IP

38.54.12.9

Network

38.54.0.0/20

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://38.54.12.9:5094/ 200

ASN

AS138915

Organization

Kaopu Cloud HK Limited

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

9d36a25b47cd9afee6017962e7139b29

HTTP Header MD5

f39e682a56486bee9090e4044fe84ce3

HTTP Body MD5

d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 200 OK
Content-Length: 0
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:36:21.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "f39e682a56486bee9090e4044fe84ce3",
         "headermmh3" : -1079873228
      },
      "length" : 57
   },
   "asn" : "AS138915",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Length: 0\r\nConnection: close\r\n\r\n",
   "datamd5" : "9d36a25b47cd9afee6017962e7139b29",
   "datammh3" : -1860188957,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS138915",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "cogentco.com",
         "kaopucloud.com"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "KAOPUCLOUD-DE",
      "organization" : "Kaopu Cloud HK Limited",
      "subnet" : "38.54.12.0/23"
   },
   "ip" : "38.54.12.9",
   "ipv6" : "false",
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Kaopu Cloud HK Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5094,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "38.54.0.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

211.83.6.115

Network

211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.6.115:5094/ 200

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Product

Apache HTTP Server

CPE(s)

<enterprise field>: cpe

Data MD5

7d776fd8c2e7deb19af355ed35e128ba

HTTP Header MD5

97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5

da09a1c9fc883a502d501d5618eaa9f2

HTTP/1.1 200 ok
Server: Apache
Content-Length:  221
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:5094/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:36:16.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.100.100.114",
            "211.83.41.225"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "da09a1c9fc883a502d501d5618eaa9f2",
         "bodymmh3" : 1911705615,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : -1664957083
      },
      "length" : 311
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  221\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:5094/'</script>\r\n\r\n",
   "datamd5" : "7d776fd8c2e7deb19af355ed35e128ba",
   "datammh3" : 668947851,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.6.115",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 5094,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

199.248.230.149

Network

199.248.230.0/24

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://199.248.230.149:5094/ 418

ASN

AS29909

Organization

METROOPTIC

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

Caddy Caddy

CPE(s)

<enterprise field>: cpe

Data MD5

582ba006cfdfa0b464d302614b8df279

HTTP Header MD5

a19930246e7e4998d66f7d94e5fccaef

HTTP Body MD5

664a9a0eeaefe9c6a97068f15851dae8

HTTP/1.1 418 I'm a teapot
Content-Type: text/plain; charset=utf-8
Server: Caddy
Date: Thu, 07 Nov 2024 03:29:29 GMT
Content-Length: 30
Connection: close

GoSecure - open - <srcip>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:29:29.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "664a9a0eeaefe9c6a97068f15851dae8",
         "bodymmh3" : -1441739188,
         "headermd5" : "a19930246e7e4998d66f7d94e5fccaef",
         "headermmh3" : -307933908
      },
      "length" : 186
   },
   "asn" : "AS29909",
   "city" : "Montreal",
   "country" : "CA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 418 I'm a teapot\r\nContent-Type: text/plain; charset=utf-8\r\nServer: Caddy\r\nDate: Thu, 07 Nov 2024 03:29:29 GMT\r\nContent-Length: 30\r\nConnection: close\r\n\r\nGoSecure - open - <srcip>",
   "datamd5" : "582ba006cfdfa0b464d302614b8df279",
   "datammh3" : -1487711954,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS29909",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "gosecure.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "EW-SD-2",
      "organization" : "Edgewave, Inc.",
      "subnet" : "199.248.230.0/24"
   },
   "ip" : "199.248.230.149",
   "ipv6" : "false",
   "latitude" : "45.5075",
   "location" : "45.5075,-73.5887",
   "longitude" : "-73.5887",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "METROOPTIC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5094,
   "product" : "Caddy",
   "productvendor" : "Caddy",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "I'm a teapot",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 418,
   "subnet" : "199.248.230.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

47.89.44.247

Network

47.89.0.0/18

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://47.89.44.247:5094/ 200

HTTP Title

360安全DNS

ASN

AS45102

Organization

Alibaba US Technology Co., Ltd.

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx 1.9.9

CPE(s)

<enterprise field>: cpe

Data MD5

7fb6a21a77429a921be6122c96aa2846

HTTP Header MD5

295be25fa2a56227d7a01cc3c304ab4e

HTTP Body MD5

e3792cd7f248bdf796fd1125657485c0

HTTP/1.1 200 OK
Content-Type: text/html
Server: nginx/1.9.9
Date: Thu, 07 Nov 2024 03:01:40 GMT
Connection: close
Transfer-Encoding: chunked

323b
<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="UTF-8" />
        <meta http-equiv="X-UA-Compatible" content="IE=edge" />
        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
        <title>360安全DNS</title>
        <style>
            * {
                margin: 0px;
                padding: 0px;
            }

            html,
            body {
                height: 100%;
                overflow: hidden;
                font-family: "PingFang SC", Arial, "Microsoft YaHei", sans-serif;
            }

            .header {
                height: 200px;
                background-color: #e02020;
                margin: 0 auto;
                color: #fff;
                position: relative;
            }

            .header-content {
                position: absolute;
                top: 50%;
                left: 45%;
                transform: translateX(-45%) translateY(-50%);
            }

            .header-right {
                display: inline-block;
                margin-left: 18px;
            }

            .ml {
                margin-left: 90px;
            }

            .content {
                padding-top: 100px;
            }

            .block {
                height: 360px;
                width: 360px;
                background: #fbfbfb;
                border-radius: 4px;
                display: inline-block;
                overflow: hidden;
                padding: 0 35px;
                padding-top: 65px;
                text-align: center;
                box-sizing: border-box;
            }

            .box-center {
                width: 100%;
                text-align: center;
            }

            .block p {
                text-align: left;
                font-size: 14px;
                line-height: 24px;
                height: 52px;
                margin-top: 15px;
            }

            .lp {
                padding: 0 25px;
            }

            .qrcode {
                position: absolute;
                bottom: 50px;
                right: 40px;
            }

            .qrcode-img {
                border: 1px solid #dddddd;
            }

            .qrcode-desc {
                font-size: 14px;
                color: rgba(0, 0, 0, 0.85);
                text-align: center;
                line-height: 16px;
            }

            .mask {
                display: none;
            }

            .mask:before {
                content: "";
                display: block;
                background: rgba(0, 0, 0, 0.6);
                position: fixed;
                top: 0;
                left: 0;
                right: 0;
                bottom: 0;
                z-index: 1001;
            }

            .mask .dialog {
                width: 750px;
                height: 460px;
                display: hidden;
                border-radius: 2px;
                position: fixed;
                margin-left: -120px;
                z-index: 1001;
                top: 25%;
                line-height: 1.5;
                right: 0;
                bottom: 0;
                left: 39%;
                background: #fff;
                transition: opacity 400ms ease-in;
            }

            .dialog-header {
                font-size: 16px;
                color: rgba(0, 0, 0, 0.85);
                padding: 16px 24px;
                border-bottom: 1px solid rgba(0, 0, 0, 0.09);
            }

            .dialog-close {
                position: absolute;
                right: 24px;
                cursor: pointer;
                color: #aaaaaa;
                font-size: 20px;
            }

            .dialog-body {
                padding: 24px;
                font-size: 14px;
            }

            .qa-header {
                font-weight: 600;
                margin: 8px 0px;
            }
            .qa-content {
                color: #777;
                margin-left: 36px;
                margin-bottom: 4px;
          
            }

            .header-tip {
                font-size: 16px;
            }
            .header-title {
                font-size: 28px;
                font-weight: 500;
                margin-top: 4px;
                margin-bottom: 14px;
            }
            .header-subtitle {
                font-size: 12px;
                color: #f0f0f0;
            }

            #qa {
                text-decoration: underline;
                cursor: pointer;
                display: inline-block;
                margin: 0 4px;
            }

            .btn {
                font-size: 16px;
                height: 48px;
                display: inline-block;
                width: 170px;
                line-height: 48px;
                color: rgba(0, 0, 0, 0.65);
                border: 2px solid rgba(0, 0, 0, 0.15);
                border-top-left-radius: 6px;
                border-bottom-right-radius: 6px;
                margin-top: 48px;
                cursor: pointer;
            }

            ul li{
                text-align: justify;
                /* margin-left: 5px; */
                /* list-style-position: outside; */
            }
        </style>
    </head>
    <body>
        <div class="header">
            <div class="header-content">
                <img
                    style="vertical-align: top"
                    src="https://p5.ssl.qhimg.com/t015199c683bd0fb666.png"
                />
                <div class="header-right">
                    <div class="header-tip">360安全DNS提示您：</div>
                    <div class="header-title">
                        您访问的域名存在安全风险，被重定向到本页面!
                    </div>
                    <div class="header-subtitle">
                        如果对本次拦截有疑问，请查看<span id="qa"
                            >常见问题</span
                        >
                    </div>
                </div>
            </div>
        </div>

        <div class="content">
            <div class="box-center">
                <div class="block">
                    <img
                        src="https://p4.ssl.qhimg.com/t0111fde547f20f782e.png"
                        alt=""
                    />
                    <p class="lp">
                        免费使用360DoH/DoT安全DNS解析防劫持、防恶意广告、防隐私泄露
                    </p>
                    <div class="btn" id="detail">了解详情</div>
                </div>

                <div class="block ml">
                    <img
                        src="https://p4.ssl.qhimg.com/t016f6d84b17ab99968.png"
                        alt=""
                    />
                    <p>
                        360DNS安全监测系统（SaaS版）为您的企业提供安全解析、网络威胁检测和阻断、上网行为管理等功能，5分钟完成设置
                    </p>
                    <div class="btn" id="free">30天免费试用</div>
                </div>
            </div>

            <div class="qrcode">
                <div class="qrcode-img">
                    <img
                        src="https://p0.ssl.qhimg.com/t01dfbb9ccc309e4ce2.png"
                        alt=""
                    />
                </div>
                <div class="qrcode-desc">关注公众号</div>
            </div>
        </div>

        <div class="mask">
            <div class="dialog">
                <div class="dialog-header">
                    常见问题
                    <span class="dialog-close">x</span>
                </div>
                <div class="dialog-body">
                    <div class="qa-section">
                        <div class="qa-header">1、这个页面是干什么的？</div>
                        <ul>
                        <li class="qa-content">
                            这个页面是360安全DNS用来重定向不安全域名的页面，您访问到这个页面说明您访问的域名(<span
                                id="domain"
                            ></span
                            >)可能存在不安全行为。
                        </li>
                        <li class="qa-content">
                            不安全行为的域名类型包括但不限于僵尸网络的主控服务器域名，恶意程序的挖矿域名，钓鱼域名以及其他包含不安全行为的黑灰域名等。
                        </li>
                    </ul>
                    </div>

                    <div class="qa-section">
                        <div class="qa-header">2、我是怎么到这个页面的？</div>
                        <ul>
                        <li class="qa-content">
                            您使用了360公司的安全DNS服务之后，安全DNS会自动对您请求的域名是否安全进行判定，如果域名被判定为以上描述的不安全域名就会跳转到这个页面。
                        </li>
                    </ul>
                    </div>

                    <div class="qa-section">
                        <div class="qa-header">
                            3、你们错误拦截了合法域名，怎么解封？
                        </div>
                        <ul>
                        <li class="qa-content">
                            360安全DNS仅拦截对用户有<strong style="color: #000"
                                >不安全行为</strong
                            >的域名，在保证用户的上网体验的同时，提高用户上网的安全性。
                        </li>

                        <li class="qa-content">
                            阻断的域名列表是360安全DNS利用多种技术手段自动生成的，<b
                                style="color: #000"
                                >并不会基于网站具体内容决定是否拦截</b
                            >。
                        </li>
                        <li class="qa-content">
                            如果您是域名的所有者并确定自己的域名没有不安全行为，请发送邮件到
                            <strong
                                ><span style="font-size: 15px; color: #000"
                                    >sinkhole#360.cn（发送时请手动将#改为@）</span
                                ></strong
                            >，请在邮件中简要说明域名的功能和用途，并注意确保邮件中标明你要解封的域名。
                        </li>
                    </ul>
                    </div>
                </div>
            </div>
        </div>
        <script>
            var qa = document.getElementById("qa");
            var domain = document.getElementById("domain");
            domain.innerHTML = window.location.hostname;
            domain.style.fontWeight = 600;
            domain.style.color = "#000";
            var dialog = document.getElementsByClassName("mask")[0];
            var close = document.getElementsByClassName("dialog-close")[0];
            close.addEventListener("click", function () {
                dialog.style.display = "none";
            });
            qa.addEventListener("click", function () {
                dialog.style.display = "block";
            });
            document.body.addEventListener("click", function (e) {
                if ("mask" === e.target.className) {
                    dialog.style.display = "none";
                }
            });

            var detail = document.getElementById("detail");
            var free = document.getElementById("free");

            detail.addEventListener("click", function (e) {
                window.monitor && window.monitor.log({ c: "了解详情" });
                window.open("https://dns.360.cn/dnsPublic.html#dnsLink");
            });

            free.addEventListener("click", function (e) {
                window.monitor && window.monitor.log({ c: "30天免费试用" });
                window.open("https://dns.360.cn/dnsGuard.html");
            });
        </script>
        <script src="https://s2.ssl.qhres.com/static/722013efa282e2fb.js"></script>
        <script>
            window.monitor && window.monitor.setProject("QH_7770_1216");
            window.monitor && window.monitor.getTrack();
        </script>
    </body>
</html>


0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:28:43.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "qhres.com",
            "360.cn",
            "qhimg.com"
         ],
         "hostname" : [
            "dns.360.cn",
            "p0.ssl.qhimg.com",
            "p4.ssl.qhimg.com",
            "p5.ssl.qhimg.com",
            "s2.ssl.qhres.com"
         ],
         "url" : [
            "https://dns.360.cn/dnsGuard.html",
            "https://dns.360.cn/dnsPublic.html",
            "https://p0.ssl.qhimg.com/t01dfbb9ccc309e4ce2.png",
            "https://p4.ssl.qhimg.com/t0111fde547f20f782e.png",
            "https://p4.ssl.qhimg.com/t016f6d84b17ab99968.png",
            "https://p5.ssl.qhimg.com/t015199c683bd0fb666.png",
            "https://s2.ssl.qhres.com/static/722013efa282e2fb.js"
         ]
      },
      "http" : {
         "bodymd5" : "e3792cd7f248bdf796fd1125657485c0",
         "bodymmh3" : -869285942,
         "headermd5" : "295be25fa2a56227d7a01cc3c304ab4e",
         "headermmh3" : 1626693863,
         "title" : "360\u5b89\u5168DNS"
      },
      "length" : 13021
   },
   "asn" : "AS45102",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nServer: nginx/1.9.9\r\nDate: Thu, 07 Nov 2024 03:01:40 GMT\r\nConnection: close\r\nTransfer-Encoding: chunked\r\n\r\n323b\r\n<!DOCTYPE html>\r\n<html lang=\"en\">\r\n    <head>\r\n        <meta charset=\"UTF-8\" />\r\n        <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" />\r\n        <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" />\r\n        <title>360\u5b89\u5168DNS</title>\r\n        <style>\r\n            * {\r\n                margin: 0px;\r\n                padding: 0px;\r\n            }\r\n\r\n            html,\r\n            body {\r\n                height: 100%;\r\n                overflow: hidden;\r\n                font-family: \"PingFang SC\", Arial, \"Microsoft YaHei\", sans-serif;\r\n            }\r\n\r\n            .header {\r\n                height: 200px;\r\n                background-color: #e02020;\r\n                margin: 0 auto;\r\n                color: #fff;\r\n                position: relative;\r\n            }\r\n\r\n            .header-content {\r\n                position: absolute;\r\n                top: 50%;\r\n                left: 45%;\r\n                transform: translateX(-45%) translateY(-50%);\r\n            }\r\n\r\n            .header-right {\r\n                display: inline-block;\r\n                margin-left: 18px;\r\n            }\r\n\r\n            .ml {\r\n                margin-left: 90px;\r\n            }\r\n\r\n            .content {\r\n                padding-top: 100px;\r\n            }\r\n\r\n            .block {\r\n                height: 360px;\r\n                width: 360px;\r\n                background: #fbfbfb;\r\n                border-radius: 4px;\r\n                display: inline-block;\r\n                overflow: hidden;\r\n                padding: 0 35px;\r\n                padding-top: 65px;\r\n                text-align: center;\r\n                box-sizing: border-box;\r\n            }\r\n\r\n            .box-center {\r\n                width: 100%;\r\n                text-align: center;\r\n            }\r\n\r\n            .block p {\r\n                text-align: left;\r\n                font-size: 14px;\r\n                line-height: 24px;\r\n                height: 52px;\r\n                margin-top: 15px;\r\n            }\r\n\r\n            .lp {\r\n                padding: 0 25px;\r\n            }\r\n\r\n            .qrcode {\r\n                position: absolute;\r\n                bottom: 50px;\r\n                right: 40px;\r\n            }\r\n\r\n            .qrcode-img {\r\n                border: 1px solid #dddddd;\r\n            }\r\n\r\n            .qrcode-desc {\r\n                font-size: 14px;\r\n                color: rgba(0, 0, 0, 0.85);\r\n                text-align: center;\r\n                line-height: 16px;\r\n            }\r\n\r\n            .mask {\r\n                display: none;\r\n            }\r\n\r\n            .mask:before {\r\n                content: \"\";\r\n                display: block;\r\n                background: rgba(0, 0, 0, 0.6);\r\n                position: fixed;\r\n                top: 0;\r\n                left: 0;\r\n                right: 0;\r\n                bottom: 0;\r\n                z-index: 1001;\r\n            }\r\n\r\n            .mask .dialog {\r\n                width: 750px;\r\n                height: 460px;\r\n                display: hidden;\r\n                border-radius: 2px;\r\n                position: fixed;\r\n                margin-left: -120px;\r\n                z-index: 1001;\r\n                top: 25%;\r\n                line-height: 1.5;\r\n                right: 0;\r\n                bottom: 0;\r\n                left: 39%;\r\n                background: #fff;\r\n                transition: opacity 400ms ease-in;\r\n            }\r\n\r\n            .dialog-header {\r\n                font-size: 16px;\r\n                color: rgba(0, 0, 0, 0.85);\r\n                padding: 16px 24px;\r\n                border-bottom: 1px solid rgba(0, 0, 0, 0.09);\r\n            }\r\n\r\n            .dialog-close {\r\n                position: absolute;\r\n                right: 24px;\r\n                cursor: pointer;\r\n                color: #aaaaaa;\r\n                font-size: 20px;\r\n            }\r\n\r\n            .dialog-body {\r\n                padding: 24px;\r\n                font-size: 14px;\r\n            }\r\n\r\n            .qa-header {\r\n                font-weight: 600;\r\n                margin: 8px 0px;\r\n            }\r\n            .qa-content {\r\n                color: #777;\r\n                margin-left: 36px;\r\n                margin-bottom: 4px;\r\n          \r\n            }\r\n\r\n            .header-tip {\r\n                font-size: 16px;\r\n            }\r\n            .header-title {\r\n                font-size: 28px;\r\n                font-weight: 500;\r\n                margin-top: 4px;\r\n                margin-bottom: 14px;\r\n            }\r\n            .header-subtitle {\r\n                font-size: 12px;\r\n                color: #f0f0f0;\r\n            }\r\n\r\n            #qa {\r\n                text-decoration: underline;\r\n                cursor: pointer;\r\n                display: inline-block;\r\n                margin: 0 4px;\r\n            }\r\n\r\n            .btn {\r\n                font-size: 16px;\r\n                height: 48px;\r\n                display: inline-block;\r\n                width: 170px;\r\n                line-height: 48px;\r\n                color: rgba(0, 0, 0, 0.65);\r\n                border: 2px solid rgba(0, 0, 0, 0.15);\r\n                border-top-left-radius: 6px;\r\n                border-bottom-right-radius: 6px;\r\n                margin-top: 48px;\r\n                cursor: pointer;\r\n            }\r\n\r\n            ul li{\r\n                text-align: justify;\r\n                /* margin-left: 5px; */\r\n                /* list-style-position: outside; */\r\n            }\r\n        </style>\r\n    </head>\r\n    <body>\r\n        <div class=\"header\">\r\n            <div class=\"header-content\">\r\n                <img\r\n                    style=\"vertical-align: top\"\r\n                    src=\"https://p5.ssl.qhimg.com/t015199c683bd0fb666.png\"\r\n                />\r\n                <div class=\"header-right\">\r\n                    <div class=\"header-tip\">360\u5b89\u5168DNS\u63d0\u793a\u60a8\uff1a</div>\r\n                    <div class=\"header-title\">\r\n                        \u60a8\u8bbf\u95ee\u7684\u57df\u540d\u5b58\u5728\u5b89\u5168\u98ce\u9669\uff0c\u88ab\u91cd\u5b9a\u5411\u5230\u672c\u9875\u9762!\r\n                    </div>\r\n                    <div class=\"header-subtitle\">\r\n                        \u5982\u679c\u5bf9\u672c\u6b21\u62e6\u622a\u6709\u7591\u95ee\uff0c\u8bf7\u67e5\u770b<span id=\"qa\"\r\n                            >\u5e38\u89c1\u95ee\u9898</span\r\n                        >\r\n                    </div>\r\n                </div>\r\n            </div>\r\n        </div>\r\n\r\n        <div class=\"content\">\r\n            <div class=\"box-center\">\r\n                <div class=\"block\">\r\n                    <img\r\n                        src=\"https://p4.ssl.qhimg.com/t0111fde547f20f782e.png\"\r\n                        alt=\"\"\r\n                    />\r\n                    <p class=\"lp\">\r\n                        \u514d\u8d39\u4f7f\u7528360DoH/DoT\u5b89\u5168DNS\u89e3\u6790\u9632\u52ab\u6301\u3001\u9632\u6076\u610f\u5e7f\u544a\u3001\u9632\u9690\u79c1\u6cc4\u9732\r\n                    </p>\r\n                    <div class=\"btn\" id=\"detail\">\u4e86\u89e3\u8be6\u60c5</div>\r\n                </div>\r\n\r\n                <div class=\"block ml\">\r\n                    <img\r\n                        src=\"https://p4.ssl.qhimg.com/t016f6d84b17ab99968.png\"\r\n                        alt=\"\"\r\n                    />\r\n                    <p>\r\n                        360DNS\u5b89\u5168\u76d1\u6d4b\u7cfb\u7edf\uff08SaaS\u7248\uff09\u4e3a\u60a8\u7684\u4f01\u4e1a\u63d0\u4f9b\u5b89\u5168\u89e3\u6790\u3001\u7f51\u7edc\u5a01\u80c1\u68c0\u6d4b\u548c\u963b\u65ad\u3001\u4e0a\u7f51\u884c\u4e3a\u7ba1\u7406\u7b49\u529f\u80fd\uff0c5\u5206\u949f\u5b8c\u6210\u8bbe\u7f6e\r\n                    </p>\r\n                    <div class=\"btn\" id=\"free\">30\u5929\u514d\u8d39\u8bd5\u7528</div>\r\n                </div>\r\n            </div>\r\n\r\n            <div class=\"qrcode\">\r\n                <div class=\"qrcode-img\">\r\n                    <img\r\n                        src=\"https://p0.ssl.qhimg.com/t01dfbb9ccc309e4ce2.png\"\r\n                        alt=\"\"\r\n                    />\r\n                </div>\r\n                <div class=\"qrcode-desc\">\u5173\u6ce8\u516c\u4f17\u53f7</div>\r\n            </div>\r\n        </div>\r\n\r\n        <div class=\"mask\">\r\n            <div class=\"dialog\">\r\n                <div class=\"dialog-header\">\r\n                    \u5e38\u89c1\u95ee\u9898\r\n                    <span class=\"dialog-close\">x</span>\r\n                </div>\r\n                <div class=\"dialog-body\">\r\n                    <div class=\"qa-section\">\r\n                        <div class=\"qa-header\">1\u3001\u8fd9\u4e2a\u9875\u9762\u662f\u5e72\u4ec0\u4e48\u7684\uff1f</div>\r\n                        <ul>\r\n                        <li class=\"qa-content\">\r\n                            \u8fd9\u4e2a\u9875\u9762\u662f360\u5b89\u5168DNS\u7528\u6765\u91cd\u5b9a\u5411\u4e0d\u5b89\u5168\u57df\u540d\u7684\u9875\u9762\uff0c\u60a8\u8bbf\u95ee\u5230\u8fd9\u4e2a\u9875\u9762\u8bf4\u660e\u60a8\u8bbf\u95ee\u7684\u57df\u540d(<span\r\n                                id=\"domain\"\r\n                            ></span\r\n                            >)\u53ef\u80fd\u5b58\u5728\u4e0d\u5b89\u5168\u884c\u4e3a\u3002\r\n                        </li>\r\n                        <li class=\"qa-content\">\r\n                            \u4e0d\u5b89\u5168\u884c\u4e3a\u7684\u57df\u540d\u7c7b\u578b\u5305\u62ec\u4f46\u4e0d\u9650\u4e8e\u50f5\u5c38\u7f51\u7edc\u7684\u4e3b\u63a7\u670d\u52a1\u5668\u57df\u540d\uff0c\u6076\u610f\u7a0b\u5e8f\u7684\u6316\u77ff\u57df\u540d\uff0c\u9493\u9c7c\u57df\u540d\u4ee5\u53ca\u5176\u4ed6\u5305\u542b\u4e0d\u5b89\u5168\u884c\u4e3a\u7684\u9ed1\u7070\u57df\u540d\u7b49\u3002\r\n                        </li>\r\n                    </ul>\r\n                    </div>\r\n\r\n                    <div class=\"qa-section\">\r\n                        <div class=\"qa-header\">2\u3001\u6211\u662f\u600e\u4e48\u5230\u8fd9\u4e2a\u9875\u9762\u7684\uff1f</div>\r\n                        <ul>\r\n                        <li class=\"qa-content\">\r\n                            \u60a8\u4f7f\u7528\u4e86360\u516c\u53f8\u7684\u5b89\u5168DNS\u670d\u52a1\u4e4b\u540e\uff0c\u5b89\u5168DNS\u4f1a\u81ea\u52a8\u5bf9\u60a8\u8bf7\u6c42\u7684\u57df\u540d\u662f\u5426\u5b89\u5168\u8fdb\u884c\u5224\u5b9a\uff0c\u5982\u679c\u57df\u540d\u88ab\u5224\u5b9a\u4e3a\u4ee5\u4e0a\u63cf\u8ff0\u7684\u4e0d\u5b89\u5168\u57df\u540d\u5c31\u4f1a\u8df3\u8f6c\u5230\u8fd9\u4e2a\u9875\u9762\u3002\r\n                        </li>\r\n                    </ul>\r\n                    </div>\r\n\r\n                    <div class=\"qa-section\">\r\n                        <div class=\"qa-header\">\r\n                            3\u3001\u4f60\u4eec\u9519\u8bef\u62e6\u622a\u4e86\u5408\u6cd5\u57df\u540d\uff0c\u600e\u4e48\u89e3\u5c01\uff1f\r\n                        </div>\r\n                        <ul>\r\n                        <li class=\"qa-content\">\r\n                            360\u5b89\u5168DNS\u4ec5\u62e6\u622a\u5bf9\u7528\u6237\u6709<strong style=\"color: #000\"\r\n                                >\u4e0d\u5b89\u5168\u884c\u4e3a</strong\r\n                            >\u7684\u57df\u540d\uff0c\u5728\u4fdd\u8bc1\u7528\u6237\u7684\u4e0a\u7f51\u4f53\u9a8c\u7684\u540c\u65f6\uff0c\u63d0\u9ad8\u7528\u6237\u4e0a\u7f51\u7684\u5b89\u5168\u6027\u3002\r\n                        </li>\r\n\r\n                        <li class=\"qa-content\">\r\n                            \u963b\u65ad\u7684\u57df\u540d\u5217\u8868\u662f360\u5b89\u5168DNS\u5229\u7528\u591a\u79cd\u6280\u672f\u624b\u6bb5\u81ea\u52a8\u751f\u6210\u7684\uff0c<b\r\n                                style=\"color: #000\"\r\n                                >\u5e76\u4e0d\u4f1a\u57fa\u4e8e\u7f51\u7ad9\u5177\u4f53\u5185\u5bb9\u51b3\u5b9a\u662f\u5426\u62e6\u622a</b\r\n                            >\u3002\r\n                        </li>\r\n                        <li class=\"qa-content\">\r\n                            \u5982\u679c\u60a8\u662f\u57df\u540d\u7684\u6240\u6709\u8005\u5e76\u786e\u5b9a\u81ea\u5df1\u7684\u57df\u540d\u6ca1\u6709\u4e0d\u5b89\u5168\u884c\u4e3a\uff0c\u8bf7\u53d1\u9001\u90ae\u4ef6\u5230\r\n                            <strong\r\n                                ><span style=\"font-size: 15px; color: #000\"\r\n                                    >sinkhole#360.cn\uff08\u53d1\u9001\u65f6\u8bf7\u624b\u52a8\u5c06#\u6539\u4e3a@\uff09</span\r\n                                ></strong\r\n                            >\uff0c\u8bf7\u5728\u90ae\u4ef6\u4e2d\u7b80\u8981\u8bf4\u660e\u57df\u540d\u7684\u529f\u80fd\u548c\u7528\u9014\uff0c\u5e76\u6ce8\u610f\u786e\u4fdd\u90ae\u4ef6\u4e2d\u6807\u660e\u4f60\u8981\u89e3\u5c01\u7684\u57df\u540d\u3002\r\n                        </li>\r\n                    </ul>\r\n                    </div>\r\n                </div>\r\n            </div>\r\n        </div>\r\n        <script>\r\n            var qa = document.getElementById(\"qa\");\r\n            var domain = document.getElementById(\"domain\");\r\n            domain.innerHTML = window.location.hostname;\r\n            domain.style.fontWeight = 600;\r\n            domain.style.color = \"#000\";\r\n            var dialog = document.getElementsByClassName(\"mask\")[0];\r\n            var close = document.getElementsByClassName(\"dialog-close\")[0];\r\n            close.addEventListener(\"click\", function () {\r\n                dialog.style.display = \"none\";\r\n            });\r\n            qa.addEventListener(\"click\", function () {\r\n                dialog.style.display = \"block\";\r\n            });\r\n            document.body.addEventListener(\"click\", function (e) {\r\n                if (\"mask\" === e.target.className) {\r\n                    dialog.style.display = \"none\";\r\n                }\r\n            });\r\n\r\n            var detail = document.getElementById(\"detail\");\r\n            var free = document.getElementById(\"free\");\r\n\r\n            detail.addEventListener(\"click\", function (e) {\r\n                window.monitor && window.monitor.log({ c: \"\u4e86\u89e3\u8be6\u60c5\" });\r\n                window.open(\"https://dns.360.cn/dnsPublic.html#dnsLink\");\r\n            });\r\n\r\n            free.addEventListener(\"click\", function (e) {\r\n                window.monitor && window.monitor.log({ c: \"30\u5929\u514d\u8d39\u8bd5\u7528\" });\r\n                window.open(\"https://dns.360.cn/dnsGuard.html\");\r\n            });\r\n        </script>\r\n        <script src=\"https://s2.ssl.qhres.com/static/722013efa282e2fb.js\"></script>\r\n        <script>\r\n            window.monitor && window.monitor.setProject(\"QH_7770_1216\");\r\n            window.monitor && window.monitor.getTrack();\r\n        </script>\r\n    </body>\r\n</html>\r\n\r\n\r\n0\r\n\r\n",
   "datamd5" : "7fb6a21a77429a921be6122c96aa2846",
   "datammh3" : -1085937592,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS45102",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "alibaba-inc.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "organization" : "Alibaba Cloud LLC",
      "subnet" : "47.89.32.0/20"
   },
   "ip" : "47.89.44.247",
   "ipv6" : "false",
   "latitude" : "22.2578",
   "location" : "22.2578,114.1657",
   "longitude" : "114.1657",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Alibaba US Technology Co., Ltd.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5094,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.9.9",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "47.89.0.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

103.56.18.234

Network

103.56.16.0/22

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://103.56.18.234:5094/ 403

HTTP Title

403 Forbidden

ASN

AS132883

Organization

TOPWAY GLOBAL LIMITED

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Product

F5 Nginx 1.17.6

CPE(s)

<enterprise field>: cpe

Data MD5

e897f5bf443daba9ce2f439cdcd6390b

HTTP Header MD5

c5c0d19133974b1e9ceeabaa930425ce

HTTP Body MD5

7d90959ed335c7324fff77e3c449300f

HTTP/1.1 403 Forbidden
Server: nginx/1.17.6
Date: Thu, 07 Nov 2024 03:27:32 GMT
Content-Type: text/html
Content-Length: 153
Connection: close

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.17.6</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:32.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "7d90959ed335c7324fff77e3c449300f",
         "bodymmh3" : 901748736,
         "headermd5" : "c5c0d19133974b1e9ceeabaa930425ce",
         "headermmh3" : 1087028153,
         "title" : "403 Forbidden"
      },
      "length" : 303
   },
   "asn" : "AS132883",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 03:27:32 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: close\r\n\r\n<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>nginx/1.17.6</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "e897f5bf443daba9ce2f439cdcd6390b",
   "datammh3" : 1922717415,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS132883",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnaaa.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "cnaaa",
      "organization" : "Jiangsu Sanai network science and technology co ,LTD",
      "subnet" : "103.56.16.0/22"
   },
   "ip" : "103.56.18.234",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TOPWAY GLOBAL LIMITED",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 5094,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.17.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 403,
   "subnet" : "103.56.16.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

37.106.183.6

Network

37.104.0.0/14

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://37.106.183.6:5094/ 302

HTTP Title

Object moved

ASN

AS25019

Organization

Saudi Telecom Company JSC

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Product

Microsoft IIS 10.0

HTTP Component(s)

Microsoft ASP.NET 4.0.30319

CPE(s)

<enterprise field>: cpe

Data MD5

ecb5af0c997b98c55c63922fd12f5284

HTTP Header MD5

910d12dfec7e344c60081ee857977d5d

HTTP Body MD5

46342920f2ef5d8001c9d081512e7a76

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Login.aspx
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 03:20:50 GMT
Connection: close
Content-Length: 128

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/Login.aspx">here</a>.</h2>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:50.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "46342920f2ef5d8001c9d081512e7a76",
         "bodymmh3" : 1926467488,
         "component" : [
            {
               "productversion" : "4.0.30319",
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "headermd5" : "910d12dfec7e344c60081ee857977d5d",
         "headermmh3" : 22207872,
         "title" : "Object moved"
      },
      "length" : 394
   },
   "asn" : "AS25019",
   "city" : "Riyadh",
   "country" : "SA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nLocation: /Login.aspx\r\nServer: Microsoft-IIS/10.0\r\nX-AspNet-Version: 4.0.30319\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 03:20:50 GMT\r\nConnection: close\r\nContent-Length: 128\r\n\r\n<html><head><title>Object moved</title></head><body>\r\n<h2>Object moved to <a href=\"/Login.aspx\">here</a>.</h2>\r\n</body></html>\r\n",
   "datamd5" : "ecb5af0c997b98c55c63922fd12f5284",
   "datammh3" : 870520339,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS25019",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "SA",
      "countryname" : "Saudi Arabia",
      "domain" : [
         "stc.com.sa"
      ],
      "isineu" : "false",
      "latitude" : "23.885942",
      "location" : "23.885942,45.079162",
      "longitude" : "45.079162",
      "netname" : "SAUDINET_DSL_POOL",
      "organization" : "DSL HOME Subscribers_Dynamic IPs",
      "subnet" : "37.106.0.0/16"
   },
   "ip" : "37.106.183.6",
   "ipv6" : "false",
   "latitude" : "24.6869",
   "location" : "24.6869,46.7224",
   "longitude" : "46.7224",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Saudi Telecom Company JSC",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 5094,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "37.104.0.0/14",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

153.202.120.180

Network

153.192.0.0/11

Domain(s)

ocn.ne.jp

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

http://153.202.120.180:5094/ 200

HTTP Title

Redirecting...

Reverse DNS

p1102180-ipxg00c01gifu.gifu.ocn.ne.jp

ASN

AS4713

Organization

NTT Communications Corporation

Protocol

http

Source

datascan

Operating System

Linux Linux Kernel

Product

Apache HTTP Server 2.2.14

HTTP Component(s)

OpenSSL OpenSSL 1.0.0o Perl Perl 5.10.0 Apache mod_perl 2.0.4 modssl mod_ssl 2.2.14

CPE(s)

<enterprise field>: cpe

Data MD5

377c8a2afdffc38e6c22cd967717ac39

HTTP Header MD5

84114abeee35b6ee8b91392163218412

HTTP Body MD5

a15bbb10e0fb768abada7f03ec9a92d4

HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 03:20:28 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/1.0.0o mod_perl/2.0.4 Perl/v5.10.0
Last-Modified: Tue, 25 Aug 2015 02:38:26 GMT
ETag: "1619f-209-51e19a0e60c80"
Accept-Ranges: bytes
Content-Length: 521
Connection: close
Content-Type: text/html

<html>
<head>
  <title>Redirecting...</title>
  <meta name="viewport" content="width=device-width,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no" />

  <script type="text/javascript" src="./st/js/sencha-touch-1.1.0/sencha-touch.js"></script>
  <script type="text/javascript">
	if ( Ext.is.iOS || Ext.is.Android ) {
	  location = "/st/" + location.hash;
	} else {
	  location = "/ui/" + location.hash;
	}
  </script>

</head>
<body>
  <noscript>
    <img src="enable-javascript.png" />
  </noscript>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:26.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "a15bbb10e0fb768abada7f03ec9a92d4",
         "bodymmh3" : 1120287291,
         "component" : [
            {
               "product" : "OpenSSL",
               "productvendor" : "OpenSSL",
               "productversion" : "1.0.0o"
            },
            {
               "productversion" : "2.0.4",
               "productvendor" : "Apache",
               "product" : "mod_perl"
            },
            {
               "product" : "Perl",
               "productversion" : "5.10.0",
               "productvendor" : "Perl"
            },
            {
               "productversion" : "2.2.14",
               "productvendor" : "modssl",
               "product" : "mod_ssl"
            }
         ],
         "header" : [
            {
               "value" : "Tue, 25 Aug 2015 02:38:26 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "1619f-209-51e19a0e60c80"
            }
         ],
         "headermd5" : "84114abeee35b6ee8b91392163218412",
         "headermmh3" : 403606580,
         "title" : "Redirecting..."
      },
      "length" : 831
   },
   "asn" : "AS4713",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 03:20:28 GMT\r\nServer: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/1.0.0o mod_perl/2.0.4 Perl/v5.10.0\r\nLast-Modified: Tue, 25 Aug 2015 02:38:26 GMT\r\nETag: \"1619f-209-51e19a0e60c80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 521\r\nConnection: close\r\nContent-Type: text/html\r\n\r\n<html>\n<head>\n  <title>Redirecting...</title>\n  <meta name=\"viewport\" content=\"width=device-width,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\" />\n\n  <script type=\"text/javascript\" src=\"./st/js/sencha-touch-1.1.0/sencha-touch.js\"></script>\n  <script type=\"text/javascript\">\n\tif ( Ext.is.iOS || Ext.is.Android ) {\n\t  location = \"/st/\" + location.hash;\n\t} else {\n\t  location = \"/ui/\" + location.hash;\n\t}\n  </script>\n\n</head>\n<body>\n  <noscript>\n    <img src=\"enable-javascript.png\" />\n  </noscript>\n</body>\n</html>\n",
   "datamd5" : "377c8a2afdffc38e6c22cd967717ac39",
   "datammh3" : -1375581561,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ocn.ne.jp"
   ],
   "geolocus" : {
      "asn" : "AS4713",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "nic.ad.jp",
         "ocn.ad.jp",
         "ocn.ne.jp"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "OCN",
      "organization" : "NTT Communications Corporation",
      "subnet" : "153.192.0.0/11"
   },
   "host" : [
      "p1102180-ipxg00c01gifu"
   ],
   "hostname" : [
      "p1102180-ipxg00c01gifu.gifu.ocn.ne.jp"
   ],
   "ip" : "153.202.120.180",
   "ipv6" : "false",
   "latitude" : "35.6897",
   "location" : "35.6897,139.6895",
   "longitude" : "139.6895",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "NTT Communications Corporation",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5094,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.2.14",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "p1102180-ipxg00c01gifu.gifu.ocn.ne.jp"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "gifu.ocn.ne.jp"
   ],
   "subnet" : "153.192.0.0/11",
   "tld" : [
      "ne.jp"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

95.164.51.212

Network

95.164.51.0/24

Domain(s)

bayou215.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Ubuntu

URL

http://95.164.51.212:5094/ 502

HTTP Title

502 Bad Gateway

Reverse DNS

bayou215.com

ASN

AS44477

Organization

Stark Industries Solutions Ltd

Protocol

http

Source

datascan

Operating System

Linux Linux Ubuntu

Product

F5 Nginx 1.18.0

CPE(s)

<enterprise field>: cpe

Data MD5

09a69aa8c3c012bec59cca5af305aa49

HTTP Header MD5

2348feee45c6133d3751a35c901f09c7

HTTP Body MD5

b7ddeeb1e6db68be021e39a97e4400cc

HTTP/1.1 502 Bad Gateway
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 07 Nov 2024 03:20:05 GMT
Content-Type: text/html
Content-Length: 166
Connection: close

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b7ddeeb1e6db68be021e39a97e4400cc",
         "bodymmh3" : -1832420888,
         "headermd5" : "2348feee45c6133d3751a35c901f09c7",
         "headermmh3" : 284403638,
         "title" : "502 Bad Gateway"
      },
      "length" : 327
   },
   "asn" : "AS44477",
   "city" : "Stockholm",
   "country" : "SE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 502 Bad Gateway\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Thu, 07 Nov 2024 03:20:05 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: close\r\n\r\n<html>\r\n<head><title>502 Bad Gateway</title></head>\r\n<body>\r\n<center><h1>502 Bad Gateway</h1></center>\r\n<hr><center>nginx/1.18.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "09a69aa8c3c012bec59cca5af305aa49",
   "datammh3" : 1763801897,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "bayou215.com"
   ],
   "geolocus" : {
      "asn" : "AS44477",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "SE",
      "countryname" : "Sweden",
      "domain" : [
         "ispsystem.net",
         "stark-industries.solutions"
      ],
      "isineu" : "true",
      "latitude" : "60.128161",
      "location" : "60.128161,18.643501",
      "longitude" : "18.643501",
      "netname" : "STARK-INDUSTRIES",
      "organization" : "STARK INDUSTRIES SOLUTIONS LTD.",
      "subnet" : "95.164.51.0/24"
   },
   "hostname" : [
      "bayou215.com"
   ],
   "ip" : "95.164.51.212",
   "ipv6" : "false",
   "latitude" : "59.3241",
   "location" : "59.3241,18.0517",
   "longitude" : "18.0517",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Stark Industries Solutions Ltd",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 5094,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.18.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Gateway",
   "reverse" : [
      "bayou215.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 502,
   "subnet" : "95.164.51.0/24",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

83.24.121.212

Network

83.16.0.0/12

Domain(s)

orange.pl

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

Reverse DNS

83.24.121.212.ipv4.supernova.orange.pl

ASN

AS5617

Organization

Orange Polska Spolka Akcyjna

Protocol

unknown

Source

datascan

Operating System

Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

Data MD5

c82240222f732d69b0cc4f7d3de6703a

\x00\x00\x01\xe4\x00\x00\x01\xe0X\\x0fK\xfa\xdf\xd5\xc4\x9a\xe5)\xb9\xc7\x84\xf7G\x82#\xf4 \xbe\xdf\xd0\xa2/\x81(.\x95]\xca\xde6\xd1Nh\xe0\xea\x80a\x0c\x87M\xd4\xa8\xcaY\xb5\xed4\x99\xdc\x86\xd8\x0f\xffU\xcb\xa6y\xa3\x81F\x139\xdb\xc4\x1b\xa0S\x01\x9c3#OQ\xae\xd0f\xfd|\xf6\x19\x15N\xdck\xf0\x18d\x83\xa1J\x131\x9b\x97\x98\xba\x05\xed\xb8\x87
]\xa8\xde\x81<\xbe\xd0\xe5\xdd\x0bv\x9e\x00\x94\xaa\x06 \xbf>\xf3R\xd5Y\xe9\xe0\xbc\xfe \x0c\x0e\xb3%	\x17\x0d\xa0t0-\x00\x94(\xa0T\xe7	\xfcG\x8d0\xc3\x93'\x8b\xd2\xdb\x99+\xa8?\xb7\x15\xbc\xb7\xa6\x8d\xcb\xf2\x1cN\xdf\xac\xed*\x9c\x86,\xd0\x8bI\xeem\xa9H\x0dz\x98\xe1=W"\xea\xfe\x15*\xe6\x19\xfe\xe2\xfd\x17]b\xdf`\xe6{g\x9d\xd2%\x7f\xc0t_\x0c\xe3\x81\x1cOB\x82\xc3CV\x17\x90\x13}o\xe7",\x80rM\xc4\xfe<\x8aIT\xeaZ\xa3\x11Zu\xc8w\x99\xcb\x83pAt\x8c\xad\xb2\xe9\xafg\xe8\xcajwB\xfe\x17r};u\x90\x16\xc2\x11/\xa0\xcb\x0c\xe1\xddZt\xd0\xb3B!\x87\x90\xc8\x89\x93\xd7\xebw\xff$a\xfb9\xae>\xd1Q\x8e\xcaV"\x1a\xce\x96\x14\x1dy_\x8a\x90a\xef\xdc\xc8S\xf7\x16<\xa5R\x00\xb7\x01L\x84\xe1\xe3\x8csA\x08\x97\x98\xee\xe0~\xe1\xc1\x0e\x1c@\x10\xc0i\x04\x02~\xf5\x8b^\xad\x97e\x14\xd3\xec\xd5\xdf\x9cY[\x9e$\x13\xd1\xba/\xceK\xa7@n\xd1^\xa9w\x93\xe0-\x1c\xf5&{%\xf2|+E/\x82p\x1b\x90Y\x95hCxY\x81V4\xfc\xa7?H\xdaX>\xc1\x91rO4\xff\x151\xa3\xf12\x10\x11\xee\x8c\xbf
\xcdB<\xe9d\x19\xd0t\x8e\xcd\x80\xc9\xa2\x97@/8\x97S\xda\xca\xf9\xb8f\x13\x81\xc5WP\xdd6_\xfd\x16\x84\x0d<\x92\x85\x88\x8b

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:05.000Z",
   "app" : {
      "length" : 488
   },
   "asn" : "AS5617",
   "city" : "Warsaw",
   "country" : "PL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "\\x00\\x00\\x01\\xe4\\x00\\x00\\x01\\xe0X\\\\x0fK\\xfa\\xdf\\xd5\\xc4\\x9a\\xe5)\\xb9\\xc7\\x84\\xf7G\\x82#\\xf4 \\xbe\\xdf\\xd0\\xa2/\\x81(.\\x95]\\xca\\xde6\\xd1Nh\\xe0\\xea\\x80a\\x0c\\x87M\\xd4\\xa8\\xcaY\\xb5\\xed4\\x99\\xdc\\x86\\xd8\\x0f\\xffU\\xcb\\xa6y\\xa3\\x81F\\x139\\xdb\\xc4\\x1b\\xa0S\\x01\\x9c3#OQ\\xae\\xd0f\\xfd|\\xf6\\x19\\x15N\\xdck\\xf0\\x18d\\x83\\xa1J\\x131\\x9b\\x97\\x98\\xba\\x05\\xed\\xb8\\x87\n]\\xa8\\xde\\x81<\\xbe\\xd0\\xe5\\xdd\\x0bv\\x9e\\x00\\x94\\xaa\\x06 \\xbf>\\xf3R\\xd5Y\\xe9\\xe0\\xbc\\xfe \\x0c\\x0e\\xb3%\t\\x17\\x0d\\xa0t0-\\x00\\x94(\\xa0T\\xe7\t\\xfcG\\x8d0\\xc3\\x93'\\x8b\\xd2\\xdb\\x99+\\xa8?\\xb7\\x15\\xbc\\xb7\\xa6\\x8d\\xcb\\xf2\\x1cN\\xdf\\xac\\xed*\\x9c\\x86,\\xd0\\x8bI\\xeem\\xa9H\\x0dz\\x98\\xe1=W\"\\xea\\xfe\\x15*\\xe6\\x19\\xfe\\xe2\\xfd\\x17]b\\xdf`\\xe6{g\\x9d\\xd2%\\x7f\\xc0t_\\x0c\\xe3\\x81\\x1cOB\\x82\\xc3CV\\x17\\x90\\x13}o\\xe7\",\\x80rM\\xc4\\xfe<\\x8aIT\\xeaZ\\xa3\\x11Zu\\xc8w\\x99\\xcb\\x83pAt\\x8c\\xad\\xb2\\xe9\\xafg\\xe8\\xcajwB\\xfe\\x17r};u\\x90\\x16\\xc2\\x11/\\xa0\\xcb\\x0c\\xe1\\xddZt\\xd0\\xb3B!\\x87\\x90\\xc8\\x89\\x93\\xd7\\xebw\\xff$a\\xfb9\\xae>\\xd1Q\\x8e\\xcaV\"\\x1a\\xce\\x96\\x14\\x1dy_\\x8a\\x90a\\xef\\xdc\\xc8S\\xf7\\x16<\\xa5R\\x00\\xb7\\x01L\\x84\\xe1\\xe3\\x8csA\\x08\\x97\\x98\\xee\\xe0~\\xe1\\xc1\\x0e\\x1c@\\x10\\xc0i\\x04\\x02~\\xf5\\x8b^\\xad\\x97e\\x14\\xd3\\xec\\xd5\\xdf\\x9cY[\\x9e$\\x13\\xd1\\xba/\\xceK\\xa7@n\\xd1^\\xa9w\\x93\\xe0-\\x1c\\xf5&{%\\xf2|+E/\\x82p\\x1b\\x90Y\\x95hCxY\\x81V4\\xfc\\xa7?H\\xdaX>\\xc1\\x91rO4\\xff\\x151\\xa3\\xf12\\x10\\x11\\xee\\x8c\\xbf\n\\xcdB<\\xe9d\\x19\\xd0t\\x8e\\xcd\\x80\\xc9\\xa2\\x97@/8\\x97S\\xda\\xca\\xf9\\xb8f\\x13\\x81\\xc5WP\\xdd6_\\xfd\\x16\\x84\\x0d<\\x92\\x85\\x88\\x8b",
   "datamd5" : "c82240222f732d69b0cc4f7d3de6703a",
   "datammh3" : 1919836900,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "orange.pl"
   ],
   "geolocus" : {
      "asn" : "AS5617",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "PL",
      "countryname" : "Poland",
      "domain" : [
         "orange.com",
         "orange.pl",
         "tpnet.pl"
      ],
      "isineu" : "true",
      "latitude" : "51.919438",
      "location" : "51.919438,19.145136",
      "longitude" : "19.145136",
      "netname" : "Orange-Swiatlowod",
      "organization" : "TPNET",
      "subnet" : "83.24.0.0/16"
   },
   "host" : [
      83
   ],
   "hostname" : [
      "83.24.121.212.ipv4.supernova.orange.pl"
   ],
   "ip" : "83.24.121.212",
   "ipv6" : "false",
   "latitude" : "52.2229",
   "location" : "52.2229,20.9362",
   "longitude" : "20.9362",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Orange Polska Spolka Akcyjna",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 5094,
   "protocol" : "unknown",
   "reverse" : [
      "83.24.121.212.ipv4.supernova.orange.pl"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subdomains" : [
      "121.212.ipv4.supernova.orange.pl",
      "212.ipv4.supernova.orange.pl",
      "24.121.212.ipv4.supernova.orange.pl",
      "ipv4.supernova.orange.pl",
      "supernova.orange.pl"
   ],
   "subnet" : "83.16.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "pl"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

187.140.26.19

Network

187.140.0.0/17

Domain(s)

prod-infinitum.com.mx

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://187.140.26.19:5094/ 200

HTTP Title

Microsoft Internet Information Services 8

Reverse DNS

dsl-187-140-26-19-dyn.prod-infinitum.com.mx

ASN

AS8151

Organization

UNINET

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Product

Microsoft IIS 8.0

HTTP Component(s)

Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

Data MD5

8d0a63f5a3b8508cb5856d1aa0d2c8ab

HTTP Header MD5

88690ab7942475b8c2cbf863d37da729

HTTP Body MD5

1460be888b73306033cbca9474ef7709

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Wed, 01 Nov 2017 18:02:19 GMT
Accept-Ranges: bytes
ETag: "32547f8f3b53d31:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 03:20:02 GMT
Connection: close
Content-Length: 1398

<!DOCTYPE HTML>
<html>
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
		<title>Microsoft Internet Information Services 8</title>
		
		<style type="text/css">
			body {
				font-family: "Segoe UI", "Helvetica", "Arial", San-serif;
				font-size: 13px;
				margin: 0;
				background: #fcfefe url(bkg-gry.jpg) no-repeat center top fixed;
				-webkit-background-size: cover;
        		-moz-background-size: cover;
        		-o-background-size: cover;
        		background-size: cover;		
			}
		
			.page {
				width: 740px;
				margin: 0 auto;
			}
			
			img {
				border: none;
			}
			
			a {
				text-align: center;
				display: block;
				margin: 100px 0 0 0;
			}
			
			#branding {
				
			}
			
			.hero {
				margin-bottom: 100px;
				clear: both;
			}
			
			.brand {
				float: left;
			}
			
			.url {
				float: right;
				margin-top: 17px;
			}
		</style>
	</head>
	<body>
		<div class="page">
			<a href="http://go.microsoft.com/fwlink/?LinkID=209093" title="microsoft.com/web" >
				<img src="iis-8.png" alt="Microsoft Internet Information Services 8.0" class="hero" />
				<div id="branding">
					<img src="ws8-brand.png" alt="Microsoft Windows Server" class="brand" />
					<img src="msweb-brand.png" alt="Microsoft.com/Web" class="url"  />
				</div>
			</a>
		</div>
	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:05.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "microsoft.com"
         ],
         "hostname" : [
            "go.microsoft.com"
         ],
         "url" : [
            "http://go.microsoft.com/fwlink/?LinkID=209093"
         ]
      },
      "http" : {
         "bodymd5" : "1460be888b73306033cbca9474ef7709",
         "bodymmh3" : 918251753,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "header" : [
            {
               "value" : "Wed, 01 Nov 2017 18:02:19 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "32547f8f3b53d31:0"
            }
         ],
         "headermd5" : "88690ab7942475b8c2cbf863d37da729",
         "headermmh3" : 813346598,
         "title" : "Microsoft Internet Information Services 8"
      },
      "length" : 1665
   },
   "asn" : "AS8151",
   "city" : "Celaya",
   "country" : "MX",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nLast-Modified: Wed, 01 Nov 2017 18:02:19 GMT\r\nAccept-Ranges: bytes\r\nETag: \"32547f8f3b53d31:0\"\r\nServer: Microsoft-IIS/8.0\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 03:20:02 GMT\r\nConnection: close\r\nContent-Length: 1398\r\n\r\n<!DOCTYPE HTML>\r\n<html>\r\n\t<head>\r\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\r\n\t\t<title>Microsoft Internet Information Services 8</title>\r\n\t\t\r\n\t\t<style type=\"text/css\">\r\n\t\t\tbody {\r\n\t\t\t\tfont-family: \"Segoe UI\", \"Helvetica\", \"Arial\", San-serif;\r\n\t\t\t\tfont-size: 13px;\r\n\t\t\t\tmargin: 0;\r\n\t\t\t\tbackground: #fcfefe url(bkg-gry.jpg) no-repeat center top fixed;\r\n\t\t\t\t-webkit-background-size: cover;\r\n        \t\t-moz-background-size: cover;\r\n        \t\t-o-background-size: cover;\r\n        \t\tbackground-size: cover;\t\t\r\n\t\t\t}\r\n\t\t\r\n\t\t\t.page {\r\n\t\t\t\twidth: 740px;\r\n\t\t\t\tmargin: 0 auto;\r\n\t\t\t}\r\n\t\t\t\r\n\t\t\timg {\r\n\t\t\t\tborder: none;\r\n\t\t\t}\r\n\t\t\t\r\n\t\t\ta {\r\n\t\t\t\ttext-align: center;\r\n\t\t\t\tdisplay: block;\r\n\t\t\t\tmargin: 100px 0 0 0;\r\n\t\t\t}\r\n\t\t\t\r\n\t\t\t#branding {\r\n\t\t\t\t\r\n\t\t\t}\r\n\t\t\t\r\n\t\t\t.hero {\r\n\t\t\t\tmargin-bottom: 100px;\r\n\t\t\t\tclear: both;\r\n\t\t\t}\r\n\t\t\t\r\n\t\t\t.brand {\r\n\t\t\t\tfloat: left;\r\n\t\t\t}\r\n\t\t\t\r\n\t\t\t.url {\r\n\t\t\t\tfloat: right;\r\n\t\t\t\tmargin-top: 17px;\r\n\t\t\t}\r\n\t\t</style>\r\n\t</head>\r\n\t<body>\r\n\t\t<div class=\"page\">\r\n\t\t\t<a href=\"http://go.microsoft.com/fwlink/?LinkID=209093\" title=\"microsoft.com/web\" >\r\n\t\t\t\t<img src=\"iis-8.png\" alt=\"Microsoft Internet Information Services 8.0\" class=\"hero\" />\r\n\t\t\t\t<div id=\"branding\">\r\n\t\t\t\t\t<img src=\"ws8-brand.png\" alt=\"Microsoft Windows Server\" class=\"brand\" />\r\n\t\t\t\t\t<img src=\"msweb-brand.png\" alt=\"Microsoft.com/Web\" class=\"url\"  />\r\n\t\t\t\t</div>\r\n\t\t\t</a>\r\n\t\t</div>\r\n\t</body>\r\n</html>\r\n",
   "datamd5" : "8d0a63f5a3b8508cb5856d1aa0d2c8ab",
   "datammh3" : -112190600,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "prod-infinitum.com.mx"
   ],
   "geolocus" : {
      "asn" : "AS8151",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "MX",
      "countryname" : "Mexico",
      "domain" : [
         "prod-infinitum.com.mx",
         "reduno.com.mx",
         "uninet.com.mx",
         "uninet.net.mx"
      ],
      "isineu" : "false",
      "latitude" : "23.634501",
      "location" : "23.634501,-102.552784",
      "longitude" : "-102.552784",
      "netname" : "MX-USCV4-LACNIC",
      "organization" : "UNINET",
      "subnet" : "187.140.0.0/16"
   },
   "host" : [
      "dsl-187-140-26-19-dyn"
   ],
   "hostname" : [
      "dsl-187-140-26-19-dyn.prod-infinitum.com.mx"
   ],
   "ip" : "187.140.26.19",
   "ipv6" : "false",
   "latitude" : "20.5345",
   "location" : "20.5345,-100.8613",
   "longitude" : "-100.8613",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UNINET",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2012",
      8
   ],
   "port" : 5094,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "8.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "dsl-187-140-26-19-dyn.prod-infinitum.com.mx"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "187.140.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com.mx"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}