>\r\n\r\n\r\n\r\n<script language=\"javascript\">\r\n\r\n   function test(){\r\n\r\n\t var url=new Array();\r\n\r\n\t url[0]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[1]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[2]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[3]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[4]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[5]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[6]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[7]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[8]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[9]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[10]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\r\n\t var ints=parseInt(Math.random()*(url.length));\r\n\r\n\t window.open(url[ints]);//\ufffd\ufffd\ufffd\ufffd\ufffd\u06b4\ufffd\t \r\n\r\n\t //window.location=url[ints];//\ufffd\u00b4\ufffd\ufffd\u06b4\ufffd \r\n\r\n\t}\r\n\r\n\r\n\r\n </script>\r\n\r\n</BODY></HTML>\r\n\r\n\r\n",
   "datamd5" : "26b48075123d7d47a10fd3010f75b503",
   "datammh3" : 655040513,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "aca6307b11aa18889ac73e141347098a",
      "sha1" : "c063ef5f25b042ac0b9f2500cf89602d0f1173ea",
      "sha256" : "63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95"
   },
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "ctgserver.com",
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "CTG220-128-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "137.220.160.0/20"
   },
   "ip" : "137.220.160.198",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 12443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "serial" : "e4:05:9a:64:91:be:f0:66:50:4f:18:80:a0:9a:b0:76",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "commonname" : "137.220.160.194"
   },
   "subnet" : "137.220.160.0/19",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-09-21T23:59:59Z",
      "notbefore" : "2024-09-21T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
137.220.160.207

Network
137.220.160.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://137.220.160.207:12443/ 200

HTTP Title
BET365�� www.011.com

ASN
AS152194

Organization
CTG Server Limited

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
137.220.160.194

SHA256 Fingerprint
63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95

Validity Not Before
2024-09-21T00:00:00Z

Validity Not After
2025-09-21T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
26b48075123d7d47a10fd3010f75b503

HTTP Header MD5
a2f84633bd6b45ea23aeee8c0d8e5904

HTTP Body MD5
6233e72dde1921949bc3079a7a2f49ee

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Nov 2024 16:32:59 GMT
Content-Type: text/html
Content-Length: 1217
Connection: close
Vary: Accept-Encoding
Last-Modified: Sat, 29 Jun 2024 20:13:51 GMT
Vary: Accept-Encoding
ETag: "66806aff-4c1"
Via: mycdn
CDN-Cache: HIT
Cache-Control: no-cache
Accept-Ranges: bytes

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD>
<title>BET365������ www.011.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<BODY>

<P>��</P><br><br><br><br><br><br><br><br>
<P align=center><B><FONT size=7><a href="javascript:test()">����������</a></FONT></B></P>



<script language="javascript">

   function test(){

	 var url=new Array();

	 url[0]="https://137.220.163.106:39999/999.php/";

	 url[1]="https://137.220.163.106:39999/999.php/";

	 url[2]="https://137.220.163.106:39999/999.php/";

	 url[3]="https://137.220.163.106:39999/999.php/";

	 url[4]="https://137.220.163.106:39999/999.php/";

	 url[5]="https://137.220.163.106:39999/999.php/";

	 url[6]="https://137.220.163.106:39999/999.php/";

	 url[7]="https://137.220.163.106:39999/999.php/";

	 url[8]="https://137.220.163.106:39999/999.php/";
	 
	 url[9]="https://137.220.163.106:39999/999.php/";
	 
	 url[10]="https://137.220.163.106:39999/999.php/";


	 var ints=parseInt(Math.random()*(url.length));

	 window.open(url[ints]);//�����ڴ�	 

	 //window.location=url[ints];//�´��ڴ� 

	}



 </script>

</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T16:32:59.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "137.220.163.106"
         ],
         "url" : [
            "https://137.220.163.106:39999/999.php/"
         ]
      },
      "http" : {
         "bodymd5" : "6233e72dde1921949bc3079a7a2f49ee",
         "bodymmh3" : -628261066,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Sat, 29 Jun 2024 20:13:51 GMT"
            },
            {
               "value" : "66806aff-4c1",
               "name" : "ETag"
            }
         ],
         "headermd5" : "a2f84633bd6b45ea23aeee8c0d8e5904",
         "headermmh3" : 1642823021,
         "title" : "BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com"
      },
      "length" : 1543
   },
   "asn" : "AS152194",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 06 Nov 2024 16:32:59 GMT\r\nContent-Type: text/html\r\nContent-Length: 1217\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Sat, 29 Jun 2024 20:13:51 GMT\r\nVary: Accept-Encoding\r\nETag: \"66806aff-4c1\"\r\nVia: mycdn\r\nCDN-Cache: HIT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"><HTML><HEAD>\r\n<title>BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n\r\n<BODY>\r\n\r\n<P>\ufffd\ufffd</P><br><br><br><br><br><br><br><br>\r\n<P align=center><B><FONT size=7><a href=\"javascript:test()\">\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd</a></FONT></B></P>\r\n\r\n\r\n\r\n<script language=\"javascript\">\r\n\r\n   function test(){\r\n\r\n\t var url=new Array();\r\n\r\n\t url[0]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[1]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[2]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[3]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[4]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[5]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[6]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[7]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[8]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[9]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[10]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\r\n\t var ints=parseInt(Math.random()*(url.length));\r\n\r\n\t window.open(url[ints]);//\ufffd\ufffd\ufffd\ufffd\ufffd\u06b4\ufffd\t \r\n\r\n\t //window.location=url[ints];//\ufffd\u00b4\ufffd\ufffd\u06b4\ufffd \r\n\r\n\t}\r\n\r\n\r\n\r\n </script>\r\n\r\n</BODY></HTML>\r\n\r\n\r\n",
   "datamd5" : "26b48075123d7d47a10fd3010f75b503",
   "datammh3" : 655040513,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "aca6307b11aa18889ac73e141347098a",
      "sha1" : "c063ef5f25b042ac0b9f2500cf89602d0f1173ea",
      "sha256" : "63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95"
   },
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "ctgserver.com",
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "CTG220-128-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "137.220.160.0/20"
   },
   "ip" : "137.220.160.207",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 12443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-06",
   "serial" : "e4:05:9a:64:91:be:f0:66:50:4f:18:80:a0:9a:b0:76",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "commonname" : "137.220.160.194"
   },
   "subnet" : "137.220.160.0/19",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-09-21T23:59:59Z",
      "notbefore" : "2024-09-21T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
137.220.160.207

Network
137.220.160.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://137.220.160.207:12443/ 200

HTTP Title
BET365�� www.011.com

ASN
AS152194

Organization
CTG Server Limited

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
137.220.160.194

SHA256 Fingerprint
63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95

Validity Not Before
2024-09-21T00:00:00Z

Validity Not After
2025-09-21T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
26b48075123d7d47a10fd3010f75b503

HTTP Header MD5
a2f84633bd6b45ea23aeee8c0d8e5904

HTTP Body MD5
6233e72dde1921949bc3079a7a2f49ee

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Nov 2024 16:32:47 GMT
Content-Type: text/html
Content-Length: 1217
Connection: close
Vary: Accept-Encoding
Last-Modified: Sat, 29 Jun 2024 20:13:51 GMT
Vary: Accept-Encoding
ETag: "66806aff-4c1"
Via: mycdn
CDN-Cache: HIT
Cache-Control: no-cache
Accept-Ranges: bytes

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD>
<title>BET365������ www.011.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<BODY>

<P>��</P><br><br><br><br><br><br><br><br>
<P align=center><B><FONT size=7><a href="javascript:test()">����������</a></FONT></B></P>



<script language="javascript">

   function test(){

	 var url=new Array();

	 url[0]="https://137.220.163.106:39999/999.php/";

	 url[1]="https://137.220.163.106:39999/999.php/";

	 url[2]="https://137.220.163.106:39999/999.php/";

	 url[3]="https://137.220.163.106:39999/999.php/";

	 url[4]="https://137.220.163.106:39999/999.php/";

	 url[5]="https://137.220.163.106:39999/999.php/";

	 url[6]="https://137.220.163.106:39999/999.php/";

	 url[7]="https://137.220.163.106:39999/999.php/";

	 url[8]="https://137.220.163.106:39999/999.php/";
	 
	 url[9]="https://137.220.163.106:39999/999.php/";
	 
	 url[10]="https://137.220.163.106:39999/999.php/";


	 var ints=parseInt(Math.random()*(url.length));

	 window.open(url[ints]);//�����ڴ�	 

	 //window.location=url[ints];//�´��ڴ� 

	}



 </script>

</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T16:32:47.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "137.220.163.106"
         ],
         "url" : [
            "https://137.220.163.106:39999/999.php/"
         ]
      },
      "http" : {
         "bodymd5" : "6233e72dde1921949bc3079a7a2f49ee",
         "bodymmh3" : -628261066,
         "header" : [
            {
               "value" : "Sat, 29 Jun 2024 20:13:51 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "66806aff-4c1",
               "name" : "ETag"
            }
         ],
         "headermd5" : "a2f84633bd6b45ea23aeee8c0d8e5904",
         "headermmh3" : 566612153,
         "title" : "BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com"
      },
      "length" : 1543
   },
   "asn" : "AS152194",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 06 Nov 2024 16:32:47 GMT\r\nContent-Type: text/html\r\nContent-Length: 1217\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Sat, 29 Jun 2024 20:13:51 GMT\r\nVary: Accept-Encoding\r\nETag: \"66806aff-4c1\"\r\nVia: mycdn\r\nCDN-Cache: HIT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"><HTML><HEAD>\r\n<title>BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n\r\n<BODY>\r\n\r\n<P>\ufffd\ufffd</P><br><br><br><br><br><br><br><br>\r\n<P align=center><B><FONT size=7><a href=\"javascript:test()\">\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd</a></FONT></B></P>\r\n\r\n\r\n\r\n<script language=\"javascript\">\r\n\r\n   function test(){\r\n\r\n\t var url=new Array();\r\n\r\n\t url[0]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[1]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[2]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[3]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[4]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[5]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[6]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[7]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[8]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[9]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[10]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\r\n\t var ints=parseInt(Math.random()*(url.length));\r\n\r\n\t window.open(url[ints]);//\ufffd\ufffd\ufffd\ufffd\ufffd\u06b4\ufffd\t \r\n\r\n\t //window.location=url[ints];//\ufffd\u00b4\ufffd\ufffd\u06b4\ufffd \r\n\r\n\t}\r\n\r\n\r\n\r\n </script>\r\n\r\n</BODY></HTML>\r\n\r\n\r\n",
   "datamd5" : "26b48075123d7d47a10fd3010f75b503",
   "datammh3" : 655040513,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "aca6307b11aa18889ac73e141347098a",
      "sha1" : "c063ef5f25b042ac0b9f2500cf89602d0f1173ea",
      "sha256" : "63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95"
   },
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "ctgserver.com",
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "CTG220-128-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "137.220.160.0/20"
   },
   "ip" : "137.220.160.207",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 12443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-06",
   "serial" : "e4:05:9a:64:91:be:f0:66:50:4f:18:80:a0:9a:b0:76",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "commonname" : "137.220.160.194"
   },
   "subnet" : "137.220.160.0/19",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-09-21T23:59:59Z",
      "notbefore" : "2024-09-21T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
137.220.160.232

Network
137.220.160.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://137.220.160.232:12443/ 200

HTTP Title
BET365�� www.011.com

ASN
AS152194

Organization
CTG Server Limited

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
137.220.160.194

SHA256 Fingerprint
63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95

Validity Not Before
2024-09-21T00:00:00Z

Validity Not After
2025-09-21T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
26b48075123d7d47a10fd3010f75b503

HTTP Header MD5
a2f84633bd6b45ea23aeee8c0d8e5904

HTTP Body MD5
6233e72dde1921949bc3079a7a2f49ee

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Nov 2024 14:09:03 GMT
Content-Type: text/html
Content-Length: 1217
Connection: close
Vary: Accept-Encoding
Last-Modified: Sat, 29 Jun 2024 20:13:51 GMT
Vary: Accept-Encoding
ETag: "66806aff-4c1"
Via: mycdn
CDN-Cache: HIT
Cache-Control: no-cache
Accept-Ranges: bytes

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD>
<title>BET365������ www.011.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<BODY>

<P>��</P><br><br><br><br><br><br><br><br>
<P align=center><B><FONT size=7><a href="javascript:test()">����������</a></FONT></B></P>



<script language="javascript">

   function test(){

	 var url=new Array();

	 url[0]="https://137.220.163.106:39999/999.php/";

	 url[1]="https://137.220.163.106:39999/999.php/";

	 url[2]="https://137.220.163.106:39999/999.php/";

	 url[3]="https://137.220.163.106:39999/999.php/";

	 url[4]="https://137.220.163.106:39999/999.php/";

	 url[5]="https://137.220.163.106:39999/999.php/";

	 url[6]="https://137.220.163.106:39999/999.php/";

	 url[7]="https://137.220.163.106:39999/999.php/";

	 url[8]="https://137.220.163.106:39999/999.php/";
	 
	 url[9]="https://137.220.163.106:39999/999.php/";
	 
	 url[10]="https://137.220.163.106:39999/999.php/";


	 var ints=parseInt(Math.random()*(url.length));

	 window.open(url[ints]);//�����ڴ�	 

	 //window.location=url[ints];//�´��ڴ� 

	}



 </script>

</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T14:09:03.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "137.220.163.106"
         ],
         "url" : [
            "https://137.220.163.106:39999/999.php/"
         ]
      },
      "http" : {
         "bodymd5" : "6233e72dde1921949bc3079a7a2f49ee",
         "bodymmh3" : -628261066,
         "header" : [
            {
               "value" : "Sat, 29 Jun 2024 20:13:51 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "66806aff-4c1"
            }
         ],
         "headermd5" : "a2f84633bd6b45ea23aeee8c0d8e5904",
         "headermmh3" : 1096033731,
         "title" : "BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com"
      },
      "length" : 1543
   },
   "asn" : "AS152194",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 06 Nov 2024 14:09:03 GMT\r\nContent-Type: text/html\r\nContent-Length: 1217\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Sat, 29 Jun 2024 20:13:51 GMT\r\nVary: Accept-Encoding\r\nETag: \"66806aff-4c1\"\r\nVia: mycdn\r\nCDN-Cache: HIT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"><HTML><HEAD>\r\n<title>BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n\r\n<BODY>\r\n\r\n<P>\ufffd\ufffd</P><br><br><br><br><br><br><br><br>\r\n<P align=center><B><FONT size=7><a href=\"javascript:test()\">\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd</a></FONT></B></P>\r\n\r\n\r\n\r\n<script language=\"javascript\">\r\n\r\n   function test(){\r\n\r\n\t var url=new Array();\r\n\r\n\t url[0]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[1]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[2]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[3]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[4]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[5]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[6]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[7]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[8]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[9]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[10]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\r\n\t var ints=parseInt(Math.random()*(url.length));\r\n\r\n\t window.open(url[ints]);//\ufffd\ufffd\ufffd\ufffd\ufffd\u06b4\ufffd\t \r\n\r\n\t //window.location=url[ints];//\ufffd\u00b4\ufffd\ufffd\u06b4\ufffd \r\n\r\n\t}\r\n\r\n\r\n\r\n </script>\r\n\r\n</BODY></HTML>\r\n\r\n\r\n",
   "datamd5" : "26b48075123d7d47a10fd3010f75b503",
   "datammh3" : 655040513,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "aca6307b11aa18889ac73e141347098a",
      "sha1" : "c063ef5f25b042ac0b9f2500cf89602d0f1173ea",
      "sha256" : "63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95"
   },
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "ctgserver.com",
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "CTG220-128-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "137.220.160.0/20"
   },
   "ip" : "137.220.160.232",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 12443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-06",
   "serial" : "e4:05:9a:64:91:be:f0:66:50:4f:18:80:a0:9a:b0:76",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "commonname" : "137.220.160.194"
   },
   "subnet" : "137.220.160.0/19",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-09-21T23:59:59Z",
      "notbefore" : "2024-09-21T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
137.220.160.232

Network
137.220.160.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://137.220.160.232:12443/ 200

HTTP Title
BET365�� www.011.com

ASN
AS152194

Organization
CTG Server Limited

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
137.220.160.194

SHA256 Fingerprint
63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95

Validity Not Before
2024-09-21T00:00:00Z

Validity Not After
2025-09-21T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
26b48075123d7d47a10fd3010f75b503

HTTP Header MD5
a2f84633bd6b45ea23aeee8c0d8e5904

HTTP Body MD5
6233e72dde1921949bc3079a7a2f49ee

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Nov 2024 14:07:13 GMT
Content-Type: text/html
Content-Length: 1217
Connection: close
Vary: Accept-Encoding
Last-Modified: Sat, 29 Jun 2024 20:13:51 GMT
Vary: Accept-Encoding
ETag: "66806aff-4c1"
Via: mycdn
CDN-Cache: HIT
Cache-Control: no-cache
Accept-Ranges: bytes

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD>
<title>BET365������ www.011.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<BODY>

<P>��</P><br><br><br><br><br><br><br><br>
<P align=center><B><FONT size=7><a href="javascript:test()">����������</a></FONT></B></P>



<script language="javascript">

   function test(){

	 var url=new Array();

	 url[0]="https://137.220.163.106:39999/999.php/";

	 url[1]="https://137.220.163.106:39999/999.php/";

	 url[2]="https://137.220.163.106:39999/999.php/";

	 url[3]="https://137.220.163.106:39999/999.php/";

	 url[4]="https://137.220.163.106:39999/999.php/";

	 url[5]="https://137.220.163.106:39999/999.php/";

	 url[6]="https://137.220.163.106:39999/999.php/";

	 url[7]="https://137.220.163.106:39999/999.php/";

	 url[8]="https://137.220.163.106:39999/999.php/";
	 
	 url[9]="https://137.220.163.106:39999/999.php/";
	 
	 url[10]="https://137.220.163.106:39999/999.php/";


	 var ints=parseInt(Math.random()*(url.length));

	 window.open(url[ints]);//�����ڴ�	 

	 //window.location=url[ints];//�´��ڴ� 

	}



 </script>

</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T14:07:13.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "137.220.163.106"
         ],
         "url" : [
            "https://137.220.163.106:39999/999.php/"
         ]
      },
      "http" : {
         "bodymd5" : "6233e72dde1921949bc3079a7a2f49ee",
         "bodymmh3" : -628261066,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Sat, 29 Jun 2024 20:13:51 GMT"
            },
            {
               "value" : "66806aff-4c1",
               "name" : "ETag"
            }
         ],
         "headermd5" : "a2f84633bd6b45ea23aeee8c0d8e5904",
         "headermmh3" : -840287521,
         "title" : "BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com"
      },
      "length" : 1543
   },
   "asn" : "AS152194",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 06 Nov 2024 14:07:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 1217\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Sat, 29 Jun 2024 20:13:51 GMT\r\nVary: Accept-Encoding\r\nETag: \"66806aff-4c1\"\r\nVia: mycdn\r\nCDN-Cache: HIT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"><HTML><HEAD>\r\n<title>BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n\r\n<BODY>\r\n\r\n<P>\ufffd\ufffd</P><br><br><br><br><br><br><br><br>\r\n<P align=center><B><FONT size=7><a href=\"javascript:test()\">\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd</a></FONT></B></P>\r\n\r\n\r\n\r\n<script language=\"javascript\">\r\n\r\n   function test(){\r\n\r\n\t var url=new Array();\r\n\r\n\t url[0]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[1]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[2]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[3]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[4]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[5]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[6]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[7]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[8]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[9]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[10]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\r\n\t var ints=parseInt(Math.random()*(url.length));\r\n\r\n\t window.open(url[ints]);//\ufffd\ufffd\ufffd\ufffd\ufffd\u06b4\ufffd\t \r\n\r\n\t //window.location=url[ints];//\ufffd\u00b4\ufffd\ufffd\u06b4\ufffd \r\n\r\n\t}\r\n\r\n\r\n\r\n </script>\r\n\r\n</BODY></HTML>\r\n\r\n\r\n",
   "datamd5" : "26b48075123d7d47a10fd3010f75b503",
   "datammh3" : 655040513,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "aca6307b11aa18889ac73e141347098a",
      "sha1" : "c063ef5f25b042ac0b9f2500cf89602d0f1173ea",
      "sha256" : "63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95"
   },
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "ctgserver.com",
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "CTG220-128-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "137.220.160.0/20"
   },
   "ip" : "137.220.160.232",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 12443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-06",
   "serial" : "e4:05:9a:64:91:be:f0:66:50:4f:18:80:a0:9a:b0:76",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "commonname" : "137.220.160.194"
   },
   "subnet" : "137.220.160.0/19",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-09-21T23:59:59Z",
      "notbefore" : "2024-09-21T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
120.3.158.56

Network
120.0.0.0/12

Domain(s)
huxianbk.cn

Operating System
Linux Linux Kernel

ASN
AS4837

Organization
CHINA UNICOM China169 Backbone

Protocol
undefined Cert not expired undefined

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Encryption Everywhere DV TLS CA - G2

Issuer Organization
DigiCert Inc

Subject Common Name
ku.huxianbk.cn

Subject Alt Name
ku.huxianbk.cn

SHA256 Fingerprint
682d73e83c6376b0f83eda732fbaaa27f11d6802c2328db06615550cd99c7b1f

Validity Not Before
2024-09-21T00:00:00Z

Validity Not After
2024-12-19T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3c768c4828bc7cf16f444a4228eaa0b3
```
<nodata>
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T02:48:00.000Z",
   "app" : {
      "length" : 8
   },
   "asn" : "AS4837",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<nodata>",
   "datamd5" : "3c768c4828bc7cf16f444a4228eaa0b3",
   "datammh3" : -969888823,
   "domain" : [
      "huxianbk.cn"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "1db71184a67f43b07ca72fafcf640f74",
      "sha1" : "55a8edd7820537eeaa3423d252ad34e0a4a4b337",
      "sha256" : "682d73e83c6376b0f83eda732fbaaa27f11d6802c2328db06615550cd99c7b1f"
   },
   "geolocus" : {
      "asn" : "AS4837",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinaunicom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "UNICOM-HE",
      "organization" : "China Unicom China169 Network",
      "subnet" : "120.3.0.0/16"
   },
   "host" : [
      "ku"
   ],
   "hostname" : [
      "ku.huxianbk.cn"
   ],
   "ip" : "120.3.158.56",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Encryption Everywhere DV TLS CA - G2",
      "country" : "US",
      "organization" : "DigiCert Inc",
      "organizationalunit" : "www.digicert.com"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CHINA UNICOM China169 Backbone",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 12443,
   "protocol" : "undefined",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-06",
   "serial" : "05:75:75:49:01:2b:97:b9:c0:87:02:44:3d:3a:bb:7b",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "ku.huxianbk.cn"
      ],
      "commonname" : "ku.huxianbk.cn"
   },
   "subnet" : "120.0.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "cn"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2024-12-19T23:59:59Z",
      "notbefore" : "2024-09-21T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
120.3.158.56

Network
120.0.0.0/12

Domain(s)
huxianbk.cn

Operating System
Linux Linux Kernel

ASN
AS4837

Organization
CHINA UNICOM China169 Backbone

Protocol
undefined Cert not expired undefined

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Encryption Everywhere DV TLS CA - G2

Issuer Organization
DigiCert Inc

Subject Common Name
ku.huxianbk.cn

Subject Alt Name
ku.huxianbk.cn

SHA256 Fingerprint
682d73e83c6376b0f83eda732fbaaa27f11d6802c2328db06615550cd99c7b1f

Validity Not Before
2024-09-21T00:00:00Z

Validity Not After
2024-12-19T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3c768c4828bc7cf16f444a4228eaa0b3
```
<nodata>
```

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T02:46:46.000Z",
   "app" : {
      "length" : 8
   },
   "asn" : "AS4837",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "<nodata>",
   "datamd5" : "3c768c4828bc7cf16f444a4228eaa0b3",
   "datammh3" : -969888823,
   "domain" : [
      "huxianbk.cn"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "1db71184a67f43b07ca72fafcf640f74",
      "sha1" : "55a8edd7820537eeaa3423d252ad34e0a4a4b337",
      "sha256" : "682d73e83c6376b0f83eda732fbaaa27f11d6802c2328db06615550cd99c7b1f"
   },
   "geolocus" : {
      "asn" : "AS4837",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinaunicom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "UNICOM-HE",
      "organization" : "China Unicom China169 Network",
      "subnet" : "120.3.0.0/16"
   },
   "host" : [
      "ku"
   ],
   "hostname" : [
      "ku.huxianbk.cn"
   ],
   "ip" : "120.3.158.56",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Encryption Everywhere DV TLS CA - G2",
      "country" : "US",
      "organization" : "DigiCert Inc",
      "organizationalunit" : "www.digicert.com"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CHINA UNICOM China169 Backbone",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 12443,
   "protocol" : "undefined",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-06",
   "serial" : "05:75:75:49:01:2b:97:b9:c0:87:02:44:3d:3a:bb:7b",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "ku.huxianbk.cn"
      ],
      "commonname" : "ku.huxianbk.cn"
   },
   "subnet" : "120.0.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "cn"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2024-12-19T23:59:59Z",
      "notbefore" : "2024-09-21T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
137.220.160.229

Network
137.220.160.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://137.220.160.229:12443/ 200

HTTP Title
BET365�� www.011.com

ASN
AS152194

Organization
CTG Server Limited

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
137.220.160.194

SHA256 Fingerprint
63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95

Validity Not Before
2024-09-21T00:00:00Z

Validity Not After
2025-09-21T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5b5c3aac2c92a1bda2406f15abbd56e0

HTTP Header MD5
074ccfd1dea624296256185ccafd1f18

HTTP Body MD5
6233e72dde1921949bc3079a7a2f49ee

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Nov 2024 18:59:58 GMT
Content-Type: text/html
Content-Length: 1217
Connection: close
Vary: Accept-Encoding
Last-Modified: Sat, 29 Jun 2024 20:13:51 GMT
Vary: Accept-Encoding
ETag: "66806aff-4c1"
Via: mycdn
CDN-Cache: REVALIDATED
Cache-Control: no-cache
Accept-Ranges: bytes

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD>
<title>BET365������ www.011.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<BODY>

<P>��</P><br><br><br><br><br><br><br><br>
<P align=center><B><FONT size=7><a href="javascript:test()">����������</a></FONT></B></P>



<script language="javascript">

   function test(){

	 var url=new Array();

	 url[0]="https://137.220.163.106:39999/999.php/";

	 url[1]="https://137.220.163.106:39999/999.php/";

	 url[2]="https://137.220.163.106:39999/999.php/";

	 url[3]="https://137.220.163.106:39999/999.php/";

	 url[4]="https://137.220.163.106:39999/999.php/";

	 url[5]="https://137.220.163.106:39999/999.php/";

	 url[6]="https://137.220.163.106:39999/999.php/";

	 url[7]="https://137.220.163.106:39999/999.php/";

	 url[8]="https://137.220.163.106:39999/999.php/";
	 
	 url[9]="https://137.220.163.106:39999/999.php/";
	 
	 url[10]="https://137.220.163.106:39999/999.php/";


	 var ints=parseInt(Math.random()*(url.length));

	 window.open(url[ints]);//�����ڴ�	 

	 //window.location=url[ints];//�´��ڴ� 

	}



 </script>

</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T18:59:58.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "137.220.163.106"
         ],
         "url" : [
            "https://137.220.163.106:39999/999.php/"
         ]
      },
      "http" : {
         "bodymd5" : "6233e72dde1921949bc3079a7a2f49ee",
         "bodymmh3" : -628261066,
         "header" : [
            {
               "value" : "Sat, 29 Jun 2024 20:13:51 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "66806aff-4c1",
               "name" : "ETag"
            }
         ],
         "headermd5" : "074ccfd1dea624296256185ccafd1f18",
         "headermmh3" : 1476128586,
         "title" : "BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com"
      },
      "length" : 1551
   },
   "asn" : "AS152194",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 05 Nov 2024 18:59:58 GMT\r\nContent-Type: text/html\r\nContent-Length: 1217\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Sat, 29 Jun 2024 20:13:51 GMT\r\nVary: Accept-Encoding\r\nETag: \"66806aff-4c1\"\r\nVia: mycdn\r\nCDN-Cache: REVALIDATED\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"><HTML><HEAD>\r\n<title>BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n\r\n<BODY>\r\n\r\n<P>\ufffd\ufffd</P><br><br><br><br><br><br><br><br>\r\n<P align=center><B><FONT size=7><a href=\"javascript:test()\">\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd</a></FONT></B></P>\r\n\r\n\r\n\r\n<script language=\"javascript\">\r\n\r\n   function test(){\r\n\r\n\t var url=new Array();\r\n\r\n\t url[0]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[1]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[2]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[3]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[4]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[5]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[6]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[7]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[8]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[9]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[10]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\r\n\t var ints=parseInt(Math.random()*(url.length));\r\n\r\n\t window.open(url[ints]);//\ufffd\ufffd\ufffd\ufffd\ufffd\u06b4\ufffd\t \r\n\r\n\t //window.location=url[ints];//\ufffd\u00b4\ufffd\ufffd\u06b4\ufffd \r\n\r\n\t}\r\n\r\n\r\n\r\n </script>\r\n\r\n</BODY></HTML>\r\n\r\n\r\n",
   "datamd5" : "5b5c3aac2c92a1bda2406f15abbd56e0",
   "datammh3" : 1333747132,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "aca6307b11aa18889ac73e141347098a",
      "sha1" : "c063ef5f25b042ac0b9f2500cf89602d0f1173ea",
      "sha256" : "63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95"
   },
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "ctgserver.com",
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "CTG220-128-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "137.220.160.0/20"
   },
   "ip" : "137.220.160.229",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 12443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-05",
   "serial" : "e4:05:9a:64:91:be:f0:66:50:4f:18:80:a0:9a:b0:76",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "commonname" : "137.220.160.194"
   },
   "subnet" : "137.220.160.0/19",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-09-21T23:59:59Z",
      "notbefore" : "2024-09-21T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
137.220.160.229

Network
137.220.160.0/19

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://137.220.160.229:12443/ 200

HTTP Title
BET365�� www.011.com

ASN
AS152194

Organization
CTG Server Limited

Protocol
http Cert not expired http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
137.220.160.194

SHA256 Fingerprint
63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95

Validity Not Before
2024-09-21T00:00:00Z

Validity Not After
2025-09-21T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
26b48075123d7d47a10fd3010f75b503

HTTP Header MD5
a2f84633bd6b45ea23aeee8c0d8e5904

HTTP Body MD5
6233e72dde1921949bc3079a7a2f49ee

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Nov 2024 18:57:15 GMT
Content-Type: text/html
Content-Length: 1217
Connection: close
Vary: Accept-Encoding
Last-Modified: Sat, 29 Jun 2024 20:13:51 GMT
Vary: Accept-Encoding
ETag: "66806aff-4c1"
Via: mycdn
CDN-Cache: HIT
Cache-Control: no-cache
Accept-Ranges: bytes

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD>
<title>BET365������ www.011.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<BODY>

<P>��</P><br><br><br><br><br><br><br><br>
<P align=center><B><FONT size=7><a href="javascript:test()">����������</a></FONT></B></P>



<script language="javascript">

   function test(){

	 var url=new Array();

	 url[0]="https://137.220.163.106:39999/999.php/";

	 url[1]="https://137.220.163.106:39999/999.php/";

	 url[2]="https://137.220.163.106:39999/999.php/";

	 url[3]="https://137.220.163.106:39999/999.php/";

	 url[4]="https://137.220.163.106:39999/999.php/";

	 url[5]="https://137.220.163.106:39999/999.php/";

	 url[6]="https://137.220.163.106:39999/999.php/";

	 url[7]="https://137.220.163.106:39999/999.php/";

	 url[8]="https://137.220.163.106:39999/999.php/";
	 
	 url[9]="https://137.220.163.106:39999/999.php/";
	 
	 url[10]="https://137.220.163.106:39999/999.php/";


	 var ints=parseInt(Math.random()*(url.length));

	 window.open(url[ints]);//�����ڴ�	 

	 //window.location=url[ints];//�´��ڴ� 

	}



 </script>

</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T18:57:15.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "137.220.163.106"
         ],
         "url" : [
            "https://137.220.163.106:39999/999.php/"
         ]
      },
      "http" : {
         "bodymd5" : "6233e72dde1921949bc3079a7a2f49ee",
         "bodymmh3" : -628261066,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Sat, 29 Jun 2024 20:13:51 GMT"
            },
            {
               "value" : "66806aff-4c1",
               "name" : "ETag"
            }
         ],
         "headermd5" : "a2f84633bd6b45ea23aeee8c0d8e5904",
         "headermmh3" : 2133257555,
         "title" : "BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com"
      },
      "length" : 1543
   },
   "asn" : "AS152194",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 05 Nov 2024 18:57:15 GMT\r\nContent-Type: text/html\r\nContent-Length: 1217\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Sat, 29 Jun 2024 20:13:51 GMT\r\nVary: Accept-Encoding\r\nETag: \"66806aff-4c1\"\r\nVia: mycdn\r\nCDN-Cache: HIT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"><HTML><HEAD>\r\n<title>BET365\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd www.011.com</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n\r\n<BODY>\r\n\r\n<P>\ufffd\ufffd</P><br><br><br><br><br><br><br><br>\r\n<P align=center><B><FONT size=7><a href=\"javascript:test()\">\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd</a></FONT></B></P>\r\n\r\n\r\n\r\n<script language=\"javascript\">\r\n\r\n   function test(){\r\n\r\n\t var url=new Array();\r\n\r\n\t url[0]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[1]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[2]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[3]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[4]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[5]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[6]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[7]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\t url[8]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[9]=\"https://137.220.163.106:39999/999.php/\";\r\n\t \r\n\t url[10]=\"https://137.220.163.106:39999/999.php/\";\r\n\r\n\r\n\t var ints=parseInt(Math.random()*(url.length));\r\n\r\n\t window.open(url[ints]);//\ufffd\ufffd\ufffd\ufffd\ufffd\u06b4\ufffd\t \r\n\r\n\t //window.location=url[ints];//\ufffd\u00b4\ufffd\ufffd\u06b4\ufffd \r\n\r\n\t}\r\n\r\n\r\n\r\n </script>\r\n\r\n</BODY></HTML>\r\n\r\n\r\n",
   "datamd5" : "26b48075123d7d47a10fd3010f75b503",
   "datammh3" : 655040513,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "aca6307b11aa18889ac73e141347098a",
      "sha1" : "c063ef5f25b042ac0b9f2500cf89602d0f1173ea",
      "sha256" : "63622535e78801f7bafb7bcbc443ff8b58697b30f094e87c17444caae8399f95"
   },
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "ctgserver.com",
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "CTG220-128-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "137.220.160.0/20"
   },
   "ip" : "137.220.160.229",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6893",
   "location" : "35.6893,139.6899",
   "longitude" : "139.6899",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 12443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-05",
   "serial" : "e4:05:9a:64:91:be:f0:66:50:4f:18:80:a0:9a:b0:76",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "commonname" : "137.220.160.194"
   },
   "subnet" : "137.220.160.0/19",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-09-21T23:59:59Z",
      "notbefore" : "2024-09-21T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

Returning 10 result(s) out of 136 in 0.057 second(s)

137.220.160.198:12443 (tcp/http/tls) - last seen on 2024-11-07 at 03:37:13 UTC

137.220.160.198:12443 (tcp/http/tls) - last seen on 2024-11-07 at 03:34:56 UTC

137.220.160.207:12443 (tcp/http/tls) - last seen on 2024-11-06 at 16:32:59 UTC

137.220.160.207:12443 (tcp/http/tls) - last seen on 2024-11-06 at 16:32:47 UTC

137.220.160.232:12443 (tcp/http/tls) - last seen on 2024-11-06 at 14:09:03 UTC

137.220.160.232:12443 (tcp/http/tls) - last seen on 2024-11-06 at 14:07:13 UTC

120.3.158.56:12443 (tcp/undefined/tls) - last seen on 2024-11-06 at 02:48:00 UTC

120.3.158.56:12443 (tcp/undefined/tls) - last seen on 2024-11-06 at 02:46:46 UTC

137.220.160.229:12443 (tcp/http/tls) - last seen on 2024-11-05 at 18:59:58 UTC

137.220.160.229:12443 (tcp/http/tls) - last seen on 2024-11-05 at 18:57:15 UTC