IP

103.14.111.201

Network

103.14.110.0/23

Domain(s)

ats-com.net

Device

<enterprise field>: device.class

Operating System

Linux Linux CentOS

URL

http://103.14.111.201:49592/ 400

HTTP Title

400 Bad Request

Reverse DNS

111.14.103.ats-com.net

ASN

AS56233

Organization

PT Asia Teknologi Solusi

Protocol

http

Source

datascan

Operating System

Linux Linux CentOS

Product

Apache HTTP Server 2.4.6

HTTP Component(s)

PHP PHP 7.4.28 OpenSSL OpenSSL 1.0.2k

CPE(s)

<enterprise field>: cpe

Data MD5

883aace9e09d02f45914aec9d4eef178

HTTP Header MD5

80b1bbc5e2197d73ec90b0797c617082

HTTP Body MD5

6efda5878ab25f4f28a89bbb3f9fa41c

HTTP/1.1 400 Bad Request
Date: Thu, 21 Nov 2024 10:24:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28
Content-Length: 362
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
 Instead use the HTTPS scheme to access this URL, please.<br />
</p>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:24:29.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "6efda5878ab25f4f28a89bbb3f9fa41c",
         "bodymmh3" : -645452522,
         "component" : [
            {
               "productvendor" : "OpenSSL",
               "product" : "OpenSSL",
               "productversion" : "1.0.2k"
            },
            {
               "product" : "PHP",
               "productvendor" : "PHP",
               "productversion" : "7.4.28"
            }
         ],
         "headermd5" : "80b1bbc5e2197d73ec90b0797c617082",
         "headermmh3" : -1701980272,
         "title" : "400 Bad Request"
      },
      "length" : 574
   },
   "asn" : "AS56233",
   "city" : "Jakarta",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 21 Nov 2024 10:24:03 GMT\r\nServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28\r\nContent-Length: 362\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\nReason: You're speaking plain HTTP to an SSL-enabled server port.<br />\n Instead use the HTTPS scheme to access this URL, please.<br />\n</p>\n</body></html>\n",
   "datamd5" : "883aace9e09d02f45914aec9d4eef178",
   "datammh3" : 1945983308,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ats-com.net"
   ],
   "geolocus" : {
      "asn" : "AS56233",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "ats-com.net"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "ATSINDO-ID",
      "organization" : "Route object of PT Asia Teknologi Solusi",
      "subnet" : "103.14.110.0/23"
   },
   "host" : [
      111
   ],
   "hostname" : [
      "111.14.103.ats-com.net"
   ],
   "ip" : "103.14.111.201",
   "ipv6" : "false",
   "latitude" : "-6.2114",
   "location" : "-6.2114,106.8446",
   "longitude" : "106.8446",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PT Asia Teknologi Solusi",
   "os" : "Linux",
   "osdistribution" : "CentOS",
   "osvendor" : "Linux",
   "port" : 49592,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "111.14.103.ats-com.net"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "103.ats-com.net",
      "14.103.ats-com.net"
   ],
   "subnet" : "103.14.110.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

211.83.0.0

Network

211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.0.0:49592/ 200

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Product

Apache HTTP Server

CPE(s)

<enterprise field>: cpe

Data MD5

ec93b11a2a26144234e126a7f4a914a6

HTTP Header MD5

97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5

fa96a1d40b4f09feb5a0fdc64b37796d

HTTP/1.1 200 ok
Server: Apache
Content-Length:  222
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:57:06.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.100.100.114",
            "211.83.41.225"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "fa96a1d40b4f09feb5a0fdc64b37796d",
         "bodymmh3" : -561155010,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : -1169498968
      },
      "length" : 312
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  222\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>\r\n\r\n",
   "datamd5" : "ec93b11a2a26144234e126a7f4a914a6",
   "datammh3" : -625877755,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.0.0",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 49592,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

211.83.1.117

Network

211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.1.117:49592/ 200

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Product

Apache HTTP Server

CPE(s)

<enterprise field>: cpe

Data MD5

c9e730325dea7f74ee38b43d5c922e08

HTTP Header MD5

97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5

fa96a1d40b4f09feb5a0fdc64b37796d

HTTP/1.1 200 ok
Server: Apache
Content-Length:  224
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:48:30.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "211.83.41.225",
            "10.100.100.114"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "fa96a1d40b4f09feb5a0fdc64b37796d",
         "bodymmh3" : -561155010,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : 1161402209
      },
      "length" : 312
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  224\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>\r\n\r\n",
   "datamd5" : "c9e730325dea7f74ee38b43d5c922e08",
   "datammh3" : -2119959983,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.1.117",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 49592,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

15.152.38.130

Network

15.152.0.0/16

Domain(s)

amazonaws.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Ubuntu

URL

http://15.152.38.130:49592/ 200

HTTP Title

VMware Horizon View

Reverse DNS

ec2-15-152-38-130.ap-northeast-3.compute.amazonaws.com

ASN

AS16509

Organization

AMAZON-02

Protocol

http

Source

datascan

Operating System

Linux Linux Ubuntu

Product

Apache HTTP Server 2.4.52

HTTP Component(s)

Oracle Java jQuery jQuery 1.7.2 OpenSSL OpenSSL 3.0.2

CPE(s)

<enterprise field>: cpe

Data MD5

b24f66b75bb1262c340807edc0d2a0d3

HTTP Header MD5

c2e55e212651836d368d5509d46ef0b7

HTTP Body MD5

4b9a9979d3ab82669a7c8998297d0d0f

HTTP/1.1 200 OK
Content-Language: en-US
Server: Apache/2.4.52 (Ubuntu) OpenSSL/3.0.2
Set-Cookie: JSESSIONID=EC94214E835864020A85678A3C03860E; Path=/; Secure; HttpOnly
Content-Type: text/html;charset=UTF-8
Strict-Transport-Security: max-age=31536000

<!DOCTYPE html>
<html lang="en">
<head>
   <meta charset="utf-8">
   <meta http-equiv="X-UA-Compatible" content="IE=edge">
   <title>VMware Horizon View</title>
   <link rel="stylesheet" href="/portal/css/style.css">
   <link rel="icon" href="/portal/favicon.ico">
   <script type="text/javascript" src="/portal/common/js/jquery-1.7.2.min.js"></script>
</head>
<body>
   <div class="ui-header">
      <img class="ui-align-middle ui-view-icon" src="/portal/resources/icons/view_48x.png" alt="VMware Horizon View">
      <img class="ui-align-middle ui-view-logo" src="/portal/resources/icons/view_logo.png" alt="VMware Horizon View">
   </div>
   <div class="ui-body">
      <div class="ui-content">
         <div class="ui-indent">
            <p>You can connect to your desktop by using the VMware Horizon View Client or through the browser.</p>
            <p>The VMware Horizon View Client offers better performance and features.</p>
         </div>
         <div class="ui-align-center">
            <ul class="ui-list">
               <li>
               <a id="nativeClient" href='https://www.vmware.com/go/viewclients' title="VMware Horizon View Client" class="ui-list-item ui-corner-all">
                     <span class="ui-corner-all">
                        <div class="ui-align-center ui-native-client"></div>
                        <h2 class="ui-list-title">Install VMware Horizon</h2>
                        <h2 class="ui-list-title">View Client</h2>
                     </span>
                  </a>
               </li>
               <li>
               <a id="webClient" href="/portal/webclient/views/index.html" title="VMware Horizon View HTML Access" class="ui-list-item ui-corner-all">
                     <span class="ui-corner-all">
                        <div class="ui-align-center ui-web-client"></div>
                        <h2 class="ui-list-title">VMware Horizon View</h2>
                        <h2 class="ui-list-title">HTML Access</h2>
                     </span>
                  </a>
               </li>
            </ul>
         </div>
         <div class="ui-indent">
            <p>To see the full list of VMware Horizon View Clients, click <a id="downloadLink" href='https://www.vmware.com/go/viewclients' title="Download VMware Horizon View Client">here</a>.</p>
            <p>For help with VMware Horizon View, click <a href="https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html" title="Help">here</a>.</p>
         </div>
      </div>
   </div>

   <script type="text/javascript">
      (function($, undefined) {
         $(function() {
            var os = navigator.platform,
                ua = navigator.userAgent,
                reg = null,
                clients = 'winhttps://www.vmware.com/go/viewclients#win;machttps://www.vmware.com/go/viewclients#mac;androidhttps://www.vmware.com/go/viewclients#android;linuxhttps://www.vmware.com/go/viewclients#linux;ioshttps://www.vmware.com/go/viewclients#ios;downloadhttps://www.vmware.com/go/viewclients;',
                link = '',
                list, i;

            if (os.match(/Win/i)) {
               reg = new RegExp('^win', 'i');
            } else if (os.match(/Mac/i)) {
               reg = new RegExp('^mac', 'i');
            } else if (ua.match(/iPhone|iPad|iPod/i)) {
               reg = new RegExp('^ios', 'i');
            } else if (ua.match(/Android/i)) {
               reg = new RegExp('^android', 'i');
            } else if (os.match(/Linux/i)) {
               reg = new RegExp('^linux', 'i');
            } else if (ua.match(/IEMobile/i)) {
               reg = new RegExp('^iemobile', 'i');
            } else {
               reg = null;
            }

            if (!!reg) {
               list = clients.split(';');
               for (i = 0; i < list.length; i++) {
                  if (list[i].match(reg)) {
                     link = list[i].replace(reg, '');
                     break;
                  }
               }

               if (!!link) {
                  $('#nativeClient').attr('href', link);
               }
            }
         });
      }(window.jQuery));
   </script>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:40:06.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "vmware.com"
         ],
         "hostname" : [
            "www.vmware.com"
         ],
         "url" : [
            "https://www.vmware.com/go/viewclients",
            "https://www.vmware.com/go/viewclients;",
            "https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html"
         ]
      },
      "http" : {
         "bodymd5" : "4b9a9979d3ab82669a7c8998297d0d0f",
         "bodymmh3" : -1273425001,
         "component" : [
            {
               "product" : "Java",
               "productvendor" : "Oracle"
            },
            {
               "productversion" : "3.0.2",
               "product" : "OpenSSL",
               "productvendor" : "OpenSSL"
            },
            {
               "productversion" : "1.7.2",
               "product" : "jQuery",
               "productvendor" : "jQuery"
            }
         ],
         "headermd5" : "c2e55e212651836d368d5509d46ef0b7",
         "headermmh3" : -1366809487,
         "title" : "VMware Horizon View"
      },
      "length" : 4427
   },
   "asn" : "AS16509",
   "city" : "Osaka",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\nContent-Language: en-US\nServer: Apache/2.4.52 (Ubuntu) OpenSSL/3.0.2\nSet-Cookie: JSESSIONID=EC94214E835864020A85678A3C03860E; Path=/; Secure; HttpOnly\nContent-Type: text/html;charset=UTF-8\nStrict-Transport-Security: max-age=31536000\n\n<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n   <meta charset=\"utf-8\">\n   <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n   <title>VMware Horizon View</title>\n   <link rel=\"stylesheet\" href=\"/portal/css/style.css\">\n   <link rel=\"icon\" href=\"/portal/favicon.ico\">\n   <script type=\"text/javascript\" src=\"/portal/common/js/jquery-1.7.2.min.js\"></script>\n</head>\n<body>\n   <div class=\"ui-header\">\n      <img class=\"ui-align-middle ui-view-icon\" src=\"/portal/resources/icons/view_48x.png\" alt=\"VMware Horizon View\">\n      <img class=\"ui-align-middle ui-view-logo\" src=\"/portal/resources/icons/view_logo.png\" alt=\"VMware Horizon View\">\n   </div>\n   <div class=\"ui-body\">\n      <div class=\"ui-content\">\n         <div class=\"ui-indent\">\n            <p>You can connect to your desktop by using the VMware Horizon View Client or through the browser.</p>\n            <p>The VMware Horizon View Client offers better performance and features.</p>\n         </div>\n         <div class=\"ui-align-center\">\n            <ul class=\"ui-list\">\n               <li>\n               <a id=\"nativeClient\" href='https://www.vmware.com/go/viewclients' title=\"VMware Horizon View Client\" class=\"ui-list-item ui-corner-all\">\n                     <span class=\"ui-corner-all\">\n                        <div class=\"ui-align-center ui-native-client\"></div>\n                        <h2 class=\"ui-list-title\">Install VMware Horizon</h2>\n                        <h2 class=\"ui-list-title\">View Client</h2>\n                     </span>\n                  </a>\n               </li>\n               <li>\n               <a id=\"webClient\" href=\"/portal/webclient/views/index.html\" title=\"VMware Horizon View HTML Access\" class=\"ui-list-item ui-corner-all\">\n                     <span class=\"ui-corner-all\">\n                        <div class=\"ui-align-center ui-web-client\"></div>\n                        <h2 class=\"ui-list-title\">VMware Horizon View</h2>\n                        <h2 class=\"ui-list-title\">HTML Access</h2>\n                     </span>\n                  </a>\n               </li>\n            </ul>\n         </div>\n         <div class=\"ui-indent\">\n            <p>To see the full list of VMware Horizon View Clients, click <a id=\"downloadLink\" href='https://www.vmware.com/go/viewclients' title=\"Download VMware Horizon View Client\">here</a>.</p>\n            <p>For help with VMware Horizon View, click <a href=\"https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html\" title=\"Help\">here</a>.</p>\n         </div>\n      </div>\n   </div>\n\n   <script type=\"text/javascript\">\n      (function($, undefined) {\n         $(function() {\n            var os = navigator.platform,\n                ua = navigator.userAgent,\n                reg = null,\n                clients = 'winhttps://www.vmware.com/go/viewclients#win;machttps://www.vmware.com/go/viewclients#mac;androidhttps://www.vmware.com/go/viewclients#android;linuxhttps://www.vmware.com/go/viewclients#linux;ioshttps://www.vmware.com/go/viewclients#ios;downloadhttps://www.vmware.com/go/viewclients;',\n                link = '',\n                list, i;\n\n            if (os.match(/Win/i)) {\n               reg = new RegExp('^win', 'i');\n            } else if (os.match(/Mac/i)) {\n               reg = new RegExp('^mac', 'i');\n            } else if (ua.match(/iPhone|iPad|iPod/i)) {\n               reg = new RegExp('^ios', 'i');\n            } else if (ua.match(/Android/i)) {\n               reg = new RegExp('^android', 'i');\n            } else if (os.match(/Linux/i)) {\n               reg = new RegExp('^linux', 'i');\n            } else if (ua.match(/IEMobile/i)) {\n               reg = new RegExp('^iemobile', 'i');\n            } else {\n               reg = null;\n            }\n\n            if (!!reg) {\n               list = clients.split(';');\n               for (i = 0; i < list.length; i++) {\n                  if (list[i].match(reg)) {\n                     link = list[i].replace(reg, '');\n                     break;\n                  }\n               }\n\n               if (!!link) {\n                  $('#nativeClient').attr('href', link);\n               }\n            }\n         });\n      }(window.jQuery));\n   </script>\n</body>\n</html>\n",
   "datamd5" : "b24f66b75bb1262c340807edc0d2a0d3",
   "datammh3" : 1615217525,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "AMAZON-KIX",
      "organization" : "Amazon Data Services Osaka",
      "subnet" : "15.152.0.0/16"
   },
   "host" : [
      "ec2-15-152-38-130"
   ],
   "hostname" : [
      "ec2-15-152-38-130.ap-northeast-3.compute.amazonaws.com"
   ],
   "ip" : "15.152.38.130",
   "ipv6" : "false",
   "latitude" : "34.6946",
   "location" : "34.6946,135.5021",
   "longitude" : "135.5021",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 49592,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.52",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-15-152-38-130.ap-northeast-3.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ap-northeast-3.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "15.152.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

211.83.5.240

Network

211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.5.240:49592/ 200

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Product

Apache HTTP Server

CPE(s)

<enterprise field>: cpe

Data MD5

c9e730325dea7f74ee38b43d5c922e08

HTTP Header MD5

97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5

fa96a1d40b4f09feb5a0fdc64b37796d

HTTP/1.1 200 ok
Server: Apache
Content-Length:  224
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:30:25.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.100.100.114",
            "211.83.41.225"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "fa96a1d40b4f09feb5a0fdc64b37796d",
         "bodymmh3" : -561155010,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : 1161402209
      },
      "length" : 312
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  224\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>\r\n\r\n",
   "datamd5" : "c9e730325dea7f74ee38b43d5c922e08",
   "datammh3" : -2119959983,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.5.240",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 49592,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

62.72.69.231

Network

62.72.64.0/19

Domain(s)

prismat.de

Device

<enterprise field>: device.class

Operating System

Linux Linux Ubuntu

URL

http://62.72.69.231:49592/ 400

HTTP Title

400 Bad Request

Reverse DNS

do-mx.prismat.de

ASN

AS8881

Organization

1&1 Versatel Deutschland GmbH

Protocol

http

Source

datascan

Operating System

Linux Linux Ubuntu

Product

Apache HTTP Server 2.4.29

HTTP Component(s)

Apache HTTP Server 2.4.29

CPE(s)

<enterprise field>: cpe

Data MD5

7a00d30e5809a30aed8a6a002035acfb

HTTP Header MD5

29e016d39932bda69b1a1c3bb71a1665

HTTP Body MD5

455ec9a6e9db3322a1ec4b0f0194a821

HTTP/1.1 400 Bad Request
Date: Thu, 21 Nov 2024 09:30:24 GMT
Server: Apache/2.4.29 (Ubuntu)
Strict-Transport-Security: max-age=15768000; preload
Content-Length: 445
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
 Instead use the HTTPS scheme to access this URL, please.<br />
</p>
<hr>
<address>Apache/2.4.29 (Ubuntu) Server at login.prismat.de Port 443</address>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:30:24.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "455ec9a6e9db3322a1ec4b0f0194a821",
         "bodymmh3" : 1531374455,
         "component" : [
            {
               "productversion" : "2.4.29",
               "productvendor" : "Apache",
               "product" : "HTTP Server"
            }
         ],
         "headermd5" : "29e016d39932bda69b1a1c3bb71a1665",
         "headermmh3" : -1713175570,
         "title" : "400 Bad Request"
      },
      "length" : 681
   },
   "asn" : "AS8881",
   "city" : "Hamburg",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 21 Nov 2024 09:30:24 GMT\r\nServer: Apache/2.4.29 (Ubuntu)\r\nStrict-Transport-Security: max-age=15768000; preload\r\nContent-Length: 445\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1>\n<p>Your browser sent a request that this server could not understand.<br />\nReason: You're speaking plain HTTP to an SSL-enabled server port.<br />\n Instead use the HTTPS scheme to access this URL, please.<br />\n</p>\n<hr>\n<address>Apache/2.4.29 (Ubuntu) Server at login.prismat.de Port 443</address>\n</body></html>\n",
   "datamd5" : "7a00d30e5809a30aed8a6a002035acfb",
   "datammh3" : -994499320,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "prismat.de"
   ],
   "host" : [
      "do-mx"
   ],
   "hostname" : [
      "do-mx.prismat.de"
   ],
   "ip" : "62.72.69.231",
   "ipv6" : "false",
   "latitude" : "53.5649",
   "location" : "53.5649,9.9683",
   "longitude" : "9.9683",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "1&1 Versatel Deutschland GmbH",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 49592,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.29",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "do-mx.prismat.de"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "62.72.64.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "de"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

211.83.1.112

Network

211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.1.112:49592/ 200

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Product

Apache HTTP Server

CPE(s)

<enterprise field>: cpe

Data MD5

c9e730325dea7f74ee38b43d5c922e08

HTTP Header MD5

97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5

fa96a1d40b4f09feb5a0fdc64b37796d

HTTP/1.1 200 ok
Server: Apache
Content-Length:  224
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:28:29.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.100.100.114",
            "211.83.41.225"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "fa96a1d40b4f09feb5a0fdc64b37796d",
         "bodymmh3" : -561155010,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : 1161402209
      },
      "length" : 312
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  224\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>\r\n\r\n",
   "datamd5" : "c9e730325dea7f74ee38b43d5c922e08",
   "datammh3" : -2119959983,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.1.112",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 49592,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

211.83.1.70

Network

211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.1.70:49592/ 200

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Product

Apache HTTP Server

CPE(s)

<enterprise field>: cpe

Data MD5

136b5effba58958a5576a17763de364a

HTTP Header MD5

97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5

fa96a1d40b4f09feb5a0fdc64b37796d

HTTP/1.1 200 ok
Server: Apache
Content-Length:  221
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:21:00.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.100.100.114",
            "211.83.41.225"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "fa96a1d40b4f09feb5a0fdc64b37796d",
         "bodymmh3" : -561155010,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : -1664957083
      },
      "length" : 312
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  221\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>\r\n\r\n",
   "datamd5" : "136b5effba58958a5576a17763de364a",
   "datammh3" : -1018112249,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.1.70",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 49592,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

211.83.4.167

Network

211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.4.167:49592/ 200

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Product

Apache HTTP Server

CPE(s)

<enterprise field>: cpe

Data MD5

c9e730325dea7f74ee38b43d5c922e08

HTTP Header MD5

97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5

fa96a1d40b4f09feb5a0fdc64b37796d

HTTP/1.1 200 ok
Server: Apache
Content-Length:  224
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:02:07.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "211.83.41.225",
            "10.100.100.114"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "fa96a1d40b4f09feb5a0fdc64b37796d",
         "bodymmh3" : -561155010,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : 1161402209
      },
      "length" : 312
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  224\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>\r\n\r\n",
   "datamd5" : "c9e730325dea7f74ee38b43d5c922e08",
   "datammh3" : -2119959983,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.4.167",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 49592,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

211.83.8.155

Network

211.80.0.0/13

Device

<enterprise field>: device.class

URL

http://211.83.8.155:49592/ 200

ASN

AS4538

Organization

China Education and Research Network Center

Protocol

http

Source

datascan

Product

Apache HTTP Server

CPE(s)

<enterprise field>: cpe

Data MD5

ec93b11a2a26144234e126a7f4a914a6

HTTP Header MD5

97eb73c41d2d1f332d0a4ddd4c85c3de

HTTP Body MD5

fa96a1d40b4f09feb5a0fdc64b37796d

HTTP/1.1 200 ok
Server: Apache
Content-Length:  222
Cache-Control: no-cache
Connection: close

<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:54:55.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "10.100.100.114",
            "211.83.41.225"
         ],
         "url" : [
            "http://211.83.41.225/eportal/index.jsp?wlanuserip="
         ]
      },
      "http" : {
         "bodymd5" : "fa96a1d40b4f09feb5a0fdc64b37796d",
         "bodymmh3" : -561155010,
         "headermd5" : "97eb73c41d2d1f332d0a4ddd4c85c3de",
         "headermmh3" : -1169498968
      },
      "length" : 312
   },
   "asn" : "AS4538",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 ok\r\nServer: Apache\r\nContent-Length:  222\r\nCache-Control: no-cache\r\nConnection: close\r\n\r\n<script>top.self.location.href='http://211.83.41.225/eportal/index.jsp?wlanuserip=<srcip>&wlanacname=NAS&ssid=Ruijie&nasip=10.100.100.114&mac=000000000000&t=wireless-v2-plain&url=http://<ip>:49592/'</script>\r\n\r\n",
   "datamd5" : "ec93b11a2a26144234e126a7f4a914a6",
   "datammh3" : -625877755,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4538",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "211.in-addr.arpa",
         "apnic.net",
         "cernet.edu.cn",
         "scut.edu.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CERNET",
      "organization" : "China Education and Research Network",
      "subnet" : "211.80.0.0/13"
   },
   "ip" : "211.83.8.155",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Education and Research Network Center",
   "port" : 49592,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "ok",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.80.0.0/13",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}