114.220.0.29
As of: Oct 05, 2024 2:59pm UTC |
Latest
{
"ip": "114.220.0.29",
"services": [
{
"_decoded": "ssh",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "SSH-2.0-OpenSSH_7.4",
"banner_hashes": [
"sha256:be0da7ee170f9a69bc13b9e61ecfc9110c27db40f3f2e4c0ffae6741f064af8a"
],
"banner_hex": "5353482d322e302d4f70656e5353485f372e34",
"discovery_method": "PREDICTIVE_METHOD_7",
"extended_service_name": "SSH",
"labels": [
"remote-access"
],
"observed_at": "2024-10-05T02:58:25.734778312Z",
"perspective_id": "PERSPECTIVE_ORANGE",
"port": 22,
"service_name": "SSH",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:openbsd:openssh:7.4:*:*:*:*:*:*:*",
"part": "a",
"vendor": "OpenBSD",
"product": "OpenSSH",
"version": "7.4",
"other": {
"family": "OpenSSH"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.145.110",
"ssh": {
"endpoint_id": {
"_encoding": {
"raw": "DISPLAY_UTF8"
},
"raw": "SSH-2.0-OpenSSH_7.4",
"protocol_version": "2.0",
"software_version": "OpenSSH_7.4"
},
"kex_init_message": {
"kex_algorithms": [
"curve25519-sha256",
"[email protected]",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group16-sha512",
"diffie-hellman-group18-sha512",
"diffie-hellman-group-exchange-sha1",
"diffie-hellman-group14-sha256",
"diffie-hellman-group14-sha1",
"diffie-hellman-group1-sha1"
],
"host_key_algorithms": [
"ssh-rsa",
"rsa-sha2-512",
"rsa-sha2-256",
"ecdsa-sha2-nistp256",
"ssh-ed25519"
],
"client_to_server_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]",
"aes128-cbc",
"aes192-cbc",
"aes256-cbc",
"blowfish-cbc",
"cast128-cbc",
"3des-cbc"
],
"server_to_client_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]",
"aes128-cbc",
"aes192-cbc",
"aes256-cbc",
"blowfish-cbc",
"cast128-cbc",
"3des-cbc"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"client_to_server_compression": [
"none",
"[email protected]"
],
"server_to_client_compression": [
"none",
"[email protected]"
],
"first_kex_follows": false
},
"algorithm_selection": {
"kex_algorithm": "[email protected]",
"host_key_algorithm": "ecdsa-sha2-nistp256",
"client_to_server_alg_group": {
"cipher": "aes128-ctr",
"mac": "hmac-sha2-256",
"compression": "none"
},
"server_to_client_alg_group": {
"cipher": "aes128-ctr",
"mac": "hmac-sha2-256",
"compression": "none"
}
},
"server_host_key": {
"fingerprint_sha256": "c2ecf655648954f33d314dc1e9d173859194b927fd82528d57782721087d7bc4",
"ecdsa_public_key": {
"_encoding": {
"b": "DISPLAY_BASE64",
"gx": "DISPLAY_BASE64",
"gy": "DISPLAY_BASE64",
"n": "DISPLAY_BASE64",
"p": "DISPLAY_BASE64",
"x": "DISPLAY_BASE64",
"y": "DISPLAY_BASE64"
},
"b": "WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=",
"curve": "P-256",
"gx": "axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=",
"gy": "T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=",
"length": 256,
"n": "/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=",
"p": "/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=",
"x": "o7bkOJyckQkxdT49wgQEkSBjvQO2xpaCkCMMGd0IW2A=",
"y": "swOauq/SNQLHEVKs3fhujigf8DNQoEz41Q/6WsPXrB8="
}
},
"hassh_fingerprint": "6832f1ce43d4397c2c0a3e2f8c94334e"
},
"transport_fingerprint": {
"raw": "24560,64,true,MSTNW,1240,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "",
"banner_hashes": [
"sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
],
"discovery_method": "PREDICTIVE_METHOD_18",
"extended_service_name": "PORTMAP",
"observed_at": "2024-10-05T14:59:27.907746429Z",
"parsed": {
"portmap": {
"portmap_entries_v2": null,
"portmap_entries_v3": [
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 4,
"network_id": "tcp6",
"universal_address": "::.0.111",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 3,
"network_id": "tcp6",
"universal_address": "::.0.111",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 4,
"network_id": "udp6",
"universal_address": "::.0.111",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 3,
"network_id": "udp6",
"universal_address": "::.0.111",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 4,
"network_id": "tcp",
"universal_address": "0.0.0.0.0.111",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 3,
"network_id": "tcp",
"universal_address": "0.0.0.0.0.111",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 2,
"network_id": "tcp",
"universal_address": "0.0.0.0.0.111",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 4,
"network_id": "udp",
"universal_address": "0.0.0.0.0.111",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 3,
"network_id": "udp",
"universal_address": "0.0.0.0.0.111",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 2,
"network_id": "udp",
"universal_address": "0.0.0.0.0.111",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 4,
"network_id": "local",
"universal_address": "/var/run/rpcbind.sock",
"owner": "superuser"
},
{
"shorthand": "pmapprog portmap rpcbind",
"desc": "portmapper",
"version": 3,
"network_id": "local",
"universal_address": "/var/run/rpcbind.sock",
"owner": "superuser"
}
]
}
},
"perspective_id": "PERSPECTIVE_ORANGE",
"port": 111,
"service_name": "PORTMAP",
"source_ip": "167.94.145.111",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "@RSYNCD: 31.0\n",
"banner_hashes": [
"sha256:dbc456a2cc47132c0c860fefa9f3bb45165082f8500af363eac534f75c35cfc6"
],
"banner_hex": "405253594e43443a2033312e300a",
"discovery_method": "PREDICTIVE_METHOD_18",
"extended_service_name": "RSYNC",
"labels": [
"file-sharing"
],
"observed_at": "2024-10-05T12:30:45.243111069Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 873,
"service_name": "RSYNC",
"source_ip": "206.168.34.41",
"transport_fingerprint": {
"raw": "24560,64,true,MSTNW,1240,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "\ufffd\u0002\u0000\fhi\u0000\u0000\u0000\u0000\u0000\u0001\ufffd\u0002\u00006hi\u0000\u0000\u0000\u0000\u0000\u0001\ufffd\b\u0000\u0000\u0000\u0000\u0000\u0004\ufffd\b\u0000\u0000\u0000\t\u0010l\ufffd\u001a\u0000\u0000\u0000\u0001\u0000\u0002\u0000\u0006No Authorization",
"banner_hashes": [
"sha256:a3eaf9de3f17eb2005c57e9b46b2f93debcde9254682fa5caf6971a1fddc43a7"
],
"banner_hex": "c802000c6869000000000001c802003668690000000000018008000000000004800800000009106c801a00000001000200064e6f20417574686f72697a6174696f6e",
"discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
"extended_service_name": "L2TP",
"observed_at": "2024-10-05T00:16:34.205318938Z",
"parsed": {
"l2tp": {
"zlb_received": true,
"sccrq_received": false,
"sccrp_received": false,
"sccn_received": false,
"stop_sccn_received": true,
"hello_received": false,
"stop_sccn": {
"attribute_values": {
"result_code": 2,
"result_meaning": "General Error",
"error_code": 6,
"error_meaning": "A generic vendor-specific error occurred in the LAC",
"error_message": "No Authorization"
}
},
"ordered_messages_raw": [
"yAIADGhpAAAAAAAB",
"yAIANmhpAAAAAAABgAgAAAAAAASACAAAAAkQbIAaAAAAAQACAAZObyBBdXRob3JpemF0aW9u"
]
}
},
"perspective_id": "PERSPECTIVE_NTT",
"port": 1701,
"service_name": "L2TP",
"source_ip": "206.168.34.221",
"transport_protocol": "UDP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 400 Bad Request\r\nServer: squid/3.5.20\r\nMime-Version: 1.0\r\nDate: <REDACTED>\r\nContent-Type: text/html;charset=utf-8\r\nContent-Length: 3523\r\nX-Squid-Error: ERR_INVALID_URL 0\r\nVary: Accept-Language\r\nContent-Language: en\r\nX-Cache: MISS from ecm-401b-0029\r\nX-Cache-Lookup: NONE from ecm-401b-0029:9999\r\nVia: 1.1 ecm-401b-0029 (squid/3.5.20)\r\nConnection: close\r\n",
"banner_hashes": [
"sha256:4e9cf2a0e85a525e9b1d97b67c8b4fb9757cbed134c3ad01b0cc92603d26bda2"
],
"banner_hex": "485454502f312e31203430302042616420526571756573740d0a5365727665723a2073717569642f332e352e32300d0a4d696d652d56657273696f6e3a20312e300d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c3b636861727365743d7574662d380d0a436f6e74656e742d4c656e6774683a20333532330d0a582d53717569642d4572726f723a204552525f494e56414c49445f55524c20300d0a566172793a204163636570742d4c616e67756167650d0a436f6e74656e742d4c616e67756167653a20656e0d0a582d43616368653a204d4953532066726f6d2065636d2d343031622d303032390d0a582d43616368652d4c6f6f6b75703a204e4f4e452066726f6d2065636d2d343031622d303032393a393939390d0a5669613a20312e312065636d2d343031622d30303239202873717569642f332e352e3230290d0a436f6e6e656374696f6e3a20636c6f73650d0a",
"discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://114.220.0.29:9999/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 400,
"status_reason": "Bad Request",
"headers": {
"Vary": [
"Accept-Language"
],
"_encoding": {
"Vary": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Content_Language": "DISPLAY_UTF8",
"X_Cache_Lookup": "DISPLAY_UTF8",
"Via": "DISPLAY_UTF8",
"Mime_Version": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8",
"X_Squid_Error": "DISPLAY_UTF8",
"X_Cache": "DISPLAY_UTF8"
},
"Server": [
"squid/3.5.20"
],
"Content_Length": [
"3523"
],
"Content_Language": [
"en"
],
"X_Cache_Lookup": [
"NONE from ecm-401b-0029:9999"
],
"Via": [
"1.1 ecm-401b-0029 (squid/3.5.20)"
],
"Mime_Version": [
"1.0"
],
"Content_Type": [
"text/html;charset=utf-8"
],
"Date": [
"<REDACTED>"
],
"Connection": [
"close"
],
"X_Squid_Error": [
"ERR_INVALID_URL 0"
],
"X_Cache": [
"MISS from ecm-401b-0029"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>ERROR: The requested URL could not be retrieved</title>",
"<meta type=\"copyright\" content=\"Copyright (C) 1996-2016 The Squid Software Foundation and contributors\">",
"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"
],
"body_size": 3523,
"body": "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html><head>\n<meta type=\"copyright\" content=\"Copyright (C) 1996-2016 The Squid Software Foundation and contributors\">\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>ERROR: The requested URL could not be retrieved</title>\n<style type=\"text/css\"><!-- \n /*\n * Copyright (C) 1996-2016 The Squid Software Foundation and contributors\n *\n * Squid software is distributed under GPLv2+ license and includes\n * contributions from numerous individuals and organizations.\n * Please see the COPYING and CONTRIBUTORS files for details.\n */\n\n/*\n Stylesheet for Squid Error pages\n Adapted from design by Free CSS Templates\n http://www.freecsstemplates.org\n Released for free under a Creative Commons Attribution 2.5 License\n*/\n\n/* Page basics */\n* {\n\tfont-family: verdana, sans-serif;\n}\n\nhtml body {\n\tmargin: 0;\n\tpadding: 0;\n\tbackground: #efefef;\n\tfont-size: 12px;\n\tcolor: #1e1e1e;\n}\n\n/* Page displayed title area */\n#titles {\n\tmargin-left: 15px;\n\tpadding: 10px;\n\tpadding-left: 100px;\n\tbackground: url('/squid-internal-static/icons/SN.png') no-repeat left;\n}\n\n/* initial title */\n#titles h1 {\n\tcolor: #000000;\n}\n#titles h2 {\n\tcolor: #000000;\n}\n\n/* special event: FTP success page titles */\n#titles ftpsuccess {\n\tbackground-color:#00ff00;\n\twidth:100%;\n}\n\n/* Page displayed body content area */\n#content {\n\tpadding: 10px;\n\tbackground: #ffffff;\n}\n\n/* General text */\np {\n}\n\n/* error brief description */\n#error p {\n}\n\n/* some data which may have caused the problem */\n#data {\n}\n\n/* the error message received from the system or other software */\n#sysmsg {\n}\n\npre {\n font-family:sans-serif;\n}\n\n/* special event: FTP / Gopher directory listing */\n#dirmsg {\n font-family: courier;\n color: black;\n font-size: 10pt;\n}\n#dirlisting {\n margin-left: 2%;\n margin-right: 2%;\n}\n#dirlisting tr.entry td.icon,td.filename,td.size,td.date {\n border-bottom: groove;\n}\n#dirlisting td.size {\n width: 50px;\n text-align: right;\n padding-right: 5px;\n}\n\n/* horizontal lines */\nhr {\n\tmargin: 0;\n}\n\n/* page displayed footer area */\n#footer {\n\tfont-size: 9px;\n\tpadding-left: 10px;\n}\n\n\nbody\n:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }\n:lang(he) { direction: rtl; }\n --></style>\n</head><body id=ERR_INVALID_URL>\n<div id=\"titles\">\n<h1>ERROR</h1>\n<h2>The requested URL could not be retrieved</h2>\n</div>\n<hr>\n\n<div id=\"content\">\n<p>The following error was encountered while trying to retrieve the URL: <a href=\"/\">/</a></p>\n\n<blockquote id=\"error\">\n<p><b>Invalid URL</b></p>\n</blockquote>\n\n<p>Some aspect of the requested URL is incorrect.</p>\n\n<p>Some possible problems are:</p>\n<ul>\n<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>\n<li><p>Missing hostname</p></li>\n<li><p>Illegal double-escape in the URL-Path</p></li>\n<li><p>Illegal character in hostname; underscores are not allowed.</p></li>\n</ul>\n\n<p>Your cache administrator is <a href=\"mailto:root?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&body=CacheHost%3A%20ecm-401b-0029%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Sat,%2005%20Oct%202024%2009%3A21%3A51%20GMT%0D%0A%0D%0AClientIP%3A%20167.94.146.55%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A\">root</a>.</p>\n<br>\n</div>\n\n<hr>\n<div id=\"footer\">\n<p>Generated Sat, 05 Oct 2024 09:21:51 GMT by ecm-401b-0029 (squid/3.5.20)</p>\n<!-- ERR_INVALID_URL -->\n</div>\n</body></html>\n",
"body_hashes": [
"sha256:65b489393c31afcb492a3bd4febd81189d332a11c9527e2ed2dbb81bab1a6cc8",
"sha1:d2171773fa69d41b2153f034f3d4c87a82b4703c"
],
"body_hash": "sha1:d2171773fa69d41b2153f034f3d4c87a82b4703c",
"html_title": "ERROR: The requested URL could not be retrieved"
},
"supports_http2": false
},
"labels": [
"proxy"
],
"observed_at": "2024-10-05T09:21:50.361566132Z",
"perspective_id": "PERSPECTIVE_TELIA",
"port": 9999,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:squid\\-cache:squid:3.5.20:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Squid Cache",
"product": "Squid",
"version": "3.5.20",
"other": {
"family": "Squid"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.146.55",
"transport_protocol": "TCP",
"truncated": false
}
],
"location": {
"continent": "Asia",
"country": "China",
"country_code": "CN",
"city": "Shanghai",
"postal_code": "200000",
"timezone": "Asia/Shanghai",
"province": "Shanghai",
"coordinates": {
"latitude": 31.22222,
"longitude": 121.45806
}
},
"location_updated_at": "2024-10-01T02:25:31.316373822Z",
"autonomous_system": {
"asn": 4134,
"description": "CHINANET-BACKBONE No.31,Jin-rong Street",
"bgp_prefix": "114.216.0.0/13",
"name": "CHINANET-BACKBONE No.31,Jin-rong Street",
"country_code": "CN"
},
"autonomous_system_updated_at": "2024-10-01T02:25:31.316944421Z",
"whois": {
"network": {
"handle": "CHINANET-JS",
"name": "Chinanet Jiangsu Province Network",
"cidrs": [
"114.216.0.0/13"
],
"updated": "2021-06-15T00:00:00Z"
}
},
"dns": {},
"last_updated_at": "2024-10-05T14:59:30.466Z",
"labels": [
"file-sharing",
"proxy",
"remote-access"
]
}