103.188.166.100

As of: Dec 04, 2022 5:37am UTC | Latest
{
  "ip": "103.188.166.100",
  "services": [
    {
      "_decoded": "smb",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "SMB SMB 2.1",
      "banner_hashes": [
        "sha256:51d9f41a595c653b76dbff0adeec37710decd99e91825ba2de9ef6e273bfcaf0"
      ],
      "banner_hex": "534d4220534d4220322e31",
      "extended_service_name": "SMB",
      "observed_at": "2022-12-04T05:37:13.217385555Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 445,
      "service_name": "SMB",
      "smb": {
        "smb_version": {
          "major": 2,
          "minor": 1,
          "version_string": "SMB 2.1",
          "revision": 0
        },
        "smb_capabilities": {
          "smb_dfs_support": true,
          "smb_leasing_support": true,
          "smb_multicredit_support": true,
          "smb_multichan_support": false,
          "smb_persistent_handle_support": false,
          "smb_directory_leasing_support": false,
          "smb_encryption_support": false
        },
        "has_ntlm": true,
        "negotiation_log": {
          "header_log": {
            "_encoding": {
              "protocol_id": "DISPLAY_HEX"
            },
            "protocol_id": "00000000fe534d42",
            "credits": 1,
            "flags": 1,
            "status": 0,
            "command": 0
          },
          "security_mode": 1,
          "dialect_revision": 528,
          "_encoding": {
            "server_guid": "DISPLAY_HEX"
          },
          "server_guid": "000000000000000000000000000000001e86c22afde4424283b3a7503359af21",
          "capabilities": 7,
          "system_time": 1670107033,
          "server_start_time": 1240428288,
          "authentication_types": [
            "1.3.6.1.4.1.311.2.2.30",
            "1.3.6.1.4.1.311.2.2.10"
          ]
        },
        "session_setup_log": {
          "header_log": {
            "_encoding": {
              "protocol_id": "DISPLAY_HEX"
            },
            "protocol_id": "00000000fe534d42",
            "status": 3221225494,
            "command": 1,
            "credits": 1,
            "flags": 1
          },
          "target_name": "HOME-PC",
          "negotiate_flags": 2726953477,
          "setup_flags": 0
        },
        "smbv1_support": false
      },
      "source_ip": "167.94.138.60",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "rdp",
      "_encoding": {
        "certificate": "DISPLAY_HEX"
      },
      "certificate": "b37f674f27001377171db5e494cc3c7d213f53a77d846de3e8d14576ef22694a",
      "extended_service_name": "RDP",
      "observed_at": "2022-12-04T05:18:36.971849744Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 3389,
      "rdp": {
        "protocol_flags": {
          "extended_client_data_supported": true,
          "dynvc_graphics_pipeline": true,
          "neg_resp_reserved": true,
          "restricted_admin_mode": true,
          "restricted_auth_mode": true
        },
        "selected_security_protocol": {
          "rdstls": true,
          "raw_value": 4,
          "standard_rdp": false,
          "tls": false,
          "credssp": false,
          "credssp_early_auth": false,
          "error": false,
          "error_ssl_required": false,
          "error_ssl_forbidden": false,
          "error_ssl_cert_missing": false,
          "error_bad_flags": false,
          "error_hybrid_required": false,
          "error_ssl_user_auth_required": false,
          "error_unknown": false
        },
        "x224_cc_pdu_srcref": 13330
      },
      "service_name": "RDP",
      "source_ip": "167.248.133.45",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_RSA_WITH_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "b37f674f27001377171db5e494cc3c7d213f53a77d846de3e8d14576ef22694a",
          "leaf_data": {
            "subject_dn": "CN=HOME-PC",
            "issuer_dn": "CN=HOME-PC",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "ac68076e1cd7b6cc447a51bb02219960ac4e6a8f2e271bc55ed1ab1492f17147",
            "fingerprint": "b37f674f27001377171db5e494cc3c7d213f53a77d846de3e8d14576ef22694a",
            "issuer": {
              "common_name": [
                "HOME-PC"
              ]
            },
            "subject": {
              "common_name": [
                "HOME-PC"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "tRd8/+NlsvQfMzSJBJFGBsOmFIKES4wM+lkfIDA/YTkYAMe5bCRjCd7gGaN7tiTk7vPnn/IsA/iE48dDui4xHtf4Mki3DwzfLDfxmtA8tBzESKFbgVmk+uMfEi8X3YiJsgGbA1fG5aJ2ZSOtAGTsSse4kTfn6djBaopPV0yhVvc2DlCsMn6w44zS2NeW5OuT3gSUdHoJgb+M9y7Lq0qSHsFk9bicMfSdxW6abgmggGjS1e7tVYBZiiV2CwQgod2wGiD2hlWYnjyqaQBpcC9WuDt+tnyIhcNLpM9ks9Rqdow5wla5bxdaIxfKUktE6ZhkLdJ5RYqUy6/IdQLMJ4tyWQ==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "e424568a01bdf250c9b6c287102f62266f2dd9bcc0e4004d00d9e1fe23ebdfd1"
            },
            "signature": {
              "self_signed": true,
              "signature_algorithm": "SHA256-RSA"
            }
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "f75082535b4a79c07b31bdd0e2b7eb87"
      },
      "transport_fingerprint": {
        "raw": "64000,128,true,MNWNNS,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Asia",
    "country": "Vietnam",
    "country_code": "VN",
    "postal_code": "",
    "timezone": "Asia/Bangkok",
    "coordinates": {
      "latitude": 16.1667,
      "longitude": 107.8333
    },
    "registered_country": "Vietnam",
    "registered_country_code": "VN"
  },
  "location_updated_at": "2022-12-03T09:52:15.495361Z",
  "autonomous_system": {
    "asn": 149107,
    "description": "TRUMVPS-VN TRUMVPS COMPANY LIMITED",
    "bgp_prefix": "103.188.166.0/23",
    "name": "TRUMVPS-VN TRUMVPS COMPANY LIMITED",
    "country_code": "VN"
  },
  "autonomous_system_updated_at": "2022-12-03T09:52:15.540753Z",
  "dns": {},
  "last_updated_at": "2022-12-04T05:37:14.200Z"
}