104.140.97.39
As of: Oct 02, 2023 5:17pm UTC |
Latest
{
"ip": "104.140.97.39",
"services": [
{
"_decoded": "ssh",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "SSH-2.0-OpenSSH_7.4",
"banner_hashes": [
"sha256:be0da7ee170f9a69bc13b9e61ecfc9110c27db40f3f2e4c0ffae6741f064af8a"
],
"banner_hex": "5353482d322e302d4f70656e5353485f372e34",
"discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
"extended_service_name": "SSH",
"labels": [
"remote-access"
],
"observed_at": "2023-10-02T09:17:10.692708788Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 22,
"service_name": "SSH",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:openbsd:openssh:7.4:*:*:*:*:*:*:*",
"part": "a",
"vendor": "OpenBSD",
"product": "OpenSSH",
"version": "7.4",
"other": {
"family": "OpenSSH"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "162.142.125.13",
"ssh": {
"endpoint_id": {
"_encoding": {
"raw": "DISPLAY_UTF8"
},
"raw": "SSH-2.0-OpenSSH_7.4",
"protocol_version": "2.0",
"software_version": "OpenSSH_7.4"
},
"kex_init_message": {
"kex_algorithms": [
"curve25519-sha256",
"[email protected]",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group16-sha512",
"diffie-hellman-group18-sha512",
"diffie-hellman-group-exchange-sha1",
"diffie-hellman-group14-sha256",
"diffie-hellman-group14-sha1",
"diffie-hellman-group1-sha1"
],
"host_key_algorithms": [
"ssh-rsa",
"rsa-sha2-512",
"rsa-sha2-256",
"ecdsa-sha2-nistp256",
"ssh-ed25519"
],
"client_to_server_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]",
"aes128-cbc",
"aes192-cbc",
"aes256-cbc",
"blowfish-cbc",
"cast128-cbc",
"3des-cbc"
],
"server_to_client_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]",
"aes128-cbc",
"aes192-cbc",
"aes256-cbc",
"blowfish-cbc",
"cast128-cbc",
"3des-cbc"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"client_to_server_compression": [
"none",
"[email protected]"
],
"server_to_client_compression": [
"none",
"[email protected]"
],
"first_kex_follows": false
},
"algorithm_selection": {
"kex_algorithm": "[email protected]",
"host_key_algorithm": "ecdsa-sha2-nistp256",
"client_to_server_alg_group": {
"cipher": "aes128-ctr",
"mac": "hmac-sha2-256",
"compression": "none"
},
"server_to_client_alg_group": {
"cipher": "aes128-ctr",
"mac": "hmac-sha2-256",
"compression": "none"
}
},
"server_host_key": {
"fingerprint_sha256": "c67b5da8cc8b3b9a7478a69b2d300e96e963ecb2131ea2e39fa9745068eea4f3",
"ecdsa_public_key": {
"_encoding": {
"b": "DISPLAY_BASE64",
"gx": "DISPLAY_BASE64",
"gy": "DISPLAY_BASE64",
"n": "DISPLAY_BASE64",
"p": "DISPLAY_BASE64",
"x": "DISPLAY_BASE64",
"y": "DISPLAY_BASE64"
},
"b": "WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=",
"curve": "P-256",
"gx": "axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=",
"gy": "T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=",
"length": 256,
"n": "/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=",
"p": "/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=",
"x": "bMsiuhc0yOl4dIeznnthVlAzur6BEwr53QFnYmWUJVI=",
"y": "HpAj22u+XOQIiJnwzpSQ87VGBw4N7Q7YJBgId/9SbT0="
}
},
"hassh_fingerprint": "6832f1ce43d4397c2c0a3e2f8c94334e"
},
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 403 Forbidden\r\nServer: nginx\r\nDate: <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: keep-alive\r\n",
"banner_hashes": [
"sha256:1f6eb87c74eeaa327aef3461376c4820fafb84dc032ce3d69c5134a3546ae183"
],
"banner_hex": "485454502f312e312034303320466f7262696464656e0d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203136320d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://104.140.97.39/",
"headers": {
"Accept": [
"*/*"
],
"_encoding": {
"Accept": "DISPLAY_UTF8",
"User_Agent": "DISPLAY_UTF8"
},
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 403,
"status_reason": "Forbidden",
"headers": {
"Content_Length": [
"162"
],
"_encoding": {
"Content_Length": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8"
},
"Content_Type": [
"text/html"
],
"Connection": [
"keep-alive"
],
"Server": [
"nginx"
],
"Date": [
"<REDACTED>"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>403 Forbidden</title>"
],
"body_size": 162,
"body": "<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
"body_hashes": [
"sha256:1d08335e65da7cf40d1c4a7ba0088e0f39b9c5a4b2e42de95fc9ffa69fb96c7a",
"sha1:6c665dcfb0303a67024de3d694f810669ae188e2"
],
"body_hash": "sha1:6c665dcfb0303a67024de3d694f810669ae188e2",
"html_title": "403 Forbidden"
},
"supports_http2": false
},
"observed_at": "2023-10-02T14:15:30.164492951Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 80,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "nginx",
"product": "nginx",
"other": {
"family": "nginx"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.36",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 178\r\nConnection: keep-alive\r\nLocation: https://www.abbasmiles.com/\r\n",
"banner_hashes": [
"sha256:a2e955e13972f28016e2f87702172025be2660581920680ee6c452ce0f7e035d"
],
"banner_hex": "485454502f312e3120333031204d6f766564205065726d616e656e746c790d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203137380d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a4c6f636174696f6e3a2068747470733a2f2f7777772e61626261736d696c65732e636f6d2f0d0a",
"certificate": "75d409bc18a15906191f72758b23ef1e4a1015294febd45d769b85d17090eef3",
"discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
"extended_service_name": "HTTPS",
"http": {
"request": {
"method": "GET",
"uri": "https://104.140.97.39/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 301,
"status_reason": "Moved Permanently",
"headers": {
"Server": [
"nginx"
],
"_encoding": {
"Server": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Location": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8"
},
"Content_Length": [
"178"
],
"Location": [
"https://www.abbasmiles.com/"
],
"Content_Type": [
"text/html"
],
"Date": [
"<REDACTED>"
],
"Connection": [
"keep-alive"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>301 Moved Permanently</title>"
],
"body_size": 178,
"body": "<html>\r\n<head><title>301 Moved Permanently</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>301 Moved Permanently</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
"body_hashes": [
"sha256:bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d",
"sha1:81ffbd1712afe8cdf138b570c0fc9934742c33c1"
],
"body_hash": "sha1:81ffbd1712afe8cdf138b570c0fc9934742c33c1",
"html_title": "301 Moved Permanently"
},
"supports_http2": false
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "2ad2ad0002ad2ad22c2ad2ad2ad2ad4d38a7b5ffb0e5536d09513d9de81205",
"cipher_and_version_fingerprint": "2ad2ad0002ad2ad22c2ad2ad2ad2ad",
"tls_extensions_sha256": "4d38a7b5ffb0e5536d09513d9de81205",
"observed_at": "2023-09-24T17:34:38.904430282Z"
},
"observed_at": "2023-10-02T17:16:10.737110407Z",
"perspective_id": "PERSPECTIVE_TELIA",
"port": 443,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "nginx",
"product": "nginx",
"other": {
"family": "nginx"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.146.55",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "75d409bc18a15906191f72758b23ef1e4a1015294febd45d769b85d17090eef3",
"chain_fps_sha_256": [
"67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
"6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
],
"leaf_data": {
"names": [
"abbasmiles.com",
"www.abbasmiles.com"
],
"subject_dn": "CN=abbasmiles.com",
"issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "40b71b6ac8aa25645bdee31b578b186a41bdbace78525689e0334e1e8a32eaa7",
"fingerprint": "75d409bc18a15906191f72758b23ef1e4a1015294febd45d769b85d17090eef3",
"issuer": {
"common_name": [
"R3"
],
"organization": [
"Let's Encrypt"
],
"country": [
"US"
]
},
"subject": {
"common_name": [
"abbasmiles.com"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "zWy+zuoMC8MkkTqNmlN7nZA00MWn5PXP0bU+5ogyqLybMtiP5lCjRKuZ8M901NoB4hgoFW9fnXeZOxM3LP5SRr8Yr6U2MZ28NyjBUNVnbJpQhPyIzM9oc38DOiki6fdtmHyHu0yifMvePhjDVi+hltCH4Eyz6eGl0C1ylJ5p4NaI4dyPZCyqtt+/atWr0fPLYfU4AaO1jOjrPtfRlvBhRLmAXL47vd/z9NOjR50HsLFQEDt4J3vWnilmyYjoSRO4Y5RuFTiW2Ls+82lBW+DG6ukraAvNee7xxARLTmWaowz8nhU3u4IXz3ZqZeKrHmna5VwkUrStLEfnptJ/P1n9ww==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "aa67b54b9a5a50a5ae473da2f5eb1d0e6c97fc5fc7918983e0dde26d715842bc"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
"subject_dn": "C=US, O=Let's Encrypt, CN=R3",
"issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
},
{
"fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
"subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
"issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 23
}
},
"session_ticket": {
"length": 176,
"lifetime_hint": 300
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "e35df3e00ca4ef31d42b34bebaa2f86e"
},
"transport_protocol": "TCP",
"truncated": false
}
],
"location": {
"continent": "North America",
"country": "United States",
"country_code": "US",
"city": "Dallas",
"postal_code": "75201",
"timezone": "America/Chicago",
"province": "Texas",
"coordinates": {
"latitude": 32.78306,
"longitude": -96.80667
}
},
"location_updated_at": "2023-09-29T16:30:55.216690Z",
"autonomous_system": {
"asn": 62904,
"description": "AS62904",
"bgp_prefix": "104.140.96.0/22",
"name": "AS62904",
"country_code": "US"
},
"autonomous_system_updated_at": "2023-09-29T16:30:55.216701Z",
"operating_system": {
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
"dns": {
"names": [
"krins.net",
"webwayeg.com",
"www.webwayeg.com"
],
"records": {
"webwayeg.com": {
"record_type": "A",
"resolved_at": "2023-09-16T16:36:37.376989388Z"
},
"krins.net": {
"record_type": "A",
"resolved_at": "2023-04-07T19:29:03.391644898Z"
},
"www.webwayeg.com": {
"record_type": "A",
"resolved_at": "2023-09-28T17:15:53.112541125Z"
}
},
"reverse_dns": {
"names": [
"forearm74.classforest.com"
],
"resolved_at": "2023-09-21T10:25:49.787427552Z"
}
},
"last_updated_at": "2023-10-02T17:17:13.753Z",
"labels": [
"remote-access"
]
}