services.banner |
HTTP/1.1 400 Bad Request\r\nDate: Tue, 07 Feb 2023 10:12:13 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 248\r\nConnection: close\r\nX-Proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n |
|
services.banner_grab.banner |
SFRUUC8xLjEgNDAwIEJhZCBSZXF1ZXN0DQpEYXRlOiBUdWUsIDA3IEZlYiAyMDIzIDEwOjEyOjEzIEdNVA0KQ29udGVudC1UeXBlOiB0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgNCkNvbnRlbnQtTGVuZ3RoOiAyNDgNCkNvbm5lY3Rpb246IGNsb3NlDQpYLVByb3h5OiAyNDc3Y2FzdGhjZnBkZDEwYmY3Yzc0NjhlODczZTc5YmEyYWQyNDkNCg0KPGh0bWw+DQo8aGVhZD48dGl0bGU+NDAwIFRoZSBwbGFpbiBIVFRQIHJlcXVlc3Qgd2FzIHNlbnQgdG8gSFRUUFMgcG9ydDwvdGl0bGU+PC9oZWFkPg0KPGJvZHk+DQo8Y2VudGVyPjxoMT40MDAgQmFkIFJlcXVlc3Q8L2gxPjwvY2VudGVyPg0KPGNlbnRlcj5UaGUgcGxhaW4gSFRUUCByZXF1ZXN0IHdhcyBzZW50IHRvIEhUVFBTIHBvcnQ8L2NlbnRlcj4NCjxocj48Y2VudGVyPm5naW54PC9jZW50ZXI+DQo8L2JvZHk+DQo8L2h0bWw+DQo= |
|
services.banner_grab.transport |
TCP |
|
services.banner_hashes |
sha256:f38ceb8292d1f5a321d8f07433723a9b75af4ccf05956e34b53fdf47a0048126 |
|
services.banner_hex |
485454502f312e31203430302042616420526571756573740d0a446174653a205475652c2030372046656220323032332031303a31323a313320474d540d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d7574662d380d0a436f6e74656e742d4c656e6774683a203234380d0a436f6e6e656374696f6e3a20636c6f73650d0a582d50726f78793a203234373763617374686366706464313062663763373436386538373365373962613261643234390d0a0d0a3c68746d6c3e0d0a3c686561643e3c7469746c653e3430302054686520706c61696e20485454502072657175657374207761732073656e7420746f20485454505320706f72743c2f7469746c653e3c2f686561643e0d0a3c626f64793e0d0a3c63656e7465723e3c68313e3430302042616420526571756573743c2f68313e3c2f63656e7465723e0d0a3c63656e7465723e54686520706c61696e20485454502072657175657374207761732073656e7420746f20485454505320706f72743c2f63656e7465723e0d0a3c68723e3c63656e7465723e6e67696e783c2f63656e7465723e0d0a3c2f626f64793e0d0a3c2f68746d6c3e0d0a |
|
services.certificate |
c32ae5980e0bd6e0ef27259774c9a63f35f174c317bf1d6820033363f3e51292 |
|
services.extended_service_name |
UNKNOWN |
|
services.jarm.fingerprint |
29d29d00029d29d21c42d42d000000307ee0eb468e9fdb5cfcd698a80a67ef |
|
services.jarm.cipher_and_version_fingerprint |
29d29d00029d29d21c42d42d000000 |
|
services.jarm.tls_extensions_sha256 |
307ee0eb468e9fdb5cfcd698a80a67ef |
|
services.jarm.observed_at |
2023-02-04T13:08:37.548866795Z |
|
services.observed_at |
2023-02-07T10:12:08.598039541Z |
|
services.perspective_id |
PERSPECTIVE_HE |
|
services.port |
443 |
|
services.service_name |
UNKNOWN |
|
services.software.uniform_resource_identifier |
cpe:2.3:o:*:linux:*:*:*:*:*:*:*:* |
|
services.software.part |
o |
|
services.software.product |
linux |
|
services.software.source |
OSI_TRANSPORT_LAYER |
|
|
services.source_ip |
162.142.125.222 |
|
services.tls.version_selected |
TLSv1_3 |
|
services.tls.cipher_selected |
TLS_AES_256_GCM_SHA384 |
|
services.tls.certificates.leaf_fp_sha_256 |
c32ae5980e0bd6e0ef27259774c9a63f35f174c317bf1d6820033363f3e51292 |
|
services.tls.certificates.chain_fps_sha_256 |
7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676 |
|
services.tls.certificates.chain_fps_sha_256 |
68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b |
|
services.tls.certificates.chain_fps_sha_256 |
d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4 |
|
services.tls.certificates.leaf_data.names |
*.vnecdn.net |
|
services.tls.certificates.leaf_data.names |
vnecdn.net |
|
services.tls.certificates.leaf_data.subject_dn |
CN=*.vnecdn.net |
|
services.tls.certificates.leaf_data.issuer_dn |
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA |
|
services.tls.certificates.leaf_data.pubkey_bit_size |
2048 |
|
services.tls.certificates.leaf_data.pubkey_algorithm |
RSA |
|
services.tls.certificates.leaf_data.tbs_fingerprint |
7b20021d880b0c870021b8faa021db477a1ea4fda3e6ebe1008a02c3c7ffb8d5 |
|
services.tls.certificates.leaf_data.fingerprint |
c32ae5980e0bd6e0ef27259774c9a63f35f174c317bf1d6820033363f3e51292 |
|
services.tls.certificates.leaf_data.issuer.common_name |
Sectigo RSA Domain Validation Secure Server CA |
|
services.tls.certificates.leaf_data.issuer.locality |
Salford |
|
services.tls.certificates.leaf_data.issuer.organization |
Sectigo Limited |
|
services.tls.certificates.leaf_data.issuer.province |
Greater Manchester |
|
services.tls.certificates.leaf_data.issuer.country |
GB |
|
services.tls.certificates.leaf_data.subject.common_name |
*.vnecdn.net |
|
services.tls.certificates.leaf_data.public_key.key_algorithm |
RSA |
|
services.tls.certificates.leaf_data.public_key.rsa.modulus |
41Voy7EdE+IWjAoRHK283qo4uGSgDsDVRR+8skcWNT9gFtyeZ4CGIrjqjm3cSogACiC0FcKaFTwqYlP62qnn9nCjLGzgtTKuFwF/kEURMXzvosc+SntuwxM1jgtZuDmKa90gavpdAk0rUgaI6ULjukxaS4HVYojYy4JMmU2te60E3PAzDskAlvVC8B7yHEUTcfyq4khFiLBPaaRZjEDKD6omBBktqCw35hCzoXDQ2/r22Z5jJC4rHniGJmO/CZ4h+ERFVWfuqrgKbhzWgPA5gDK/MAqTFmOcL6ijO4Kdh/0ONRTAvi99J5d535uG99rizh2TR9XDk4gdXQdA9T04oQ== |
|
services.tls.certificates.leaf_data.public_key.rsa.exponent |
AAEAAQ== |
|
services.tls.certificates.leaf_data.public_key.rsa.length |
256 |
|
services.tls.certificates.leaf_data.public_key.fingerprint |
02b83c3bd4fbb694483ce43f37c19b452eed75c546feb6a95cccacbc00c1e584 |
|
services.tls.certificates.leaf_data.signature.signature_algorithm |
SHA256-RSA |
|
services.tls.certificates.leaf_data.signature.self_signed |
false |
|
services.tls.certificates.chain.fingerprint |
7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676 |
|
services.tls.certificates.chain.subject_dn |
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA |
|
services.tls.certificates.chain.issuer_dn |
C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority |
|
|
services.tls.certificates.chain.fingerprint |
68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b |
|
services.tls.certificates.chain.subject_dn |
C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority |
|
services.tls.certificates.chain.issuer_dn |
C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services |
|
|
services.tls.certificates.chain.fingerprint |
d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4 |
|
services.tls.certificates.chain.subject_dn |
C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services |
|
services.tls.certificates.chain.issuer_dn |
C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services |
|
|
services.tls.ja3s |
15af977ce25de452b96affa2addb1036 |
|
services.transport_fingerprint.id |
72 |
|
services.transport_fingerprint.os |
Ubuntu / Debian / CentOS |
|
services.transport_fingerprint.raw |
28960,64,true,MSTNW,1460,false,false |
|
services.transport_protocol |
TCP |
|
services.truncated |
false |
|