{"report_id":"38345008-95a7-4d0f-8223-023db5b88e95","version":6,"status":"done","tags":[],"date":"2026-01-30T18:00:18Z","url":{"schema":"http","addr":"uq08webzoom.us","fqdn":"uq08webzoom.us","domain":"uq08webzoom.us","tld":"us"},"ip":{"addr":"188.227.197.32","port":0,"asn":46450,"as":"PILOT","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"uq08webzoom.us/","fqdn":"uq08webzoom.us","domain":"uq08webzoom.us","tld":"us"},"title":"Welcome to nginx!","dom":{"size":597,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"acaa6da5961cecbc0eef9a058d8ab0fb","sha1":"88a7a4df4562062b364a433b91505828b2fc5304","sha256":"9151a9b8cbfa6144b5bbc1f149ffb48096390d54964cf4e87da8087e174760df","sha512":"5562c3ec07b36c8a76eed8a6adc5c88f1fdb8130a2e40f574389a98173eaba28ddd0be2a482841f9234f93b47e6f023c9002be9f3e0b5070f947d340134031d2","ssdeep":"","tlshash":"a0f0ac9be3412227b893430138b76a653b9403a40328db6578c70ed6db2a963f5279b4","dom_hash":"domhashb9372856b43d260d5487fdef93f9845b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"uq08webzoom.us","fqdn":"uq08webzoom.us","domain":"uq08webzoom.us","tld":"us"},"ip":{"addr":"188.227.197.32","port":0,"asn":46450,"as":"PILOT","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-06T18:00:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T17:59:58Z","timestamp":1769795998,"ip_dst":{"addr":"Client IP","port":37310,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"188.227.197.32","port":80,"asn":46450,"as":"PILOT","country":"United States","country_code":"US"},"severity":"medium","alert":"ET INFO Unconfigured nginx Access","source":"{\"timestamp\":\"2026-01-30T17:59:58.478594+0000\",\"flow_id\":1788385486109701,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"188.227.197.32\",\"src_port\":80,\"dest_ip\":\"172.18.0.41\",\"dest_port\":37310,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023668,\"rev\":4,\"signature\":\"ET INFO Unconfigured nginx Access\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2016_12_19\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"uq08webzoom.us\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":615},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":615,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":1090,\"bytes_toclient\":1367,\"start\":\"2026-01-30T17:59:58.064517+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"uq08webzoom.us","ip":{"addr":"188.227.197.32","port":443,"asn":46450,"as":"PILOT","country":"United States","country_code":"US"},"domain_registered":"2026-01-30","domain_rank":0,"first_seen":"2026-01-30T16:53:13.068798Z","last_seen":"2026-01-30T16:53:13.068798Z","alert_count":2,"request_count":3,"received_data":1334,"sent_data":1235,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"uq08webzoom.us/","fqdn":"uq08webzoom.us","domain":"uq08webzoom.us","tld":"us"},"ip":{"addr":"188.227.197.32","port":443,"asn":46450,"as":"PILOT","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-30T17:59:57.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uq08webzoom.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 15:26:21 GMT","end":"Thu, 30 Apr 2026 15:26:20 GMT"},"fingerprint":{"sha1":"D4:AF:D2:AC:1D:90:A8:3A:50:F0:03:EB:43:CD:E9:B2:4F:6D:93:21","sha256":"C6:6B:91:63:33:6C:11:83:38:38:5D:76:B3:1F:E3:57:C1:FD:E7:7F:8C:37:5B:A6:D0:F9:58:67:3D:48:81:A9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: uq08webzoom.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.1\r\nDate: Fri, 30 Jan 2026 17:59:57 GMT\r\nContent-Type: text/plain\r\nContent-Length: 18\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"53af239ee5d3e261545dededcb6ffd57","sha1":"04ca7e137e1e9feead96a7df45bb67d5ab3de190","sha256":"99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094","sha512":"c734e4a5ff5d335a91518dbf47861bdaf8012af49371dcd2e3350e269c9a5a1cc094114d17c4f5b053f3757b4b07487ebd0d309c91ef97acf4665cc5d5c9a2d3","ssdeep":"","tlshash":"ec70000c080202082020002822800020080802002a802220000aa00882000000800888","first_seen":"2023-04-05T07:16:36Z","last_seen":"2026-06-07T03:10:54.788168Z","times_seen":4019,"resource_available":true,"data":null}},"time_used":915,"timings":{"blocked":300,"dns":72,"connect":102,"send":0,"wait":315,"receive":0,"ssl":124},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T17:59:58Z","timestamp":1769795998,"ip_dst":{"addr":"172.18.0.41","port":37310,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"188.227.197.32","port":80,"asn":46450,"as":"PILOT","country":"United States","country_code":"US"},"severity":"medium","alert":"ET INFO Unconfigured nginx Access","source":"{\"timestamp\":\"2026-01-30T17:59:58.478594+0000\",\"flow_id\":1788385486109701,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"188.227.197.32\",\"src_port\":80,\"dest_ip\":\"172.18.0.41\",\"dest_port\":37310,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023668,\"rev\":4,\"signature\":\"ET INFO Unconfigured nginx Access\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2016_12_19\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"uq08webzoom.us\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":615},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":615,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":1090,\"bytes_toclient\":1367,\"start\":\"2026-01-30T17:59:58.064517+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"uq08webzoom.us/","fqdn":"uq08webzoom.us","domain":"uq08webzoom.us","tld":"us"},"ip":{"addr":"188.227.197.32","port":80,"asn":46450,"as":"PILOT","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-30T17:59:58.066Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: uq08webzoom.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.1\r\nDate: Fri, 30 Jan 2026 17:59:58 GMT\r\nContent-Type: text/html\r\nContent-Length: 615\r\nLast-Modified: Fri, 23 Jan 2026 01:51:58 GMT\r\nConnection: keep-alive\r\nETag: \"6972d43e-267\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":615,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7df3d7cf3358af3f470ac7229387ef94","sha1":"c51a3f0e6de4eb802d5630941c3fd9e1d0efae4b","sha256":"fb47468a2cd3953c7131431991afcc6a2703f14640520102eea0a685a7e8d6de","sha512":"098db3badb76a319c211d685b869e15bbc51e2658a912514b253d2a5ef3a61981dad1726f1ccb494f21b7869e655b88446c5c5c91fd76d4e33885a0b5aef3bad","ssdeep":"","tlshash":"52f0029be3002227b48343013cb35a21775503e40354cb5578c74dd3ef2a913f4175b8","first_seen":"2023-04-05T17:00:03Z","last_seen":"2026-06-07T21:53:30.076876Z","times_seen":12966,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":100,"dns":0,"connect":102,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T17:59:58Z","timestamp":1769795998,"ip_dst":{"addr":"172.18.0.41","port":37310,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"188.227.197.32","port":80,"asn":46450,"as":"PILOT","country":"United States","country_code":"US"},"severity":"medium","alert":"ET INFO Unconfigured nginx Access","source":"{\"timestamp\":\"2026-01-30T17:59:58.478594+0000\",\"flow_id\":1788385486109701,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"188.227.197.32\",\"src_port\":80,\"dest_ip\":\"172.18.0.41\",\"dest_port\":37310,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023668,\"rev\":4,\"signature\":\"ET INFO Unconfigured nginx Access\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2016_12_19\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"uq08webzoom.us\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":615},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":615,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":1090,\"bytes_toclient\":1367,\"start\":\"2026-01-30T17:59:58.064517+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"uq08webzoom.us/favicon.ico","fqdn":"uq08webzoom.us","domain":"uq08webzoom.us","tld":"us"},"ip":{"addr":"188.227.197.32","port":80,"asn":46450,"as":"PILOT","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://uq08webzoom.us/","date":"2026-01-30T17:59:58.377Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: uq08webzoom.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://uq08webzoom.us/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.1\r\nDate: Fri, 30 Jan 2026 17:59:58 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"79257987317c8571012321027791e293","sha1":"b1c49377e53bc54819b3ae1984525d1b642bc566","sha256":"36775e4bb5d05fd99b748c2cc17880babcb92bbf0b94a53c98a207ba26c6a0c7","sha512":"47739c032eb87341cf479b5fbcb3cdd88e6a5d5d6f697f1024303d40d6761f1f807159df894eecc68f93d3a3103af8dd4e545086fd9b3cbc558bc2df7e66a2ef","ssdeep":"","tlshash":"2ac02b2d75137c4cc5a3317423c37080c0ca833764ba4112c440800331cf2998ac3397","first_seen":"2025-12-29T01:41:27.472296Z","last_seen":"2026-06-03T15:23:18.904171Z","times_seen":2112,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}