185.30.32.2

As of: Mar 03, 2024 1:33am UTC | Latest
{
  "ip": "185.30.32.2",
  "services": [
    {
      "_decoded": "ftp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 webgo STRINGTOREPLACE FTP Server ready.\r\n",
      "banner_hashes": [
        "sha256:9e74df2f57fee49f33cf8475c57c83ac26a52116530b334f7053af6982949cbb"
      ],
      "banner_hex": "32323020776562676f20535452494e47544f5245504c41434520465450205365727665722072656164792e0d0a",
      "certificate": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
      "extended_service_name": "FTPes",
      "ftp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "auth_tls_response": "DISPLAY_UTF8"
        },
        "banner": "220 webgo STRINGTOREPLACE FTP Server ready.\r\n",
        "auth_tls_response": "234 AUTH TLS successful\r\n",
        "status_code": 220,
        "status_meaning": "Service ready for new user.",
        "implicit_tls": false
      },
      "labels": [
        "file-sharing"
      ],
      "observed_at": "2024-03-01T21:27:10.155789217Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "port": 21,
      "service_name": "FTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "167.94.146.58",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
            "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
            "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
          ],
          "leaf_data": {
            "names": [
              "*.webgo24.de",
              "webgo24.de"
            ],
            "subject_dn": "CN=*.webgo24.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 4096,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "fda590a3ade288ce6f437ae5925abd83124ec377e1d22de2e1939500ac2d0ac4",
            "fingerprint": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.webgo24.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
                "exponent": "AAEAAQ==",
                "length": 512
              },
              "fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            },
            {
              "fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
              "subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            },
            {
              "fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            }
          ]
        },
        "server_key_exchange": {
          "ec_params": {
            "named_curve": 29
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "d25619cb77d3219fc9fc14cb6b35eacc"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "ssh",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3",
      "banner_hashes": [
        "sha256:8a0b4c67ffffbda9b94fe19108bb520fe4af53027553bc4b6724f3ed7bbb8df3"
      ],
      "banner_hex": "5353482d322e302d4f70656e5353485f382e3470312044656269616e2d352b64656231317533",
      "extended_service_name": "SSH",
      "labels": [
        "remote-access"
      ],
      "observed_at": "2024-03-02T22:05:21.804675280Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "port": 22,
      "service_name": "SSH",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "167.94.146.53",
      "ssh": {
        "endpoint_id": {
          "_encoding": {
            "raw": "DISPLAY_UTF8"
          },
          "raw": "SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3",
          "protocol_version": "2.0",
          "software_version": "OpenSSH_8.4p1",
          "comment": "Debian-5+deb11u3"
        },
        "kex_init_message": {
          "kex_algorithms": [
            "curve25519-sha256",
            "[email protected]",
            "ecdh-sha2-nistp256",
            "ecdh-sha2-nistp384",
            "ecdh-sha2-nistp521",
            "diffie-hellman-group-exchange-sha256",
            "diffie-hellman-group16-sha512",
            "diffie-hellman-group18-sha512",
            "diffie-hellman-group14-sha256",
            "[email protected]"
          ],
          "host_key_algorithms": [
            "rsa-sha2-512",
            "rsa-sha2-256",
            "ssh-rsa"
          ],
          "client_to_server_ciphers": [
            "[email protected]",
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "[email protected]",
            "[email protected]"
          ],
          "server_to_client_ciphers": [
            "[email protected]",
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "[email protected]",
            "[email protected]"
          ],
          "client_to_server_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "server_to_client_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "client_to_server_compression": [
            "none",
            "[email protected]"
          ],
          "server_to_client_compression": [
            "none",
            "[email protected]"
          ],
          "first_kex_follows": false
        },
        "algorithm_selection": {
          "kex_algorithm": "[email protected]",
          "host_key_algorithm": "ssh-rsa",
          "client_to_server_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          },
          "server_to_client_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          }
        },
        "server_host_key": {
          "fingerprint_sha256": "69b6f0e46ac5e9cb7c1f9c49bb1dc702ee61b0face503d38557ea50bfcb42855",
          "rsa_public_key": {
            "_encoding": {
              "modulus": "DISPLAY_BASE64",
              "exponent": "DISPLAY_BASE64"
            },
            "modulus": "vCEbtK7VUlN0H6u2C6aCiEjqgoV9ITsAvLw0020uGSrsfUs9E4SY64a2Ph86QkTqrmFwJ67cJh8Fp5YJkgf2bLBfSrPmqLU5d048lXLp4RGxoY2VDjnBA6nLn9NjCP9lCX/IFWbbRuK6obUQlNi+SMXyjs+VWfX+urEbr56YnIY3dM/KeTtB4crswaAVL/vcmd5cE7tgE4EGPQv1pAcGTj6qMV+U/j+1D2jzahlqFIOww3mbiZ78OmagnIdmrFE1dC+puqDQgcyF59Ix2yZB+KVEKVpe47nOcre8Hhnvtq4rw9iocfI3sCyNZh5rTPhcRAYy9iU6ZCB6AswNkuVaUw==",
            "exponent": "AAEAAQ==",
            "length": 2048
          }
        },
        "hassh_fingerprint": "779664e66160bf75999f091fce5edb5a"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220-webgo MAILSERVER - checking mail...\r\n220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
      "banner_hashes": [
        "sha256:e0774d25eea42114d591d6f4243e210273622cc9a15870552af5bf46b3d99c65"
      ],
      "banner_hex": "3232302d776562676f204d41494c534552564552202d20636865636b696e67206d61696c2e2e2e0d0a32323020736572766572322e776562676f32342e64652045534d545020506f7374666978202844656269616e2f474e55290d0a",
      "certificate": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
      "extended_service_name": "SMTP-STARTTLS",
      "labels": [
        "email"
      ],
      "observed_at": "2024-03-02T23:21:36.501125369Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 25,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8",
          "start_tls": "DISPLAY_UTF8"
        },
        "banner": "220-webgo MAILSERVER - checking mail...\r\n220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
        "ehlo": "250-server2.webgo24.de\r\n250-SIZE 1073741824\r\n250-ETRN\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 CHUNKING\r\n",
        "start_tls": "220 2.0.0 Ready to start TLS\r\n"
      },
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "162.142.125.220",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
            "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
            "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
          ],
          "leaf_data": {
            "names": [
              "*.webgo24.de",
              "webgo24.de"
            ],
            "subject_dn": "CN=*.webgo24.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 4096,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "fda590a3ade288ce6f437ae5925abd83124ec377e1d22de2e1939500ac2d0ac4",
            "fingerprint": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.webgo24.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
                "exponent": "AAEAAQ==",
                "length": 512
              },
              "fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            },
            {
              "fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
              "subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            },
            {
              "fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "15af977ce25de452b96affa2addb1036"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate:  <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: keep-alive\r\nLocation: http://server2.webgo24.de\r\n",
      "banner_hashes": [
        "sha256:5f54c8b121e00b89ae22abfa2dec560e4fbad4f9f4fd3492d527596956a0de18"
      ],
      "banner_hex": "485454502f312e3120333031204d6f766564205065726d616e656e746c790d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203136320d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a4c6f636174696f6e3a20687474703a2f2f736572766572322e776562676f32342e64650d0a",
      "extended_service_name": "HTTP",
      "http": {
        "request": {
          "method": "GET",
          "uri": "http://185.30.32.2/",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 301,
          "status_reason": "Moved Permanently",
          "headers": {
            "Location": [
              "http://server2.webgo24.de"
            ],
            "_encoding": {
              "Location": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8",
              "Date": "DISPLAY_UTF8",
              "Content_Length": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8"
            },
            "Content_Type": [
              "text/html"
            ],
            "Connection": [
              "keep-alive"
            ],
            "Date": [
              "<REDACTED>"
            ],
            "Content_Length": [
              "162"
            ],
            "Server": [
              "nginx"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>301 Moved Permanently</title>"
          ],
          "body_size": 162,
          "body": "<html>\r\n<head><title>301 Moved Permanently</title></head>\r\n<body>\r\n<center><h1>301 Moved Permanently</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
          "body_hashes": [
            "sha256:9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a",
            "sha1:3adb1f02d5b6054de0046e367c1d687b6cdf7aff"
          ],
          "body_hash": "sha1:3adb1f02d5b6054de0046e367c1d687b6cdf7aff",
          "html_title": "301 Moved Permanently"
        },
        "supports_http2": false
      },
      "observed_at": "2024-03-02T20:39:57.623520588Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 80,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "nginx",
          "product": "nginx",
          "other": {
            "family": "nginx"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.138.49",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "pop3",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "+OK Dovecot (Debian) ready.\r\n",
      "banner_hashes": [
        "sha256:d23f942eab9de1c939a3dcab0aefadf6c86ebc2b99ba56b2b364c14c7c2b8dad"
      ],
      "banner_hex": "2b4f4b20446f7665636f74202844656269616e292072656164792e0d0a",
      "certificate": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
      "extended_service_name": "POP3S",
      "labels": [
        "email"
      ],
      "observed_at": "2024-03-02T03:52:55.131046103Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "pop3": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "start_tls": "DISPLAY_UTF8"
        },
        "banner": "+OK Dovecot (Debian) ready.\r\n",
        "start_tls": "+OK Begin TLS negotiation now.\r\n"
      },
      "port": 110,
      "service_name": "POP3",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Dovecot",
          "product": "Dovecot",
          "other": {
            "family": "Dovecot"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Debian",
          "product": "Linux",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.138.34",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
            "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
            "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
          ],
          "leaf_data": {
            "names": [
              "*.webgo24.de",
              "webgo24.de"
            ],
            "subject_dn": "CN=*.webgo24.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 4096,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "fda590a3ade288ce6f437ae5925abd83124ec377e1d22de2e1939500ac2d0ac4",
            "fingerprint": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.webgo24.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
                "exponent": "AAEAAQ==",
                "length": 512
              },
              "fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            },
            {
              "fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
              "subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            },
            {
              "fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "banner_grab",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "\u001a\ufffd\ufffd\ufffd\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0004\u0000\u0000\u0000\u0006\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0003\u0000\u0000\u0000\u0006\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0002\u0000\u0000\u0000\u0006\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0004\u0000\u0000\u0000\u0011\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0003\u0000\u0000\u0000\u0011\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0002\u0000\u0000\u0000\u0011\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0005\ufffdZ\u0000\u0000\u0000\u0002\u0000\u0000\u0000\u0006",
      "banner_hashes": [
        "sha256:e49020af45840c9749ce4fbe83e7e7e6cf7b9c4599a749518bbaed79fde4608a"
      ],
      "banner_hex": "1aa9ffe1000000010000000000000000000000000000000000000001000186a000000004000000060000006f00000001000186a000000003000000060000006f00000001000186a000000002000000060000006f00000001000186a000000004000000110000006f00000001000186a000000003000000110000006f00000001000186a000000002000000110000006f000000010005f75a0000000200000006",
      "extended_service_name": "PORTMAP",
      "observed_at": "2024-03-02T10:00:52.645097564Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 111,
      "service_name": "PORTMAP",
      "source_ip": "162.142.125.14",
      "transport_protocol": "UDP",
      "truncated": false
    },
    {
      "_decoded": "ntp",
      "extended_service_name": "NTP",
      "ntp": {
        "get_time_header": {
          "version": 3,
          "mode": 4,
          "stratum": 3,
          "poll": 3,
          "precision": -24,
          "_encoding": {
            "reference_id": "DISPLAY_UTF8"
          },
          "reference_id": "\ufffd\ufffdm-",
          "leap_indicator": 0
        }
      },
      "observed_at": "2024-03-02T13:36:46.796281698Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 123,
      "service_name": "NTP",
      "source_ip": "162.142.125.226",
      "transport_protocol": "UDP",
      "truncated": false
    },
    {
      "_decoded": "imap",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN] Dovecot (Debian) ready.\r\n",
      "banner_hashes": [
        "sha256:30da5d31a6902099f19ddc50a2f3de9fceaa1081ac7b6fed7c48384108795c93"
      ],
      "banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c45204c49544552414c2b205354415254544c5320415554483d504c41494e5d20446f7665636f74202844656269616e292072656164792e0d0a",
      "certificate": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
      "extended_service_name": "IMAPS",
      "imap": {
        "_encoding": {
          "banner": "DISPLAY_UTF8"
        },
        "banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN] Dovecot (Debian) ready.\r\n",
        "start_tls": "a001 OK Begin TLS negotiation now.\r\n"
      },
      "labels": [
        "email"
      ],
      "observed_at": "2024-03-01T15:50:15.900880622Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 143,
      "service_name": "IMAP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Dovecot",
          "product": "Dovecot",
          "other": {
            "family": "Dovecot"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Debian",
          "product": "Linux",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.248.133.124",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
            "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
            "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
          ],
          "leaf_data": {
            "names": [
              "*.webgo24.de",
              "webgo24.de"
            ],
            "subject_dn": "CN=*.webgo24.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 4096,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "fda590a3ade288ce6f437ae5925abd83124ec377e1d22de2e1939500ac2d0ac4",
            "fingerprint": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.webgo24.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
                "exponent": "AAEAAQ==",
                "length": 512
              },
              "fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            },
            {
              "fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
              "subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            },
            {
              "fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate:  <REDACTED>\r\nContent-Type: text/html; charset=ISO-8859-1\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=ef70b989602737be83cfd2e2d025f491; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n",
      "banner_hashes": [
        "sha256:99fb17b21b771a47ba65a2275a308312594790ab27554c9a40461b5332198ff7"
      ],
      "banner_hex": "485454502f312e3120323030204f4b0d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d49534f2d383835392d310d0a5472616e736665722d456e636f64696e673a206368756e6b65640d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a566172793a204163636570742d456e636f64696e670d0a5365742d436f6f6b69653a205048505345535349443d65663730623938393630323733376265383363666432653264303235663439313b20706174683d2f0d0a457870697265733a205468752c203139204e6f7620313938312030383a35323a303020474d540d0a43616368652d436f6e74726f6c3a206e6f2d73746f72652c206e6f2d63616368652c206d7573742d726576616c69646174650d0a507261676d613a206e6f2d63616368650d0a436f6e74656e742d456e636f64696e673a20677a69700d0a",
      "certificate": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
      "extended_service_name": "HTTPS",
      "http": {
        "request": {
          "method": "GET",
          "uri": "https://185.30.32.2/admin/index.php",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 200,
          "status_reason": "OK",
          "headers": {
            "Content_Encoding": [
              "gzip"
            ],
            "_encoding": {
              "Content_Encoding": "DISPLAY_UTF8",
              "Vary": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Expires": "DISPLAY_UTF8",
              "Pragma": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Set_Cookie": "DISPLAY_UTF8",
              "Date": "DISPLAY_UTF8",
              "Cache_Control": "DISPLAY_UTF8",
              "Transfer_Encoding": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8"
            },
            "Vary": [
              "Accept-Encoding"
            ],
            "Server": [
              "nginx"
            ],
            "Expires": [
              "Thu, 19 Nov 1981 08:52:00 GMT"
            ],
            "Pragma": [
              "no-cache"
            ],
            "Content_Type": [
              "text/html; charset=ISO-8859-1"
            ],
            "Set_Cookie": [
              "PHPSESSID=ef70b989602737be83cfd2e2d025f491; path=/"
            ],
            "Date": [
              "<REDACTED>"
            ],
            "Cache_Control": [
              "no-store, no-cache, must-revalidate"
            ],
            "Transfer_Encoding": [
              "chunked"
            ],
            "Connection": [
              "keep-alive"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>webgo Webspace-Admin</title>",
            "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">",
            "<META HTTP-EQUIV=\"Pragma\" CONTENT=\"no-cache\">",
            "<META HTTP-EQUIV=\"Expires\" CONTENT=\"-1\">"
          ],
          "body_size": 4553,
          "body": "\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">\n<html>\n<head>\n        <meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">\n  <META HTTP-EQUIV=\"Pragma\" CONTENT=\"no-cache\">\n    <META HTTP-EQUIV=\"Expires\" CONTENT=\"-1\">\n  <script type=\"text/javascript\" src=\"../javascripts/scripte.js\"></script>\n  <script src=\"https://code.jquery.com/jquery-3.2.1.slim.min.js\" integrity=\"sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN\" crossorigin=\"anonymous\"></script>\n<script src=\"https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js\" integrity=\"sha384-vFJXuSJphROIrBnz7yo7oB41mKfc8JzQZiCq4NCceLEaO4IHwicKwpJf9c9IpFgh\" crossorigin=\"anonymous\"></script>\n<script src=\"https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js\" integrity=\"sha384-alpBpkh1PFOepccYVYDB4do5UnbKysX5WZXm3XxPqe5iKTfUKjNkCk9SaVuEZflJ\" crossorigin=\"anonymous\"></script>\n  <script type=\"text/javascript\" src=\"../javascripts/boot.js\"></script>\n  <title>webgo Webspace-Admin</title>\n<link rel=\"shortcut icon\" href=\"https://www.webgo.de/assets/images/favicon.ico\"> \n  <link href=\"../css/style.css\" rel=\"stylesheet\" type=\"text/css\">\n   <link rel=\"stylesheet\" href=\"https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css\" integrity=\"sha384-PsH8R72JQ3SOdhVi3uxftmaW6Vc51MKb0q5P2rRUpPvrszuE4W1povHYgTpBfshb\" crossorigin=\"anonymous\">\n</head>\n<noscript>\n  <br>\n  <center>\n    <span class ='rot12b'>JavaScript is disabled on your browser.\n    Please enable JavaScript to use correctly  mesosadmin frontend</span>\n  </center>\n</noscript>\n<script type=\"text/javascript\">\nif (navigator.cookieEnabled == false) {\n  document.write(\"<br><center><span class ='rot12b'>your browser refuses to sign in. (cookies rejected) <\\/span><\\/center>\")\n}\n</script>\n<body OnLoad=\"setzeCurser()\" background=\"../images/background_content.jpg\" text=\"black\" link=\"black\" vlink=\"black\" alink=\"black\" leftmargin=\"0\" topmargin=\"0\" text=\"black\" link=\"black\">\n\n\n\n\n<br>\n<form method=\"POST\" name='myform' action=\"../admin/index.php\">\n<table  width=\"500\"  align='center' cellspacing=\"0\" cellpadding=\"0\" align='center'>\n\n<tr>\n<td colspan=\"3\" bgcolor=\"#000000\"><img src=\"../images/blind.gif\" height=\"1\" width=\"1\"></td>\n</tr>\n\n\n<tr>\n<td width=\"1\" bgcolor=\"#000000\"><img src=\"../images/blind.gif\" width=\"1\" height=\"1\"></td>\n\n<td> \n<table  width=\"500\" border=0  background=\"../images/background_blau.gif\" border=0 valign=\"top\" cellspacing=\"0\" cellpadding=\"0\" align='center' >\n\n<tr bgcolor='white'>\n\n<td height=\"71\"  align=\"center\" colspan=\"3\" height=33 background=\"../images/background_Leiste.gif\">\n\n</td></tr>\n\n<tr><td  background=\"../images/background_blau.gif\" height=\"10\" colspan=\"3\" valign=\"center\" align=\"center\">\n\t\n\t \n\t <font size=2 color ='white'><b>Please login</b></font></td></tr>\n\n\t \n\t \n    <tr>\n\t \n\t <td height=\"22\"  align='right' ><br>\n\n\t &nbsp;<font size=2 color ='black'><b>Benutzer &nbsp;&nbsp;</b></font></td>\n\t \n    <td valign=\"top\" height=\"22\" width=\"20%\" ><br>\n\t \n\t <input type=\"text\" size=\"20\"  name=\"user_name\" value=\"\" class='myinput'></td>\n\t \n\t <td width=\"40%\" >&nbsp;</td>\t \n\t </tr>\n\n    <tr>\n\t <td height=\"22\"  align ='right'>\n\t \n\t <font size=2 color ='black' align='left'><b>Passwort&nbsp;&nbsp;</b></font>\n     </td>\n    \n\t <td valign=\"center\"  height=\"22\" width=\"0%\">\n\t \n\t <input type=\"password\" size=\"20\"  name=\"user_pwd\" class='myinput'></td>\n\t <td width=\"40%\">&nbsp;</td>\n\t </tr>\n\n\t \n \n\t <tr><td valign=\"top\" height=\"22\" width=\"40%\"><b>&nbsp;</b></td>\n    \n\t <td valign=\"top\" width=\"64\" align=\"center\">\n\t <input type=\"submit\" name='login'  value='login' class='my_submit'>\n        </td>\n\n\t <td valign=\"top\" height=\"22\" width=\"20%\">&nbsp;</td>\n\t\t  </tr>\n\n\n<tr><td td colspan=4 align='center'>&nbsp;</td></tr>\n\n<tr><td td colspan=4 align='center'>\n\n<font color='white' size=2 style='font-family:sans-serif; color:white;'>\n\n\n</font></td></tr>\n\n\n<tr><td td colspan=4 align='center'>&nbsp;</td></tr>\n\n<tr><td td colspan=4 align='center'>\n\n\n<font color='white' size=2 style='font-family:sans-serif;color:white;text-decoration: underline;'>\n\n\n\n<tr><td td colspan=4 align='center'>\n\n<p><a href=\"https://webgo.de\" target=\"_blank\">webgo.de</a></p>\n\n</td></tr>\n\n\n</table>\n</td>\n\n<td width=\"1\" bgcolor=\"#000000\"><img src=\"../images/blind.gif\" width=\"1\" height=\"1\"></td>\n\n</tr>\n\n<tr>\n<td colspan=\"3\" bgcolor=\"#000000\"><img src=\"../images/blind.gif\" height=\"1\" width=\"1\"></td>\n</tr>\n\n\n</table>\n<input type=\"hidden\" name=\"_ma_form_token\" value=\"1a7fd27b5094f437a6b617216db143b4\">\n</form>\n\n\n\n</body>\n</html>\n",
          "body_hashes": [
            "sha256:ea98b7212123927c719257a3b18711b3a4ef14e9228e82a404ea2ce21f2caa0e",
            "sha1:7c1e5eea65492fd6b80abd1f40441c8621cdf63c"
          ],
          "body_hash": "sha1:7c1e5eea65492fd6b80abd1f40441c8621cdf63c",
          "html_title": "webgo Webspace-Admin"
        },
        "supports_http2": true
      },
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "29d29d38d29d29d00042d42d0000005fd00fabd213a5ac89229012f70afd5c",
        "cipher_and_version_fingerprint": "29d29d38d29d29d00042d42d000000",
        "tls_extensions_sha256": "5fd00fabd213a5ac89229012f70afd5c",
        "observed_at": "2024-02-16T23:03:09.233603367Z"
      },
      "labels": [
        "login-page"
      ],
      "observed_at": "2024-03-02T09:40:47.912244035Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "port": 443,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "PHP",
          "product": "PHP",
          "other": {
            "family": "PHP"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "nginx",
          "product": "nginx",
          "other": {
            "family": "nginx"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.146.51",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
            "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
            "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
          ],
          "leaf_data": {
            "names": [
              "*.webgo24.de",
              "webgo24.de"
            ],
            "subject_dn": "CN=*.webgo24.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 4096,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "fda590a3ade288ce6f437ae5925abd83124ec377e1d22de2e1939500ac2d0ac4",
            "fingerprint": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.webgo24.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
                "exponent": "AAEAAQ==",
                "length": 512
              },
              "fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            },
            {
              "fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
              "subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            },
            {
              "fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "15af977ce25de452b96affa2addb1036"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
      "banner_hashes": [
        "sha256:7c04ea0d77354c4686bb3b67e3e6be0b2b12c4f5b0474fad34e25a7f17a973b4"
      ],
      "banner_hex": "32323020736572766572322e776562676f32342e64652045534d545020506f7374666978202844656269616e2f474e55290d0a",
      "certificate": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "SMTPS",
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "3fd3fd1ad3fd3fd22c42d42d00000071072875005eb3aede396e09e29e9524",
        "cipher_and_version_fingerprint": "3fd3fd1ad3fd3fd22c42d42d000000",
        "tls_extensions_sha256": "71072875005eb3aede396e09e29e9524",
        "observed_at": "2024-02-15T05:19:18.544336486Z"
      },
      "labels": [
        "email"
      ],
      "observed_at": "2024-03-02T19:37:18.439090226Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 465,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8"
        },
        "banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
        "ehlo": "250-server2.webgo24.de\r\n250-PIPELINING\r\n250-SIZE 1073741824\r\n250-ETRN\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 CHUNKING\r\n"
      },
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Postfix",
          "product": "Postfix",
          "other": {
            "family": "Postfix"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Debian",
          "product": "Linux",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.138.36",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
            "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
            "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
          ],
          "leaf_data": {
            "names": [
              "*.webgo24.de",
              "webgo24.de"
            ],
            "subject_dn": "CN=*.webgo24.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 4096,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "fda590a3ade288ce6f437ae5925abd83124ec377e1d22de2e1939500ac2d0ac4",
            "fingerprint": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.webgo24.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
                "exponent": "AAEAAQ==",
                "length": 512
              },
              "fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            },
            {
              "fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
              "subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            },
            {
              "fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "15af977ce25de452b96affa2addb1036"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
      "banner_hashes": [
        "sha256:7c04ea0d77354c4686bb3b67e3e6be0b2b12c4f5b0474fad34e25a7f17a973b4"
      ],
      "banner_hex": "32323020736572766572322e776562676f32342e64652045534d545020506f7374666978202844656269616e2f474e55290d0a",
      "certificate": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
      "extended_service_name": "SMTP-STARTTLS",
      "labels": [
        "email"
      ],
      "observed_at": "2024-03-02T22:02:22.792765546Z",
      "perspective_id": "PERSPECTIVE_ORANGE",
      "port": 587,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8",
          "start_tls": "DISPLAY_UTF8"
        },
        "banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
        "ehlo": "250-server2.webgo24.de\r\n250-PIPELINING\r\n250-SIZE 1073741824\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 CHUNKING\r\n",
        "start_tls": "220 2.0.0 Ready to start TLS\r\n"
      },
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Postfix",
          "product": "Postfix",
          "other": {
            "family": "Postfix"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Debian",
          "product": "Linux",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.145.60",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
            "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
            "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
          ],
          "leaf_data": {
            "names": [
              "*.webgo24.de",
              "webgo24.de"
            ],
            "subject_dn": "CN=*.webgo24.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 4096,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "fda590a3ade288ce6f437ae5925abd83124ec377e1d22de2e1939500ac2d0ac4",
            "fingerprint": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.webgo24.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
                "exponent": "AAEAAQ==",
                "length": 512
              },
              "fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            },
            {
              "fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
              "subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            },
            {
              "fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "15af977ce25de452b96affa2addb1036"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "imap",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot (Debian) ready.\r\n",
      "banner_hashes": [
        "sha256:c6da3659113355d5304fa51a7cf8a22204b433dac37072359c696b6c8b3b9f30"
      ],
      "banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c45204c49544552414c2b20415554483d504c41494e5d20446f7665636f74202844656269616e292072656164792e0d0a",
      "certificate": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
      "extended_service_name": "IMAPS",
      "imap": {
        "_encoding": {
          "banner": "DISPLAY_UTF8"
        },
        "banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot (Debian) ready.\r\n"
      },
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "07d3fd12d21d21d07c42d43d0000008435c4f14f7a2c9375dab1adaee145f3",
        "cipher_and_version_fingerprint": "07d3fd12d21d21d07c42d43d000000",
        "tls_extensions_sha256": "8435c4f14f7a2c9375dab1adaee145f3",
        "observed_at": "2024-02-19T17:33:58.842863812Z"
      },
      "labels": [
        "email"
      ],
      "observed_at": "2024-03-02T05:22:40.369790909Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 993,
      "service_name": "IMAP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Dovecot",
          "product": "Dovecot",
          "other": {
            "family": "Dovecot"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Debian",
          "product": "Linux",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "162.142.125.220",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
            "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
            "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
          ],
          "leaf_data": {
            "names": [
              "*.webgo24.de",
              "webgo24.de"
            ],
            "subject_dn": "CN=*.webgo24.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 4096,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "fda590a3ade288ce6f437ae5925abd83124ec377e1d22de2e1939500ac2d0ac4",
            "fingerprint": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.webgo24.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
                "exponent": "AAEAAQ==",
                "length": 512
              },
              "fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            },
            {
              "fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
              "subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            },
            {
              "fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "pop3",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "+OK Dovecot (Debian) ready.\r\n",
      "banner_hashes": [
        "sha256:d23f942eab9de1c939a3dcab0aefadf6c86ebc2b99ba56b2b364c14c7c2b8dad"
      ],
      "banner_hex": "2b4f4b20446f7665636f74202844656269616e292072656164792e0d0a",
      "certificate": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "POP3S",
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "07d3fd12d21d21d07c42d43d0000008435c4f14f7a2c9375dab1adaee145f3",
        "cipher_and_version_fingerprint": "07d3fd12d21d21d07c42d43d000000",
        "tls_extensions_sha256": "8435c4f14f7a2c9375dab1adaee145f3",
        "observed_at": "2024-02-27T07:38:51.753554327Z"
      },
      "labels": [
        "email"
      ],
      "observed_at": "2024-02-29T16:11:43.030788337Z",
      "pending_removal_since": "2024-03-03T00:14:05.058243868Z",
      "perspective_id": "PERSPECTIVE_ORANGE",
      "pop3": {
        "_encoding": {
          "banner": "DISPLAY_UTF8"
        },
        "banner": "+OK Dovecot (Debian) ready.\r\n"
      },
      "port": 995,
      "service_name": "POP3",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Dovecot",
          "product": "Dovecot",
          "other": {
            "family": "Dovecot"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Debian",
          "product": "Linux",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.145.53",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
            "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
            "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
          ],
          "leaf_data": {
            "names": [
              "*.webgo24.de",
              "webgo24.de"
            ],
            "subject_dn": "CN=*.webgo24.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 4096,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "fda590a3ade288ce6f437ae5925abd83124ec377e1d22de2e1939500ac2d0ac4",
            "fingerprint": "d03f7922edda56dd37ca5f4c7fa82292d9fc0e61887b4e89c4cd1a1ca1f143f1",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.webgo24.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
                "exponent": "AAEAAQ==",
                "length": 512
              },
              "fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            },
            {
              "fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
              "subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            },
            {
              "fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "mysql",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "5.5.5-10.11.4-MariaDB-1:10.11.4+maria~deb11-log",
      "banner_hashes": [
        "sha256:42d3a0194dcea536a857e11269daa38506c04178b65e2481672d277061c0649f"
      ],
      "banner_hex": "352e352e352d31302e31312e342d4d6172696144422d313a31302e31312e342b6d617269617e64656231312d6c6f67",
      "extended_service_name": "MYSQL",
      "labels": [
        "database"
      ],
      "mysql": {
        "protocol_version": 10,
        "server_version": "5.5.5-10.11.4-MariaDB-1:10.11.4+maria~deb11-log",
        "connection_id": 7708204,
        "_encoding": {
          "auth_plugin_data": "DISPLAY_HEX"
        },
        "auth_plugin_data": "4765497c577a2647732e287d614d3c243f50543700",
        "character_set": 45,
        "status_flags": {
          "SERVER_STATUS_AUTOCOMMIT": true
        },
        "capability_flags": {
          "CLIENT_INTERACTIVE": true,
          "CLIENT_PLUGIN_AUTH_LEN_ENC_CLIENT_DATA": true,
          "CLIENT_NO_SCHEMA": true,
          "CLIENT_MULTI_STATEMENTS": true,
          "CLIENT_PROTOCOL_41": true,
          "CLIENT_TRANSACTIONS": true,
          "CLIENT_DEPRECATED_EOF": true,
          "CLIENT_RESERVED": true,
          "CLIENT_MULTI_RESULTS": true,
          "CLIENT_CONNECT_ATTRS": true,
          "CLIENT_CONNECT_WITH_DB": true,
          "CLIENT_PLUGIN_AUTH": true,
          "CLIENT_SESSION_TRACK": true,
          "CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS": true,
          "CLIENT_LONG_FLAG": true,
          "CLIENT_SECURE_CONNECTION": true,
          "CLIENT_PS_MULTI_RESULTS": true,
          "CLIENT_IGNORE_SPACE": true,
          "CLIENT_LOCAL_FILES": true,
          "CLIENT_ODBC": true,
          "CLIENT_COMPRESS": true,
          "CLIENT_FOUND_ROWS": true,
          "CLIENT_IGNORE_SIGPIPE": true
        },
        "auth_plugin_name": "mysql_native_password",
        "error_code": 0
      },
      "observed_at": "2024-03-02T16:19:43.543333808Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "port": 3306,
      "service_name": "MYSQL",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:9.1:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Debian",
          "product": "Linux",
          "version": "9.1",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:mariadb:mariadb:10.11.4:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "MariaDB",
          "product": "MariaDB",
          "version": "10.11.4",
          "other": {
            "family": "MySQL"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.146.57",
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "banner_grab",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "\"IMPLEMENTATION\" \"Dovecot (Debian) Pigeonhole\"\r\n\"SIEVE\" \"fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational re",
      "banner_hashes": [
        "sha256:b5a094162546bd162624951f97e9e30238fd1dfe0e8ffca53da185832dc03096"
      ],
      "banner_hex": "22494d504c454d454e544154494f4e222022446f7665636f74202844656269616e2920506967656f6e686f6c65220d0a22534945564522202266696c65696e746f2072656a65637420656e76656c6f706520656e636f6465642d636861726163746572207661636174696f6e207375626164647265737320636f6d70617261746f722d693b61736369692d6e756d657269632072656c6174696f6e616c207265",
      "extended_service_name": "PIGEONHOLE",
      "labels": [
        "email"
      ],
      "observed_at": "2024-03-02T23:31:31.474012705Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 4190,
      "service_name": "PIGEONHOLE",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "167.248.133.124",
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 401 Unauthorized\r\nServer: Icinga/r2.14.2-1\r\nWWW-Authenticate: Basic realm=\"Icinga 2\"\r\nConnection: close\r\nContent-Type: text/html\r\nContent-Length: 58\r\n",
      "banner_hashes": [
        "sha256:bde1f604fa866cb77b24d3e6e1833f48e2ef76054400439e789f24946421e2a7"
      ],
      "banner_hex": "485454502f312e312034303120556e617574686f72697a65640d0a5365727665723a204963696e67612f72322e31342e322d310d0a5757572d41757468656e7469636174653a204261736963207265616c6d3d224963696e67612032220d0a436f6e6e656374696f6e3a20636c6f73650d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a2035380d0a",
      "certificate": "f702e811446a4c5c330c8db97eff714738f90feb6b15e9b9c83c12e4aff42b24",
      "extended_service_name": "HTTPS",
      "http": {
        "request": {
          "method": "GET",
          "uri": "https://185.30.32.2:5665/",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 401,
          "status_reason": "Unauthorized",
          "headers": {
            "Content_Type": [
              "text/html"
            ],
            "_encoding": {
              "Content_Type": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "WWW_Authenticate": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8",
              "Content_Length": "DISPLAY_UTF8"
            },
            "Server": [
              "Icinga/r2.14.2-1"
            ],
            "WWW_Authenticate": [
              "Basic realm=\"Icinga 2\""
            ],
            "Connection": [
              "close"
            ],
            "Content_Length": [
              "58"
            ]
          },
          "body_size": 58,
          "_encoding": {
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8"
          },
          "body": "<h1>Unauthorized. Please check your user credentials.</h1>",
          "body_hashes": [
            "sha256:96e9cf9119d9b1a4488e42969dd86cca39f90986c100149e0e10e367262e7781",
            "sha1:0781b2ef0edae3f86ab5f8ef7aaa4e8dae54208a"
          ],
          "body_hash": "sha1:0781b2ef0edae3f86ab5f8ef7aaa4e8dae54208a"
        },
        "supports_http2": false
      },
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "2ad2ad16d2ad2ad00042d42d0000000b7957bea5dccaf2976e02aac6e2963a",
        "cipher_and_version_fingerprint": "2ad2ad16d2ad2ad00042d42d000000",
        "tls_extensions_sha256": "0b7957bea5dccaf2976e02aac6e2963a",
        "observed_at": "2024-02-28T03:02:21.933372860Z"
      },
      "observed_at": "2024-03-02T23:44:53.000876920Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 5665,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "162.142.125.212",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "f702e811446a4c5c330c8db97eff714738f90feb6b15e9b9c83c12e4aff42b24",
          "chain_fps_sha_256": [
            "e7892aa47949cb3b328caab424c8fd58869b1bb8f2b12b0ea5052b3c901e809d"
          ],
          "leaf_data": {
            "names": [
              "server2.webgo24.de"
            ],
            "subject_dn": "CN=server2.webgo24.de",
            "issuer_dn": "CN=Icinga CA",
            "pubkey_bit_size": 4096,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "e1bd1c25a5e265f00c6c69bb36070bf9d8c499e2e37811ca03a1c3f7d371dd23",
            "fingerprint": "f702e811446a4c5c330c8db97eff714738f90feb6b15e9b9c83c12e4aff42b24",
            "issuer": {
              "common_name": [
                "Icinga CA"
              ]
            },
            "subject": {
              "common_name": [
                "server2.webgo24.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "yQaj6DaL8Gi+eiojL2EGdbrmz66IGbxdukd1Mp3U0KAgORQwXHaNy51M72647w8WfakHAPr62BXcEaYMeHRwJudElX6QmjQ/4wy5tfxWoRSKz/LGTzQJtmGJ2XKS0BjSYujzcI+IXgO7/y3ZQz6VoUXT2NXDxDyGq8RHQNr5rD3yIH8qU1WySgpyv6fmIzIG9DIQ7cpJ2mapc3PU1KIeYzilsgqmRs1G5OTHbVa1pUbB7+vzp2PVxdYDdzHh5TpA79EI1gubfNLxyrrCQvW6rMWYWilmZtQmtL+mX99OBoodx7pBj51zrXupg3K+e49C0tMJoFJgSuq3ovTXyLhuVOBpufT/IZrMkf4+QBnLe3wPjKo4pMn0OdKI8yHXOf1nyGmeD6jCmn/s5m0XIKvne+Wys/pWr23g9fe7WlGidvk8xCNLhzQ8MAtiNFWgWbMxqJ8nlZsK0fEHbkczWk/MKvaPKuryAdhbkYo4sRRolZmPBqptCsYx1alDlmjzk4LjexHVur5CPmYimRm2UybWPvPvUwhf+DFMPXUqrzr9GIsaPrPIduqmnPMQE/10/IALE3VsZqzRCSa2e1NiC6NXu4pWv9ZQlPBqEE+LPrQ1Lge0i+fYTf0VGKnTke/styhi7PFa2kNFHn36zUPCn1qofCwpmOl3gH3dHh+L+yNZdV0=",
                "exponent": "AAEAAQ==",
                "length": 512
              },
              "fingerprint": "743acea5429c319ee8a009d45bf7e4ca6bd9879a41d201362e332b9e230459d1"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "e7892aa47949cb3b328caab424c8fd58869b1bb8f2b12b0ea5052b3c901e809d",
              "subject_dn": "CN=Icinga CA",
              "issuer_dn": "CN=Icinga CA"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "15af977ce25de452b96affa2addb1036"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Europe",
    "country": "Germany",
    "country_code": "DE",
    "city": "Hamburg",
    "postal_code": "20038",
    "timezone": "Europe/Berlin",
    "province": "Hamburg",
    "coordinates": {
      "latitude": 53.55073,
      "longitude": 9.99302
    }
  },
  "location_updated_at": "2024-02-19T22:28:57.572970339Z",
  "autonomous_system": {
    "asn": 48324,
    "description": "DE-WEBGO www.webgo.de",
    "bgp_prefix": "185.30.32.0/22",
    "name": "DE-WEBGO www.webgo.de",
    "country_code": "DE"
  },
  "autonomous_system_updated_at": "2024-02-19T02:37:45.519158593Z",
  "whois": {
    "network": {
      "handle": "WEBGO-RZ-HAM1",
      "name": "webgo GmbH"
    },
    "organization": {
      "handle": "ORG-WE2-RIPE",
      "name": "webgo GmbH",
      "address": "Heidenkampsweg 81\\n20097\\nHamburg\\nGERMANY",
      "abuse_contacts": [
        {
          "handle": "WRC4-RIPE",
          "name": "webgo Ripe Coordination",
          "email": "[email protected]"
        }
      ],
      "admin_contacts": [
        {
          "handle": "SA8363-RIPE",
          "name": "Sebastian Angermeyer",
          "email": "[email protected]"
        }
      ]
    }
  },
  "operating_system": {
    "uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
    "part": "o",
    "vendor": "Debian",
    "product": "Linux",
    "other": {
      "family": "Linux"
    }
  },
  "dns": {
    "names": [
      "www.tanjabauer-uebersetzt.de",
      "www.euro-top-one.de",
      "macstreff.de",
      "malerbetriebmueller.de",
      "rwbaugeschaeft.de",
      "www.frauenhofpalais.de",
      "jb-it.support",
      "server2.webgo24.de",
      "bvbs-homann.de",
      "pop.swue-netz.de",
      "john-bader.de",
      "mail1.tanjabauer-uebersetzt.de",
      "www.dr-bierl.de",
      "pop.bader.systems",
      "www.pflegequalitaet-schulz.de",
      "smtp.macstreff.de",
      "www.lutz-arnold.eu",
      "pop.delphin-potential.de",
      "smtp.bader.systems",
      "elli-john.de",
      "pop.synoptikfibel.de",
      "mail1.swueb.de",
      "christineputz.de",
      "smtp.bader.support",
      "www.adelheidhenke.de",
      "mail2.swueb.de",
      "www.bbs-rutke.de",
      "www.swueb.de",
      "www.elli-john.de",
      "tanjabauer-uebersetzt.de",
      "pop.hug-sz.de",
      "nsgos.fh28.de",
      "md-maler.de",
      "www.wille-schenk.de",
      "mail1.divh.de",
      "swue-netz.de",
      "mail1.elli-john.de",
      "delphin-potential.de",
      "synoptikfibel.de",
      "it-support.john-bader.de",
      "smtp.elli-bader.de",
      "www.matthias-fischbach.de",
      "www.buergernahes-bayern.de",
      "brauer-tischlerei.de",
      "www.idt21.de",
      "smtp.delphin-potential.de",
      "hug-sz.de",
      "smtp.frauenhofpalais.de",
      "www.minihold.de",
      "www.concaer.de",
      "wille-schenk.de",
      "mail1.jb-it.support",
      "www.schornsteinfeger-ordowski.de",
      "www.chorisma-velbert.de",
      "euro-top-one.com",
      "adelheidhenke.de",
      "www.swue-netz.de",
      "www.brauer-tischlerei.de",
      "mit-kidz.de",
      "kosmetikpraxis-erkrath.de",
      "www.energieberater-ordowski.de",
      "dr-bierl.de",
      "www.elli-bader.de",
      "livesol.de",
      "www.aua-autoservice.de",
      "www.synoptikfibel.de",
      "minihold.de",
      "www.hug-sz.de",
      "www.euro-top-one.net",
      "mail2.jb-it.support",
      "www.mit-kidz.de",
      "physio-donau.de",
      "pop.elli-bader.de",
      "www.euro-top-one.com",
      "smtp.synoptikfibel.de",
      "concaer.de",
      "www.physio-donau.de",
      "mail2.john-bader.de",
      "www.idt21.com",
      "idt21.de",
      "pop.frauenhofpalais.de",
      "bader.systems",
      "pflegequalitaet-schulz.de",
      "mail1.john-bader.de",
      "www.macstreff.de",
      "www.md-maler.de",
      "www.energiepreiserhoehung.de",
      "energieberater-ordowski.de",
      "elli-bader.de",
      "www.livesol.de",
      "www.malerbetriebmueller.de",
      "mail2.divh.de",
      "kaiser-schornsteinfeger.de",
      "jm-medpro.de",
      "ruetten-stb.de",
      "pop.bader.support",
      "smtp.hug-sz.de",
      "swueb.de",
      "smtp.minihold.de",
      "aua-autoservice.de"
    ],
    "records": {
      "www.euro-top-one.com": {
        "record_type": "A",
        "resolved_at": "2024-02-14T15:02:50.126344397Z"
      },
      "mail2.jb-it.support": {
        "record_type": "A",
        "resolved_at": "2024-02-03T00:10:09.116208777Z"
      },
      "mail1.swueb.de": {
        "record_type": "A",
        "resolved_at": "2024-02-17T18:03:28.812929847Z"
      },
      "pflegequalitaet-schulz.de": {
        "record_type": "A",
        "resolved_at": "2024-02-04T17:17:04.616983471Z"
      },
      "pop.delphin-potential.de": {
        "record_type": "A",
        "resolved_at": "2024-02-28T17:51:47.424278616Z"
      },
      "smtp.minihold.de": {
        "record_type": "A",
        "resolved_at": "2024-02-23T18:11:32.987477455Z"
      },
      "jb-it.support": {
        "record_type": "A",
        "resolved_at": "2024-02-28T23:22:22.406484603Z"
      },
      "www.idt21.de": {
        "record_type": "A",
        "resolved_at": "2024-02-13T18:18:44.641362678Z"
      },
      "pop.swue-netz.de": {
        "record_type": "A",
        "resolved_at": "2024-03-02T17:33:19.694632699Z"
      },
      "www.dr-bierl.de": {
        "record_type": "A",
        "resolved_at": "2024-02-11T18:08:24.111925832Z"
      },
      "www.pflegequalitaet-schulz.de": {
        "record_type": "A",
        "resolved_at": "2024-02-24T17:23:59.221445873Z"
      },
      "swue-netz.de": {
        "record_type": "A",
        "resolved_at": "2024-03-02T17:33:19.112584693Z"
      },
      "delphin-potential.de": {
        "record_type": "A",
        "resolved_at": "2024-02-05T18:36:01.165388264Z"
      },
      "christineputz.de": {
        "record_type": "A",
        "resolved_at": "2024-02-24T17:20:14.878808427Z"
      },
      "md-maler.de": {
        "record_type": "A",
        "resolved_at": "2024-02-14T17:07:23.558810377Z"
      },
      "www.euro-top-one.net": {
        "record_type": "A",
        "resolved_at": "2023-01-29T16:33:52.810761496Z"
      },
      "synoptikfibel.de": {
        "record_type": "A",
        "resolved_at": "2024-02-11T18:14:57.172371022Z"
      },
      "www.brauer-tischlerei.de": {
        "record_type": "A",
        "resolved_at": "2024-02-18T17:46:31.243990337Z"
      },
      "smtp.delphin-potential.de": {
        "record_type": "A",
        "resolved_at": "2024-03-01T17:46:11.181649878Z"
      },
      "server2.webgo24.de": {
        "record_type": "A",
        "resolved_at": "2024-02-19T17:32:28.691783495Z"
      },
      "mail1.jb-it.support": {
        "record_type": "A",
        "resolved_at": "2024-02-28T23:22:22.783077Z"
      },
      "jm-medpro.de": {
        "record_type": "A",
        "resolved_at": "2024-02-22T17:40:14.233216303Z"
      },
      "www.mit-kidz.de": {
        "record_type": "A",
        "resolved_at": "2024-02-20T18:09:12.501706362Z"
      },
      "smtp.bader.support": {
        "record_type": "A",
        "resolved_at": "2024-03-02T22:24:44.833476306Z"
      },
      "livesol.de": {
        "record_type": "A",
        "resolved_at": "2024-02-12T17:39:22.374432877Z"
      },
      "tanjabauer-uebersetzt.de": {
        "record_type": "A",
        "resolved_at": "2024-02-22T17:46:53.450356948Z"
      },
      "mail1.elli-john.de": {
        "record_type": "A",
        "resolved_at": "2024-02-21T17:42:22.964629778Z"
      },
      "concaer.de": {
        "record_type": "A",
        "resolved_at": "2024-02-13T18:16:52.188479152Z"
      },
      "smtp.synoptikfibel.de": {
        "record_type": "A",
        "resolved_at": "2024-02-21T17:46:37.731501264Z"
      },
      "www.swue-netz.de": {
        "record_type": "A",
        "resolved_at": "2024-02-22T17:43:21.392503560Z"
      },
      "hug-sz.de": {
        "record_type": "A",
        "resolved_at": "2024-02-23T18:09:57.417505295Z"
      },
      "mail1.tanjabauer-uebersetzt.de": {
        "record_type": "A",
        "resolved_at": "2024-03-02T17:36:30.232351613Z"
      },
      "www.elli-john.de": {
        "record_type": "A",
        "resolved_at": "2024-02-18T17:47:00.312216263Z"
      },
      "www.matthias-fischbach.de": {
        "record_type": "A",
        "resolved_at": "2024-02-25T18:09:50.876496087Z"
      },
      "www.energiepreiserhoehung.de": {
        "record_type": "A",
        "resolved_at": "2023-02-11T14:35:47.819613642Z"
      },
      "www.bbs-rutke.de": {
        "record_type": "A",
        "resolved_at": "2024-02-28T17:50:43.983106722Z"
      },
      "smtp.macstreff.de": {
        "record_type": "A",
        "resolved_at": "2023-08-19T16:40:06.247735035Z"
      },
      "swueb.de": {
        "record_type": "A",
        "resolved_at": "2024-02-14T17:01:04.383587311Z"
      },
      "bader.systems": {
        "record_type": "A",
        "resolved_at": "2024-02-21T00:01:00.044540949Z"
      },
      "aua-autoservice.de": {
        "record_type": "A",
        "resolved_at": "2024-02-28T17:50:29.602570010Z"
      },
      "mit-kidz.de": {
        "record_type": "A",
        "resolved_at": "2024-02-13T18:21:28.306829147Z"
      },
      "macstreff.de": {
        "record_type": "A",
        "resolved_at": "2023-08-26T17:31:23.460691966Z"
      },
      "mail2.swueb.de": {
        "record_type": "A",
        "resolved_at": "2024-02-13T18:23:10.937421349Z"
      },
      "energieberater-ordowski.de": {
        "record_type": "A",
        "resolved_at": "2024-02-17T17:58:32.121623819Z"
      },
      "www.schornsteinfeger-ordowski.de": {
        "record_type": "A",
        "resolved_at": "2024-02-12T17:41:15.553546781Z"
      },
      "john-bader.de": {
        "record_type": "A",
        "resolved_at": "2024-03-02T17:31:25.580636541Z"
      },
      "www.physio-donau.de": {
        "record_type": "A",
        "resolved_at": "2023-10-29T17:33:19.702550363Z"
      },
      "minihold.de": {
        "record_type": "A",
        "resolved_at": "2024-02-20T18:08:33.273221599Z"
      },
      "www.livesol.de": {
        "record_type": "A",
        "resolved_at": "2024-02-20T18:08:37.703924671Z"
      },
      "www.malerbetriebmueller.de": {
        "record_type": "A",
        "resolved_at": "2024-02-29T17:57:37.493961132Z"
      },
      "pop.elli-bader.de": {
        "record_type": "A",
        "resolved_at": "2024-02-05T18:36:08.371022152Z"
      },
      "physio-donau.de": {
        "record_type": "A",
        "resolved_at": "2023-10-24T17:55:23.903947814Z"
      },
      "rwbaugeschaeft.de": {
        "record_type": "A",
        "resolved_at": "2024-02-14T16:19:58.482045702Z"
      },
      "pop.synoptikfibel.de": {
        "record_type": "A",
        "resolved_at": "2024-03-01T17:51:48.514704304Z"
      },
      "www.frauenhofpalais.de": {
        "record_type": "A",
        "resolved_at": "2024-03-02T17:30:25.868030321Z"
      },
      "www.chorisma-velbert.de": {
        "record_type": "A",
        "resolved_at": "2023-01-29T14:36:48.381819586Z"
      },
      "www.swueb.de": {
        "record_type": "A",
        "resolved_at": "2024-02-27T17:26:36.766820251Z"
      },
      "www.macstreff.de": {
        "record_type": "A",
        "resolved_at": "2023-08-12T16:39:32.573812564Z"
      },
      "mail2.john-bader.de": {
        "record_type": "A",
        "resolved_at": "2024-02-24T17:22:16.443324376Z"
      },
      "smtp.elli-bader.de": {
        "record_type": "A",
        "resolved_at": "2024-02-27T17:21:33.870790205Z"
      },
      "euro-top-one.com": {
        "record_type": "A",
        "resolved_at": "2024-03-01T15:24:26.572160496Z"
      },
      "elli-bader.de": {
        "record_type": "A",
        "resolved_at": "2024-03-02T17:29:46.600515469Z"
      },
      "www.minihold.de": {
        "record_type": "A",
        "resolved_at": "2024-02-25T18:09:44.843427493Z"
      },
      "www.tanjabauer-uebersetzt.de": {
        "record_type": "A",
        "resolved_at": "2024-02-22T17:46:54.436538984Z"
      },
      "wille-schenk.de": {
        "record_type": "A",
        "resolved_at": "2024-03-01T18:00:05.379759451Z"
      },
      "www.wille-schenk.de": {
        "record_type": "A",
        "resolved_at": "2024-02-08T18:00:00.929268062Z"
      },
      "smtp.bader.systems": {
        "record_type": "A",
        "resolved_at": "2024-02-18T22:34:19.256840446Z"
      },
      "smtp.frauenhofpalais.de": {
        "record_type": "A",
        "resolved_at": "2024-02-22T17:39:43.136811718Z"
      },
      "elli-john.de": {
        "record_type": "A",
        "resolved_at": "2024-02-19T17:18:36.295326766Z"
      },
      "www.energieberater-ordowski.de": {
        "record_type": "A",
        "resolved_at": "2024-02-25T18:06:55.549041224Z"
      },
      "mail2.divh.de": {
        "record_type": "A",
        "resolved_at": "2024-02-11T18:08:07.729651129Z"
      },
      "ruetten-stb.de": {
        "record_type": "A",
        "resolved_at": "2024-02-20T18:10:32.936736445Z"
      },
      "nsgos.fh28.de": {
        "record_type": "A",
        "resolved_at": "2024-02-01T17:14:51.969558342Z"
      },
      "www.buergernahes-bayern.de": {
        "record_type": "A",
        "resolved_at": "2023-11-01T18:29:09.186372170Z"
      },
      "brauer-tischlerei.de": {
        "record_type": "A",
        "resolved_at": "2024-02-25T18:05:40.206408180Z"
      },
      "pop.bader.support": {
        "record_type": "A",
        "resolved_at": "2024-02-14T19:56:58.842724907Z"
      },
      "it-support.john-bader.de": {
        "record_type": "A",
        "resolved_at": "2024-02-24T17:22:16.199609456Z"
      },
      "www.synoptikfibel.de": {
        "record_type": "A",
        "resolved_at": "2024-03-02T17:33:28.470455765Z"
      },
      "kosmetikpraxis-erkrath.de": {
        "record_type": "A",
        "resolved_at": "2024-02-27T17:23:53.620559610Z"
      },
      "malerbetriebmueller.de": {
        "record_type": "A",
        "resolved_at": "2024-02-20T18:08:29.573212919Z"
      },
      "www.aua-autoservice.de": {
        "record_type": "A",
        "resolved_at": "2024-03-01T17:44:31.925579544Z"
      },
      "adelheidhenke.de": {
        "record_type": "A",
        "resolved_at": "2024-03-01T17:45:01.120480170Z"
      },
      "www.idt21.com": {
        "record_type": "A",
        "resolved_at": "2024-02-27T15:35:16.381608659Z"
      },
      "mail1.john-bader.de": {
        "record_type": "A",
        "resolved_at": "2024-02-27T17:22:32.166970823Z"
      },
      "dr-bierl.de": {
        "record_type": "A",
        "resolved_at": "2024-02-16T16:45:33.026583255Z"
      },
      "mail1.divh.de": {
        "record_type": "A",
        "resolved_at": "2024-02-28T17:51:55.233380488Z"
      },
      "www.hug-sz.de": {
        "record_type": "A",
        "resolved_at": "2024-02-22T17:39:52.703036461Z"
      },
      "pop.bader.systems": {
        "record_type": "A",
        "resolved_at": "2024-02-15T23:07:47.037718204Z"
      },
      "www.md-maler.de": {
        "record_type": "A",
        "resolved_at": "2024-02-12T17:39:40.325519797Z"
      },
      "idt21.de": {
        "record_type": "A",
        "resolved_at": "2024-02-29T17:56:06.499368498Z"
      },
      "www.lutz-arnold.eu": {
        "record_type": "A",
        "resolved_at": "2024-02-09T19:47:26.213916700Z"
      },
      "pop.hug-sz.de": {
        "record_type": "A",
        "resolved_at": "2024-02-08T17:47:42.283684010Z"
      },
      "kaiser-schornsteinfeger.de": {
        "record_type": "A",
        "resolved_at": "2024-02-19T17:20:27.006468369Z"
      },
      "www.euro-top-one.de": {
        "record_type": "A",
        "resolved_at": "2024-02-17T17:58:28.865612033Z"
      },
      "pop.frauenhofpalais.de": {
        "record_type": "A",
        "resolved_at": "2024-02-28T17:52:32.898802809Z"
      },
      "www.adelheidhenke.de": {
        "record_type": "A",
        "resolved_at": "2024-02-25T18:05:08.337485535Z"
      },
      "smtp.hug-sz.de": {
        "record_type": "A",
        "resolved_at": "2024-02-21T17:43:33.184666568Z"
      },
      "www.elli-bader.de": {
        "record_type": "A",
        "resolved_at": "2024-02-27T17:21:34.309748398Z"
      },
      "bvbs-homann.de": {
        "record_type": "A",
        "resolved_at": "2024-03-02T17:28:55.559982469Z"
      },
      "www.concaer.de": {
        "record_type": "A",
        "resolved_at": "2024-02-25T18:05:43.998994275Z"
      }
    },
    "reverse_dns": {
      "names": [
        "server2.webgo24.de"
      ],
      "resolved_at": "2024-02-25T12:02:32.038526321Z"
    }
  },
  "last_updated_at": "2024-03-03T01:33:17.024Z",
  "labels": [
    "database",
    "email",
    "file-sharing",
    "login-page",
    "remote-access"
  ]
}