services.banner
|
HTTP/1.1 999 No Hacking\r\nserver: WWW Server/1.1\r\ndate: <REDACTED>\r\ncontent-type: text/html; charset=windows-1252\r\ncontent-length: 1160\r\npragma: no-cache\r\ncache-control: no-cache\r\nexpires: Tue, 08 Oct 2024 23:36:47 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains;\r\ncontent-security-policy-report-only: default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com\r\n |
|
services.banner_hashes
|
sha256:bbd952a3fbc7ffefdf3d6f876e6ea9d7d1b8504c43e8323a1f7745aa8fb54d9f |
|
services.banner_hex
|
485454502f312e3120393939204e6f204861636b696e670d0a7365727665723a20575757205365727665722f312e310d0a646174653a203c52454441435445443e0d0a636f6e74656e742d747970653a20746578742f68746d6c3b20636861727365743d77696e646f77732d313235320d0a636f6e74656e742d6c656e6774683a20313136300d0a707261676d613a206e6f2d63616368650d0a63616368652d636f6e74726f6c3a206e6f2d63616368650d0a657870697265733a205475652c203038204f637420323032342032333a33363a343720474d540d0a7374726963742d7472616e73706f72742d73656375726974793a206d61782d6167653d33313533363030303b20696e636c756465537562446f6d61696e733b0d0a636f6e74656e742d73656375726974792d706f6c6963792d7265706f72742d6f6e6c793a2064656661756c742d73726320276e6f6e65273b20626173652d757269202773656c66273b206672616d652d616e636573746f7273202773656c66273b20666f726d2d616374696f6e202773656c66273b20636f6e6e6563742d737263202773656c6627202a2e676f6f676c652d616e616c79746963732e636f6d20636f6c2e736974653234783772756d2e636f6d3b207374796c652d7372632d656c656d202773656c66272027756e736166652d696e6c696e652720666f6e74732e676f6f676c65617069732e636f6d202a2e626f6f74737472617063646e2e636f6d3b207363726970742d7372632d656c656d202773656c66272027756e736166652d696e6c696e6527202a2e676f6f676c657461676d616e616765722e636f6d202a2e676f6f676c65617069732e636f6d202a2e736974653234783772756d2e636f6d202a2e676f6f676c652d616e616c79746963732e636f6d202a2e626f6f74737472617063646e2e636f6d3b20696d672d737263202773656c66273b20666f6e742d737263202773656c662720666f6e74732e677374617469632e636f6d206d617863646e2e626f6f74737472617063646e2e636f6d0d0a |
|
services.certificate
|
0b36eb6cb526a11bd110a98f8c871ecad79bca44cd14c6b9f5f8abc4ff732494 |
|
services.extended_service_name
|
HTTPS |
|
services.http.request.method
|
GET |
|
services.http.request.uri
|
https://108.163.202.98/ |
|
services.http.request.headers.User_Agent
|
Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) |
|
services.http.request.headers.Accept
|
*/* |
|
services.http.response.protocol
|
HTTP/1.1 |
|
services.http.response.status_code
|
999 |
|
services.http.response.status_reason
|
No Hacking |
|
services.http.response.headers.cache_control
|
no-cache |
|
services.http.response.headers.date
|
<REDACTED> |
|
services.http.response.headers.expires
|
Tue, 08 Oct 2024 23:36:47 GMT |
|
services.http.response.headers.content_type
|
text/html; charset=windows-1252 |
|
services.http.response.headers.server
|
WWW Server/1.1 |
|
services.http.response.headers.content_security_policy_report_only
|
default-src 'none'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; connect-src 'self' *.google-analytics.com col.site24x7rum.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.bootstrapcdn.com; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.googleapis.com *.site24x7rum.com *.google-analytics.com *.bootstrapcdn.com; img-src 'self'; font-src 'self' fonts.gstatic.com maxcdn.bootstrapcdn.com |
|
services.http.response.headers.pragma
|
no-cache |
|
services.http.response.headers.content_length
|
1160 |
|
services.http.response.headers.strict_transport_security
|
max-age=31536000; includeSubDomains; |
|
services.http.response.html_tags
|
<TITLE>WebKnight Application Firewall Alert</TITLE> |
|
services.http.response.html_tags
|
<META NAME="ROBOTS" CONTENT="NOINDEX"> |
|
services.http.response.body_size
|
1160 |
|
services.http.response.body
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">\r\n<HTML>\r\n<HEAD>\r\n<TITLE>WebKnight Application Firewall Alert</TITLE>\r\n<META NAME="ROBOTS" CONTENT="NOINDEX">\r\n</HEAD>\r\n<BODY text="#000000" vlink="#FF3300" link="#FF3300" bgcolor="#ffffff">\r\n<TABLE cellspacing="5" cellpadding="3" width="410">\r\n<TR>\r\n<TD align="left">\r\n<FONT face="Verdana,Arial,Helvetica" size="2">\r\n<FONT size="3"><B>WebKnight Application Firewall Alert</B></FONT><BR><BR><BR>\r\nYour request triggered an alert! If you feel that you have received this page in error, please contact the administrator of this web site.\r\n<BR>\r\n<HR>\r\n<BR><B>What is WebKnight?</B><BR>\r\nAQTRONIX WebKnight is an application firewall for web servers and is released under the GNU General Public License. It is an ISAPI filter for securing web servers by blocking certain requests. If an alert is triggered WebKnight will take over and protect the web server.<BR><BR>\r\n<HR>\r\n<BR>For more information on WebKnight: <A HREF="http://www.aqtronix.com/webknight/">http://www.aqtronix.com/WebKnight/</A><BR><BR>\r\n<B><FONT color="#FF3300">AQTRONIX</FONT> WebKnight</B></FONT>\r\n</TD>\r\n</TR>\r\n</TABLE>\r\n</BODY>\r\n</HTML> |
|
services.http.response.body_hashes
|
sha256:b26e7904e549025dc41c8205638e86ab1de19060b526d1a4035bad7333b7bbaf |
|
services.http.response.body_hashes
|
sha1:6c6c91eb5535b48857da0129027ccfccde8a1c7a |
|
services.http.response.body_hash
|
sha1:6c6c91eb5535b48857da0129027ccfccde8a1c7a |
|
services.http.response.html_title
|
WebKnight Application Firewall Alert |
|
services.http.supports_http2 |
true |
|
services.jarm.fingerprint
|
23d40d40d00040d00042d43d00000051af7d8070a18e002eaaedf620fa118c |
|
services.jarm.cipher_and_version_fingerprint
|
23d40d40d00040d00042d43d000000 |
|
services.jarm.tls_extensions_sha256
|
51af7d8070a18e002eaaedf620fa118c |
|
services.jarm.observed_at
|
2024-09-24T15:54:44.403865702Z |
|
services.observed_at
|
2024-10-08T23:36:46.209860303Z |
|
services.perspective_id
|
PERSPECTIVE_TELIA |
|
services.port
|
443 |
|
services.service_name
|
HTTP |
|
services.source_ip
|
167.94.146.63 |
|
services.tls.version_selected
|
TLSv1_3 |
|
services.tls.cipher_selected
|
TLS_CHACHA20_POLY1305_SHA256 |
|
services.tls.certificates.leaf_fp_sha_256
|
0b36eb6cb526a11bd110a98f8c871ecad79bca44cd14c6b9f5f8abc4ff732494 |
|
services.tls.certificates.chain_fps_sha_256
|
5dfdb3cf31b26f23d87c09f3a0cef642f64069a9fb7cfe29270bb5dc0f1e16bb |
|
services.tls.certificates.leaf_data.names
|
freefirstaidkit.afbdirect.com |
|
services.tls.certificates.leaf_data.subject_dn
|
CN=freefirstaidkit.afbdirect.com |
|
services.tls.certificates.leaf_data.issuer_dn
|
C=US, O=Let's Encrypt, CN=E5 |
|
services.tls.certificates.leaf_data.pubkey_bit_size
|
256 |
|
services.tls.certificates.leaf_data.pubkey_algorithm
|
ECDSA |
|
services.tls.certificates.leaf_data.tbs_fingerprint
|
24ba195186907807994fdfb68df0e02051af291218b88ae86c59e2df2db7c4da |
|
services.tls.certificates.leaf_data.fingerprint
|
0b36eb6cb526a11bd110a98f8c871ecad79bca44cd14c6b9f5f8abc4ff732494 |
|
services.tls.certificates.leaf_data.issuer.common_name
|
E5 |
|
services.tls.certificates.leaf_data.issuer.organization
|
Let's Encrypt |
|
services.tls.certificates.leaf_data.issuer.country
|
US |
|
services.tls.certificates.leaf_data.subject.common_name
|
freefirstaidkit.afbdirect.com |
|
services.tls.certificates.leaf_data.public_key.key_algorithm
|
ECDSA |
|
services.tls.certificates.leaf_data.public_key.ecdsa.b
|
WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs= |
|
services.tls.certificates.leaf_data.public_key.ecdsa.curve
|
P-256 |
|
services.tls.certificates.leaf_data.public_key.ecdsa.gx
|
axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY= |
|
services.tls.certificates.leaf_data.public_key.ecdsa.gy
|
T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU= |
|
services.tls.certificates.leaf_data.public_key.ecdsa.length
|
256 |
|
services.tls.certificates.leaf_data.public_key.ecdsa.n
|
/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE= |
|
services.tls.certificates.leaf_data.public_key.ecdsa.p
|
/////wAAAAEAAAAAAAAAAAAAAAD///////////////8= |
|
services.tls.certificates.leaf_data.public_key.ecdsa.x
|
ch/+WLxnirMttBTDzbOThVNM6YTEYELmVREtvEFkv3I= |
|
services.tls.certificates.leaf_data.public_key.ecdsa.y
|
bhZnMPa/hYG/zB/eV4Rzi7XbM3OQt8Md+1T3YSN9gpw= |
|
services.tls.certificates.leaf_data.public_key.fingerprint
|
cf0609a62b806aa0346adc8b647f17f0430721e214d5dc35a8c2ab720e273397 |
|
services.tls.certificates.leaf_data.signature.signature_algorithm
|
ECDSA-SHA384 |
|
services.tls.certificates.leaf_data.signature.self_signed |
false |
|
services.tls.certificates.chain.fingerprint
|
5dfdb3cf31b26f23d87c09f3a0cef642f64069a9fb7cfe29270bb5dc0f1e16bb |
|
services.tls.certificates.chain.subject_dn
|
C=US, O=Let's Encrypt, CN=E5 |
|
services.tls.certificates.chain.issuer_dn
|
C=US, O=Internet Security Research Group, CN=ISRG Root X1 |
|
|
services.tls.ja3s
|
475c9302dc42b2751db9edcac3b74891 |
|
services.tls.ja4s
|
t130200_1303_a56c5b993250 |
|
services.tls.versions.tls_version
|
TLSv1_3 |
|
services.tls.versions.ja3s
|
475c9302dc42b2751db9edcac3b74891 |
|
services.tls.versions.ja4s
|
t130200_1303_a56c5b993250 |
|
|
services.tls.versions.tls_version
|
TLSv1_2 |
|
services.tls.versions.ja3s
|
954f7e9207d4c9012fd0692885732b12 |
|
services.tls.versions.ja4s
|
t120200_cca9_344b4dce5a52 |
|
|
services.transport_protocol
|
TCP |
|
services.truncated |
false |
|