111.65.251.14

As of: Jan 29, 2023 5:44am UTC | Latest
{
  "ip": "111.65.251.14",
  "services": [
    {
      "_decoded": "banner_grab",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 400 Bad Request\r\nDate: Sun, 29 Jan 2023 02:08:25 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 248\r\nConnection: close\r\nX-Proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
      "banner_grab": {
        "_encoding": {
          "banner": "DISPLAY_BASE64"
        },
        "banner": "SFRUUC8xLjEgNDAwIEJhZCBSZXF1ZXN0DQpEYXRlOiBTdW4sIDI5IEphbiAyMDIzIDAyOjA4OjI1IEdNVA0KQ29udGVudC1UeXBlOiB0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgNCkNvbnRlbnQtTGVuZ3RoOiAyNDgNCkNvbm5lY3Rpb246IGNsb3NlDQpYLVByb3h5OiAyMjc3Y2FzdGhjZnBkZDEwYmY3Yzc0NjhlODczZTc5YmEyYWQyNDkNCg0KPGh0bWw+DQo8aGVhZD48dGl0bGU+NDAwIFRoZSBwbGFpbiBIVFRQIHJlcXVlc3Qgd2FzIHNlbnQgdG8gSFRUUFMgcG9ydDwvdGl0bGU+PC9oZWFkPg0KPGJvZHk+DQo8Y2VudGVyPjxoMT40MDAgQmFkIFJlcXVlc3Q8L2gxPjwvY2VudGVyPg0KPGNlbnRlcj5UaGUgcGxhaW4gSFRUUCByZXF1ZXN0IHdhcyBzZW50IHRvIEhUVFBTIHBvcnQ8L2NlbnRlcj4NCjxocj48Y2VudGVyPm5naW54PC9jZW50ZXI+DQo8L2JvZHk+DQo8L2h0bWw+DQo=",
        "transport": "TCP"
      },
      "banner_hashes": [
        "sha256:e53315f6a49268d76437b14a7de6734b83fc0149b04d0b3595c544915d038e0b"
      ],
      "banner_hex": "485454502f312e31203430302042616420526571756573740d0a446174653a2053756e2c203239204a616e20323032332030323a30383a323520474d540d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d7574662d380d0a436f6e74656e742d4c656e6774683a203234380d0a436f6e6e656374696f6e3a20636c6f73650d0a582d50726f78793a203232373763617374686366706464313062663763373436386538373365373962613261643234390d0a0d0a3c68746d6c3e0d0a3c686561643e3c7469746c653e3430302054686520706c61696e20485454502072657175657374207761732073656e7420746f20485454505320706f72743c2f7469746c653e3c2f686561643e0d0a3c626f64793e0d0a3c63656e7465723e3c68313e3430302042616420526571756573743c2f68313e3c2f63656e7465723e0d0a3c63656e7465723e54686520706c61696e20485454502072657175657374207761732073656e7420746f20485454505320706f72743c2f63656e7465723e0d0a3c68723e3c63656e7465723e6e67696e783c2f63656e7465723e0d0a3c2f626f64793e0d0a3c2f68746d6c3e0d0a",
      "certificate": "c32ae5980e0bd6e0ef27259774c9a63f35f174c317bf1d6820033363f3e51292",
      "extended_service_name": "UNKNOWN",
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "29d29d00029d29d21c42d42d000000307ee0eb468e9fdb5cfcd698a80a67ef",
        "cipher_and_version_fingerprint": "29d29d00029d29d21c42d42d000000",
        "tls_extensions_sha256": "307ee0eb468e9fdb5cfcd698a80a67ef",
        "observed_at": "2023-01-19T15:08:01.588291967Z"
      },
      "observed_at": "2023-01-29T02:08:20.246612047Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 443,
      "service_name": "UNKNOWN",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "162.142.125.212",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "c32ae5980e0bd6e0ef27259774c9a63f35f174c317bf1d6820033363f3e51292",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
            "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
            "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
          ],
          "leaf_data": {
            "names": [
              "*.vnecdn.net",
              "vnecdn.net"
            ],
            "subject_dn": "CN=*.vnecdn.net",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "7b20021d880b0c870021b8faa021db477a1ea4fda3e6ebe1008a02c3c7ffb8d5",
            "fingerprint": "c32ae5980e0bd6e0ef27259774c9a63f35f174c317bf1d6820033363f3e51292",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.vnecdn.net"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "41Voy7EdE+IWjAoRHK283qo4uGSgDsDVRR+8skcWNT9gFtyeZ4CGIrjqjm3cSogACiC0FcKaFTwqYlP62qnn9nCjLGzgtTKuFwF/kEURMXzvosc+SntuwxM1jgtZuDmKa90gavpdAk0rUgaI6ULjukxaS4HVYojYy4JMmU2te60E3PAzDskAlvVC8B7yHEUTcfyq4khFiLBPaaRZjEDKD6omBBktqCw35hCzoXDQ2/r22Z5jJC4rHniGJmO/CZ4h+ERFVWfuqrgKbhzWgPA5gDK/MAqTFmOcL6ijO4Kdh/0ONRTAvi99J5d535uG99rizh2TR9XDk4gdXQdA9T04oQ==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "02b83c3bd4fbb694483ce43f37c19b452eed75c546feb6a95cccacbc00c1e584"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            },
            {
              "fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
              "subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            },
            {
              "fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
              "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "15af977ce25de452b96affa2addb1036"
      },
      "transport_fingerprint": {
        "id": 72,
        "os": "Ubuntu / Debian / CentOS",
        "raw": "28960,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Asia",
    "country": "Vietnam",
    "country_code": "VN",
    "postal_code": "",
    "timezone": "Asia/Bangkok",
    "coordinates": {
      "latitude": 16.1667,
      "longitude": 107.8333
    },
    "registered_country": "Vietnam",
    "registered_country_code": "VN"
  },
  "location_updated_at": "2023-01-26T05:33:55.400707Z",
  "autonomous_system": {
    "asn": 45894,
    "description": "FPTONLINE-AS-VN FPT Online JSC",
    "bgp_prefix": "111.65.251.0/24",
    "name": "FPTONLINE-AS-VN FPT Online JSC",
    "country_code": "VN"
  },
  "autonomous_system_updated_at": "2023-01-24T07:49:03.532778Z",
  "operating_system": {
    "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
    "part": "o",
    "product": "linux",
    "source": "OSI_TRANSPORT_LAYER"
  },
  "dns": {
    "reverse_dns": {
      "names": [
        "mx3.gatemail.vn"
      ],
      "resolved_at": "2022-11-09T20:50:19.230966449Z"
    }
  },
  "last_updated_at": "2023-01-29T05:44:52.783Z"
}