108.163.202.98
As of: Oct 11, 2024 2:47pm UTC |
Latest
{
"ip": "108.163.202.98",
"services": [
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 999 No Hacking\r\nserver: WWW Server/1.1\r\ndate: <REDACTED>\r\ncontent-type: text/html; charset=windows-1252\r\ncontent-length: 1160\r\npragma: no-cache\r\ncache-control: no-cache\r\nexpires: Fri, 11 Oct 2024 14:47:17 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains;\r\ncontent-security-policy-report-only: default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com\r\n",
"banner_hashes": [
"sha256:37e3edef22251a722f7743ca314017af275405b47f4b51c09f48a043e7f76607"
],
"banner_hex": "485454502f312e3120393939204e6f204861636b696e670d0a7365727665723a20575757205365727665722f312e310d0a646174653a203c52454441435445443e0d0a636f6e74656e742d747970653a20746578742f68746d6c3b20636861727365743d77696e646f77732d313235320d0a636f6e74656e742d6c656e6774683a20313136300d0a707261676d613a206e6f2d63616368650d0a63616368652d636f6e74726f6c3a206e6f2d63616368650d0a657870697265733a204672692c203131204f637420323032342031343a34373a313720474d540d0a7374726963742d7472616e73706f72742d73656375726974793a206d61782d6167653d33313533363030303b20696e636c756465537562446f6d61696e733b0d0a636f6e74656e742d73656375726974792d706f6c6963792d7265706f72742d6f6e6c793a2064656661756c742d73726320276e6f6e65273b20626173652d757269202773656c66273b206672616d652d616e636573746f7273202773656c66273b20666f726d2d616374696f6e202773656c66273b20636f6e6e6563742d737263202773656c6627202a2e676f6f676c652d616e616c79746963732e636f6d20636f6c2e736974653234783772756d2e636f6d3b207374796c652d7372632d656c656d202773656c66272027756e736166652d696e6c696e652720666f6e74732e676f6f676c65617069732e636f6d202a2e626f6f74737472617063646e2e636f6d3b207363726970742d7372632d656c656d202773656c66272027756e736166652d696e6c696e6527202a2e676f6f676c657461676d616e616765722e636f6d202a2e676f6f676c65617069732e636f6d202a2e736974653234783772756d2e636f6d202a2e676f6f676c652d616e616c79746963732e636f6d202a2e626f6f74737472617063646e2e636f6d3b20696d672d737263202773656c66273b20666f6e742d737263202773656c662720666f6e74732e677374617469632e636f6d206d617863646e2e626f6f74737472617063646e2e636f6d0d0a",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://108.163.202.98/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 999,
"status_reason": "No Hacking",
"headers": {
"cache_control": [
"no-cache"
],
"_encoding": {
"cache_control": "DISPLAY_UTF8",
"date": "DISPLAY_UTF8",
"expires": "DISPLAY_UTF8",
"content_type": "DISPLAY_UTF8",
"server": "DISPLAY_UTF8",
"content_security_policy_report_only": "DISPLAY_UTF8",
"pragma": "DISPLAY_UTF8",
"content_length": "DISPLAY_UTF8",
"strict_transport_security": "DISPLAY_UTF8"
},
"date": [
"<REDACTED>"
],
"expires": [
"Fri, 11 Oct 2024 14:47:17 GMT"
],
"content_type": [
"text/html; charset=windows-1252"
],
"server": [
"WWW Server/1.1"
],
"content_security_policy_report_only": [
"default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com"
],
"pragma": [
"no-cache"
],
"content_length": [
"1160"
],
"strict_transport_security": [
"max-age=31536000; includeSubDomains;"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<TITLE>WebKnight Application Firewall Alert</TITLE>",
"<META NAME=\"ROBOTS\" CONTENT=\"NOINDEX\">"
],
"body_size": 1160,
"body": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\r\n<HTML>\r\n<HEAD>\r\n<TITLE>WebKnight Application Firewall Alert</TITLE>\r\n<META NAME=\"ROBOTS\" CONTENT=\"NOINDEX\">\r\n</HEAD>\r\n<BODY text=\"#000000\" vlink=\"#FF3300\" link=\"#FF3300\" bgcolor=\"#ffffff\">\r\n<TABLE cellspacing=\"5\" cellpadding=\"3\" width=\"410\">\r\n<TR>\r\n<TD align=\"left\">\r\n<FONT face=\"Verdana,Arial,Helvetica\" size=\"2\">\r\n<FONT size=\"3\"><B>WebKnight Application Firewall Alert</B></FONT><BR><BR><BR>\r\nYour request triggered an alert! If you feel that you have received this page in error, please contact the administrator of this web site.\r\n<BR>\r\n<HR>\r\n<BR><B>What is WebKnight?</B><BR>\r\nAQTRONIX WebKnight is an application firewall for web servers and is released under the GNU General Public License. It is an ISAPI filter for securing web servers by blocking certain requests. If an alert is triggered WebKnight will take over and protect the web server.<BR><BR>\r\n<HR>\r\n<BR>For more information on WebKnight: <A HREF=\"http://www.aqtronix.com/webknight/\">http://www.aqtronix.com/WebKnight/</A><BR><BR>\r\n<B><FONT color=\"#FF3300\">AQTRONIX</FONT> WebKnight</B></FONT>\r\n</TD>\r\n</TR>\r\n</TABLE>\r\n</BODY>\r\n</HTML>",
"body_hashes": [
"sha256:b26e7904e549025dc41c8205638e86ab1de19060b526d1a4035bad7333b7bbaf",
"sha1:6c6c91eb5535b48857da0129027ccfccde8a1c7a"
],
"body_hash": "sha1:6c6c91eb5535b48857da0129027ccfccde8a1c7a",
"html_title": "WebKnight Application Firewall Alert"
},
"supports_http2": true
},
"observed_at": "2024-10-11T14:47:17.402331484Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 80,
"service_name": "HTTP",
"source_ip": "162.142.125.215",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 999 No Hacking\r\nserver: WWW Server/1.1\r\ndate: <REDACTED>\r\ncontent-type: text/html; charset=windows-1252\r\ncontent-length: 1160\r\npragma: no-cache\r\ncache-control: no-cache\r\nexpires: Thu, 10 Oct 2024 23:27:49 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains;\r\ncontent-security-policy-report-only: default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com\r\n",
"banner_hashes": [
"sha256:4b94fecb4aef79f2ac49464411f6c8c819bb930ac115b4855ba497141916fe9c"
],
"banner_hex": "485454502f312e3120393939204e6f204861636b696e670d0a7365727665723a20575757205365727665722f312e310d0a646174653a203c52454441435445443e0d0a636f6e74656e742d747970653a20746578742f68746d6c3b20636861727365743d77696e646f77732d313235320d0a636f6e74656e742d6c656e6774683a20313136300d0a707261676d613a206e6f2d63616368650d0a63616368652d636f6e74726f6c3a206e6f2d63616368650d0a657870697265733a205468752c203130204f637420323032342032333a32373a343920474d540d0a7374726963742d7472616e73706f72742d73656375726974793a206d61782d6167653d33313533363030303b20696e636c756465537562446f6d61696e733b0d0a636f6e74656e742d73656375726974792d706f6c6963792d7265706f72742d6f6e6c793a2064656661756c742d73726320276e6f6e65273b20626173652d757269202773656c66273b206672616d652d616e636573746f7273202773656c66273b20666f726d2d616374696f6e202773656c66273b20636f6e6e6563742d737263202773656c6627202a2e676f6f676c652d616e616c79746963732e636f6d20636f6c2e736974653234783772756d2e636f6d3b207374796c652d7372632d656c656d202773656c66272027756e736166652d696e6c696e652720666f6e74732e676f6f676c65617069732e636f6d202a2e626f6f74737472617063646e2e636f6d3b207363726970742d7372632d656c656d202773656c66272027756e736166652d696e6c696e6527202a2e676f6f676c657461676d616e616765722e636f6d202a2e676f6f676c65617069732e636f6d202a2e736974653234783772756d2e636f6d202a2e676f6f676c652d616e616c79746963732e636f6d202a2e626f6f74737472617063646e2e636f6d3b20696d672d737263202773656c66273b20666f6e742d737263202773656c662720666f6e74732e677374617469632e636f6d206d617863646e2e626f6f74737472617063646e2e636f6d0d0a",
"certificate": "0b36eb6cb526a11bd110a98f8c871ecad79bca44cd14c6b9f5f8abc4ff732494",
"extended_service_name": "HTTPS",
"http": {
"request": {
"method": "GET",
"uri": "https://108.163.202.98/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 999,
"status_reason": "No Hacking",
"headers": {
"cache_control": [
"no-cache"
],
"_encoding": {
"cache_control": "DISPLAY_UTF8",
"date": "DISPLAY_UTF8",
"expires": "DISPLAY_UTF8",
"content_type": "DISPLAY_UTF8",
"server": "DISPLAY_UTF8",
"content_security_policy_report_only": "DISPLAY_UTF8",
"pragma": "DISPLAY_UTF8",
"content_length": "DISPLAY_UTF8",
"strict_transport_security": "DISPLAY_UTF8"
},
"date": [
"<REDACTED>"
],
"expires": [
"Thu, 10 Oct 2024 23:27:49 GMT"
],
"content_type": [
"text/html; charset=windows-1252"
],
"server": [
"WWW Server/1.1"
],
"content_security_policy_report_only": [
"default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com"
],
"pragma": [
"no-cache"
],
"content_length": [
"1160"
],
"strict_transport_security": [
"max-age=31536000; includeSubDomains;"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<TITLE>WebKnight Application Firewall Alert</TITLE>",
"<META NAME=\"ROBOTS\" CONTENT=\"NOINDEX\">"
],
"body_size": 1160,
"body": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\r\n<HTML>\r\n<HEAD>\r\n<TITLE>WebKnight Application Firewall Alert</TITLE>\r\n<META NAME=\"ROBOTS\" CONTENT=\"NOINDEX\">\r\n</HEAD>\r\n<BODY text=\"#000000\" vlink=\"#FF3300\" link=\"#FF3300\" bgcolor=\"#ffffff\">\r\n<TABLE cellspacing=\"5\" cellpadding=\"3\" width=\"410\">\r\n<TR>\r\n<TD align=\"left\">\r\n<FONT face=\"Verdana,Arial,Helvetica\" size=\"2\">\r\n<FONT size=\"3\"><B>WebKnight Application Firewall Alert</B></FONT><BR><BR><BR>\r\nYour request triggered an alert! If you feel that you have received this page in error, please contact the administrator of this web site.\r\n<BR>\r\n<HR>\r\n<BR><B>What is WebKnight?</B><BR>\r\nAQTRONIX WebKnight is an application firewall for web servers and is released under the GNU General Public License. It is an ISAPI filter for securing web servers by blocking certain requests. If an alert is triggered WebKnight will take over and protect the web server.<BR><BR>\r\n<HR>\r\n<BR>For more information on WebKnight: <A HREF=\"http://www.aqtronix.com/webknight/\">http://www.aqtronix.com/WebKnight/</A><BR><BR>\r\n<B><FONT color=\"#FF3300\">AQTRONIX</FONT> WebKnight</B></FONT>\r\n</TD>\r\n</TR>\r\n</TABLE>\r\n</BODY>\r\n</HTML>",
"body_hashes": [
"sha256:b26e7904e549025dc41c8205638e86ab1de19060b526d1a4035bad7333b7bbaf",
"sha1:6c6c91eb5535b48857da0129027ccfccde8a1c7a"
],
"body_hash": "sha1:6c6c91eb5535b48857da0129027ccfccde8a1c7a",
"html_title": "WebKnight Application Firewall Alert"
},
"supports_http2": true
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "23d40d40d00040d00042d43d00000051af7d8070a18e002eaaedf620fa118c",
"cipher_and_version_fingerprint": "23d40d40d00040d00042d43d000000",
"tls_extensions_sha256": "51af7d8070a18e002eaaedf620fa118c",
"observed_at": "2024-09-24T15:54:44.403865702Z"
},
"observed_at": "2024-10-10T23:27:49.466744168Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 443,
"service_name": "HTTP",
"source_ip": "206.168.34.47",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "0b36eb6cb526a11bd110a98f8c871ecad79bca44cd14c6b9f5f8abc4ff732494",
"chain_fps_sha_256": [
"5dfdb3cf31b26f23d87c09f3a0cef642f64069a9fb7cfe29270bb5dc0f1e16bb"
],
"leaf_data": {
"names": [
"freefirstaidkit.afbdirect.com"
],
"subject_dn": "CN=freefirstaidkit.afbdirect.com",
"issuer_dn": "C=US, O=Let's Encrypt, CN=E5",
"pubkey_bit_size": 256,
"pubkey_algorithm": "ECDSA",
"tbs_fingerprint": "24ba195186907807994fdfb68df0e02051af291218b88ae86c59e2df2db7c4da",
"fingerprint": "0b36eb6cb526a11bd110a98f8c871ecad79bca44cd14c6b9f5f8abc4ff732494",
"issuer": {
"common_name": [
"E5"
],
"organization": [
"Let's Encrypt"
],
"country": [
"US"
]
},
"subject": {
"common_name": [
"freefirstaidkit.afbdirect.com"
]
},
"public_key": {
"key_algorithm": "ECDSA",
"ecdsa": {
"_encoding": {
"b": "DISPLAY_BASE64",
"gx": "DISPLAY_BASE64",
"gy": "DISPLAY_BASE64",
"n": "DISPLAY_BASE64",
"p": "DISPLAY_BASE64",
"x": "DISPLAY_BASE64",
"y": "DISPLAY_BASE64"
},
"b": "WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=",
"curve": "P-256",
"gx": "axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=",
"gy": "T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=",
"length": 256,
"n": "/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=",
"p": "/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=",
"x": "ch/+WLxnirMttBTDzbOThVNM6YTEYELmVREtvEFkv3I=",
"y": "bhZnMPa/hYG/zB/eV4Rzi7XbM3OQt8Md+1T3YSN9gpw="
},
"fingerprint": "cf0609a62b806aa0346adc8b647f17f0430721e214d5dc35a8c2ab720e273397"
},
"signature": {
"signature_algorithm": "ECDSA-SHA384",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "5dfdb3cf31b26f23d87c09f3a0cef642f64069a9fb7cfe29270bb5dc0f1e16bb",
"subject_dn": "C=US, O=Let's Encrypt, CN=E5",
"issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891",
"ja4s": "t130200_1303_a56c5b993250",
"versions": [
{
"tls_version": "TLSv1_3",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891",
"ja4s": "t130200_1303_a56c5b993250"
},
{
"tls_version": "TLSv1_2",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "954f7e9207d4c9012fd0692885732b12",
"ja4s": "t120200_cca9_344b4dce5a52"
}
]
},
"transport_protocol": "TCP",
"truncated": false
}
],
"location": {
"continent": "North America",
"country": "United States",
"country_code": "US",
"city": "Franklin Park",
"postal_code": "60131",
"timezone": "America/Chicago",
"province": "Illinois",
"coordinates": {
"latitude": 41.93531,
"longitude": -87.86562
}
},
"location_updated_at": "2024-10-02T05:43:42.250284234Z",
"autonomous_system": {
"asn": 32475,
"description": "SINGLEHOP-LLC",
"bgp_prefix": "108.163.192.0/18",
"name": "SINGLEHOP-LLC",
"country_code": "US"
},
"autonomous_system_updated_at": "2024-10-10T23:27:56.848593386Z",
"whois": {
"network": {
"handle": "SINGLEHOP",
"name": "SingleHop LLC",
"cidrs": [
"108.163.192.0/18"
],
"created": "2011-11-15T00:00:00Z",
"updated": "2018-02-27T00:00:00Z",
"allocation_type": "ALLOCATION"
},
"organization": {
"handle": "SL-1370",
"name": "SingleHop LLC",
"street": "250 Williams Street\\nSuite E-100",
"city": "Atlanta",
"state": "GA",
"postal_code": "30303",
"country": "US",
"abuse_contacts": [
{
"handle": "NETWO1546-ARIN",
"name": "Network Operations",
"email": "[email protected]"
}
],
"admin_contacts": [
{
"handle": "MIKEA15-ARIN",
"name": "Mike Davis",
"email": "[email protected]"
}
],
"tech_contacts": [
{
"handle": "NETWO9886-ARIN",
"name": "Network Engineering",
"email": "[email protected]"
}
]
}
},
"dns": {
"reverse_dns": {
"names": [
"asa5505.aleyant.com"
],
"resolved_at": "2024-10-11T00:30:55.928873825Z"
}
},
"last_updated_at": "2024-10-11T14:47:17.985Z"
}