111.65.251.14
As of: Jan 29, 2023 5:44am UTC |
Latest
{
"ip": "111.65.251.14",
"services": [
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 400 Bad Request\r\nDate: Sun, 29 Jan 2023 02:08:25 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 248\r\nConnection: close\r\nX-Proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
"banner_grab": {
"_encoding": {
"banner": "DISPLAY_BASE64"
},
"banner": "SFRUUC8xLjEgNDAwIEJhZCBSZXF1ZXN0DQpEYXRlOiBTdW4sIDI5IEphbiAyMDIzIDAyOjA4OjI1IEdNVA0KQ29udGVudC1UeXBlOiB0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgNCkNvbnRlbnQtTGVuZ3RoOiAyNDgNCkNvbm5lY3Rpb246IGNsb3NlDQpYLVByb3h5OiAyMjc3Y2FzdGhjZnBkZDEwYmY3Yzc0NjhlODczZTc5YmEyYWQyNDkNCg0KPGh0bWw+DQo8aGVhZD48dGl0bGU+NDAwIFRoZSBwbGFpbiBIVFRQIHJlcXVlc3Qgd2FzIHNlbnQgdG8gSFRUUFMgcG9ydDwvdGl0bGU+PC9oZWFkPg0KPGJvZHk+DQo8Y2VudGVyPjxoMT40MDAgQmFkIFJlcXVlc3Q8L2gxPjwvY2VudGVyPg0KPGNlbnRlcj5UaGUgcGxhaW4gSFRUUCByZXF1ZXN0IHdhcyBzZW50IHRvIEhUVFBTIHBvcnQ8L2NlbnRlcj4NCjxocj48Y2VudGVyPm5naW54PC9jZW50ZXI+DQo8L2JvZHk+DQo8L2h0bWw+DQo=",
"transport": "TCP"
},
"banner_hashes": [
"sha256:e53315f6a49268d76437b14a7de6734b83fc0149b04d0b3595c544915d038e0b"
],
"banner_hex": "485454502f312e31203430302042616420526571756573740d0a446174653a2053756e2c203239204a616e20323032332030323a30383a323520474d540d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d7574662d380d0a436f6e74656e742d4c656e6774683a203234380d0a436f6e6e656374696f6e3a20636c6f73650d0a582d50726f78793a203232373763617374686366706464313062663763373436386538373365373962613261643234390d0a0d0a3c68746d6c3e0d0a3c686561643e3c7469746c653e3430302054686520706c61696e20485454502072657175657374207761732073656e7420746f20485454505320706f72743c2f7469746c653e3c2f686561643e0d0a3c626f64793e0d0a3c63656e7465723e3c68313e3430302042616420526571756573743c2f68313e3c2f63656e7465723e0d0a3c63656e7465723e54686520706c61696e20485454502072657175657374207761732073656e7420746f20485454505320706f72743c2f63656e7465723e0d0a3c68723e3c63656e7465723e6e67696e783c2f63656e7465723e0d0a3c2f626f64793e0d0a3c2f68746d6c3e0d0a",
"certificate": "c32ae5980e0bd6e0ef27259774c9a63f35f174c317bf1d6820033363f3e51292",
"extended_service_name": "UNKNOWN",
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "29d29d00029d29d21c42d42d000000307ee0eb468e9fdb5cfcd698a80a67ef",
"cipher_and_version_fingerprint": "29d29d00029d29d21c42d42d000000",
"tls_extensions_sha256": "307ee0eb468e9fdb5cfcd698a80a67ef",
"observed_at": "2023-01-19T15:08:01.588291967Z"
},
"observed_at": "2023-01-29T02:08:20.246612047Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 443,
"service_name": "UNKNOWN",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
}
],
"source_ip": "162.142.125.212",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "c32ae5980e0bd6e0ef27259774c9a63f35f174c317bf1d6820033363f3e51292",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
],
"leaf_data": {
"names": [
"*.vnecdn.net",
"vnecdn.net"
],
"subject_dn": "CN=*.vnecdn.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "7b20021d880b0c870021b8faa021db477a1ea4fda3e6ebe1008a02c3c7ffb8d5",
"fingerprint": "c32ae5980e0bd6e0ef27259774c9a63f35f174c317bf1d6820033363f3e51292",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.vnecdn.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "41Voy7EdE+IWjAoRHK283qo4uGSgDsDVRR+8skcWNT9gFtyeZ4CGIrjqjm3cSogACiC0FcKaFTwqYlP62qnn9nCjLGzgtTKuFwF/kEURMXzvosc+SntuwxM1jgtZuDmKa90gavpdAk0rUgaI6ULjukxaS4HVYojYy4JMmU2te60E3PAzDskAlvVC8B7yHEUTcfyq4khFiLBPaaRZjEDKD6omBBktqCw35hCzoXDQ2/r22Z5jJC4rHniGJmO/CZ4h+ERFVWfuqrgKbhzWgPA5gDK/MAqTFmOcL6ijO4Kdh/0ONRTAvi99J5d535uG99rizh2TR9XDk4gdXQdA9T04oQ==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "02b83c3bd4fbb694483ce43f37c19b452eed75c546feb6a95cccacbc00c1e584"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
},
{
"fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036"
},
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
}
],
"location": {
"continent": "Asia",
"country": "Vietnam",
"country_code": "VN",
"postal_code": "",
"timezone": "Asia/Bangkok",
"coordinates": {
"latitude": 16.1667,
"longitude": 107.8333
},
"registered_country": "Vietnam",
"registered_country_code": "VN"
},
"location_updated_at": "2023-01-26T05:33:55.400707Z",
"autonomous_system": {
"asn": 45894,
"description": "FPTONLINE-AS-VN FPT Online JSC",
"bgp_prefix": "111.65.251.0/24",
"name": "FPTONLINE-AS-VN FPT Online JSC",
"country_code": "VN"
},
"autonomous_system_updated_at": "2023-01-24T07:49:03.532778Z",
"operating_system": {
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
"dns": {
"reverse_dns": {
"names": [
"mx3.gatemail.vn"
],
"resolved_at": "2022-11-09T20:50:19.230966449Z"
}
},
"last_updated_at": "2023-01-29T05:44:52.783Z"
}