114.220.0.29

As of: Oct 05, 2024 2:59pm UTC | Latest
{
  "ip": "114.220.0.29",
  "services": [
    {
      "_decoded": "ssh",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "SSH-2.0-OpenSSH_7.4",
      "banner_hashes": [
        "sha256:be0da7ee170f9a69bc13b9e61ecfc9110c27db40f3f2e4c0ffae6741f064af8a"
      ],
      "banner_hex": "5353482d322e302d4f70656e5353485f372e34",
      "discovery_method": "PREDICTIVE_METHOD_7",
      "extended_service_name": "SSH",
      "labels": [
        "remote-access"
      ],
      "observed_at": "2024-10-05T02:58:25.734778312Z",
      "perspective_id": "PERSPECTIVE_ORANGE",
      "port": 22,
      "service_name": "SSH",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:openbsd:openssh:7.4:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "OpenBSD",
          "product": "OpenSSH",
          "version": "7.4",
          "other": {
            "family": "OpenSSH"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.145.110",
      "ssh": {
        "endpoint_id": {
          "_encoding": {
            "raw": "DISPLAY_UTF8"
          },
          "raw": "SSH-2.0-OpenSSH_7.4",
          "protocol_version": "2.0",
          "software_version": "OpenSSH_7.4"
        },
        "kex_init_message": {
          "kex_algorithms": [
            "curve25519-sha256",
            "[email protected]",
            "ecdh-sha2-nistp256",
            "ecdh-sha2-nistp384",
            "ecdh-sha2-nistp521",
            "diffie-hellman-group-exchange-sha256",
            "diffie-hellman-group16-sha512",
            "diffie-hellman-group18-sha512",
            "diffie-hellman-group-exchange-sha1",
            "diffie-hellman-group14-sha256",
            "diffie-hellman-group14-sha1",
            "diffie-hellman-group1-sha1"
          ],
          "host_key_algorithms": [
            "ssh-rsa",
            "rsa-sha2-512",
            "rsa-sha2-256",
            "ecdsa-sha2-nistp256",
            "ssh-ed25519"
          ],
          "client_to_server_ciphers": [
            "[email protected]",
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "[email protected]",
            "[email protected]",
            "aes128-cbc",
            "aes192-cbc",
            "aes256-cbc",
            "blowfish-cbc",
            "cast128-cbc",
            "3des-cbc"
          ],
          "server_to_client_ciphers": [
            "[email protected]",
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "[email protected]",
            "[email protected]",
            "aes128-cbc",
            "aes192-cbc",
            "aes256-cbc",
            "blowfish-cbc",
            "cast128-cbc",
            "3des-cbc"
          ],
          "client_to_server_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "server_to_client_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "client_to_server_compression": [
            "none",
            "[email protected]"
          ],
          "server_to_client_compression": [
            "none",
            "[email protected]"
          ],
          "first_kex_follows": false
        },
        "algorithm_selection": {
          "kex_algorithm": "[email protected]",
          "host_key_algorithm": "ecdsa-sha2-nistp256",
          "client_to_server_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          },
          "server_to_client_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          }
        },
        "server_host_key": {
          "fingerprint_sha256": "c2ecf655648954f33d314dc1e9d173859194b927fd82528d57782721087d7bc4",
          "ecdsa_public_key": {
            "_encoding": {
              "b": "DISPLAY_BASE64",
              "gx": "DISPLAY_BASE64",
              "gy": "DISPLAY_BASE64",
              "n": "DISPLAY_BASE64",
              "p": "DISPLAY_BASE64",
              "x": "DISPLAY_BASE64",
              "y": "DISPLAY_BASE64"
            },
            "b": "WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=",
            "curve": "P-256",
            "gx": "axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=",
            "gy": "T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=",
            "length": 256,
            "n": "/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=",
            "p": "/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=",
            "x": "o7bkOJyckQkxdT49wgQEkSBjvQO2xpaCkCMMGd0IW2A=",
            "y": "swOauq/SNQLHEVKs3fhujigf8DNQoEz41Q/6WsPXrB8="
          }
        },
        "hassh_fingerprint": "6832f1ce43d4397c2c0a3e2f8c94334e"
      },
      "transport_fingerprint": {
        "raw": "24560,64,true,MSTNW,1240,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "banner_grab",
      "_encoding": {
        "banner": "DISPLAY_UTF8"
      },
      "banner": "",
      "banner_hashes": [
        "sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
      ],
      "discovery_method": "PREDICTIVE_METHOD_18",
      "extended_service_name": "PORTMAP",
      "observed_at": "2024-10-05T14:59:27.907746429Z",
      "parsed": {
        "portmap": {
          "portmap_entries_v2": null,
          "portmap_entries_v3": [
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 4,
              "network_id": "tcp6",
              "universal_address": "::.0.111",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 3,
              "network_id": "tcp6",
              "universal_address": "::.0.111",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 4,
              "network_id": "udp6",
              "universal_address": "::.0.111",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 3,
              "network_id": "udp6",
              "universal_address": "::.0.111",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 4,
              "network_id": "tcp",
              "universal_address": "0.0.0.0.0.111",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 3,
              "network_id": "tcp",
              "universal_address": "0.0.0.0.0.111",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 2,
              "network_id": "tcp",
              "universal_address": "0.0.0.0.0.111",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 4,
              "network_id": "udp",
              "universal_address": "0.0.0.0.0.111",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 3,
              "network_id": "udp",
              "universal_address": "0.0.0.0.0.111",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 2,
              "network_id": "udp",
              "universal_address": "0.0.0.0.0.111",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 4,
              "network_id": "local",
              "universal_address": "/var/run/rpcbind.sock",
              "owner": "superuser"
            },
            {
              "shorthand": "pmapprog portmap rpcbind",
              "desc": "portmapper",
              "version": 3,
              "network_id": "local",
              "universal_address": "/var/run/rpcbind.sock",
              "owner": "superuser"
            }
          ]
        }
      },
      "perspective_id": "PERSPECTIVE_ORANGE",
      "port": 111,
      "service_name": "PORTMAP",
      "source_ip": "167.94.145.111",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "banner_grab",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "@RSYNCD: 31.0\n",
      "banner_hashes": [
        "sha256:dbc456a2cc47132c0c860fefa9f3bb45165082f8500af363eac534f75c35cfc6"
      ],
      "banner_hex": "405253594e43443a2033312e300a",
      "discovery_method": "PREDICTIVE_METHOD_18",
      "extended_service_name": "RSYNC",
      "labels": [
        "file-sharing"
      ],
      "observed_at": "2024-10-05T12:30:45.243111069Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 873,
      "service_name": "RSYNC",
      "source_ip": "206.168.34.41",
      "transport_fingerprint": {
        "raw": "24560,64,true,MSTNW,1240,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "banner_grab",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "\ufffd\u0002\u0000\fhi\u0000\u0000\u0000\u0000\u0000\u0001\ufffd\u0002\u00006hi\u0000\u0000\u0000\u0000\u0000\u0001\ufffd\b\u0000\u0000\u0000\u0000\u0000\u0004\ufffd\b\u0000\u0000\u0000\t\u0010l\ufffd\u001a\u0000\u0000\u0000\u0001\u0000\u0002\u0000\u0006No Authorization",
      "banner_hashes": [
        "sha256:a3eaf9de3f17eb2005c57e9b46b2f93debcde9254682fa5caf6971a1fddc43a7"
      ],
      "banner_hex": "c802000c6869000000000001c802003668690000000000018008000000000004800800000009106c801a00000001000200064e6f20417574686f72697a6174696f6e",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "L2TP",
      "observed_at": "2024-10-05T00:16:34.205318938Z",
      "parsed": {
        "l2tp": {
          "zlb_received": true,
          "sccrq_received": false,
          "sccrp_received": false,
          "sccn_received": false,
          "stop_sccn_received": true,
          "hello_received": false,
          "stop_sccn": {
            "attribute_values": {
              "result_code": 2,
              "result_meaning": "General Error",
              "error_code": 6,
              "error_meaning": "A generic vendor-specific error occurred in the LAC",
              "error_message": "No Authorization"
            }
          },
          "ordered_messages_raw": [
            "yAIADGhpAAAAAAAB",
            "yAIANmhpAAAAAAABgAgAAAAAAASACAAAAAkQbIAaAAAAAQACAAZObyBBdXRob3JpemF0aW9u"
          ]
        }
      },
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 1701,
      "service_name": "L2TP",
      "source_ip": "206.168.34.221",
      "transport_protocol": "UDP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 400 Bad Request\r\nServer: squid/3.5.20\r\nMime-Version: 1.0\r\nDate:  <REDACTED>\r\nContent-Type: text/html;charset=utf-8\r\nContent-Length: 3523\r\nX-Squid-Error: ERR_INVALID_URL 0\r\nVary: Accept-Language\r\nContent-Language: en\r\nX-Cache: MISS from ecm-401b-0029\r\nX-Cache-Lookup: NONE from ecm-401b-0029:9999\r\nVia: 1.1 ecm-401b-0029 (squid/3.5.20)\r\nConnection: close\r\n",
      "banner_hashes": [
        "sha256:4e9cf2a0e85a525e9b1d97b67c8b4fb9757cbed134c3ad01b0cc92603d26bda2"
      ],
      "banner_hex": "485454502f312e31203430302042616420526571756573740d0a5365727665723a2073717569642f332e352e32300d0a4d696d652d56657273696f6e3a20312e300d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c3b636861727365743d7574662d380d0a436f6e74656e742d4c656e6774683a20333532330d0a582d53717569642d4572726f723a204552525f494e56414c49445f55524c20300d0a566172793a204163636570742d4c616e67756167650d0a436f6e74656e742d4c616e67756167653a20656e0d0a582d43616368653a204d4953532066726f6d2065636d2d343031622d303032390d0a582d43616368652d4c6f6f6b75703a204e4f4e452066726f6d2065636d2d343031622d303032393a393939390d0a5669613a20312e312065636d2d343031622d30303239202873717569642f332e352e3230290d0a436f6e6e656374696f6e3a20636c6f73650d0a",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "HTTP",
      "http": {
        "request": {
          "method": "GET",
          "uri": "http://114.220.0.29:9999/",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 400,
          "status_reason": "Bad Request",
          "headers": {
            "Vary": [
              "Accept-Language"
            ],
            "_encoding": {
              "Vary": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Content_Length": "DISPLAY_UTF8",
              "Content_Language": "DISPLAY_UTF8",
              "X_Cache_Lookup": "DISPLAY_UTF8",
              "Via": "DISPLAY_UTF8",
              "Mime_Version": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Date": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8",
              "X_Squid_Error": "DISPLAY_UTF8",
              "X_Cache": "DISPLAY_UTF8"
            },
            "Server": [
              "squid/3.5.20"
            ],
            "Content_Length": [
              "3523"
            ],
            "Content_Language": [
              "en"
            ],
            "X_Cache_Lookup": [
              "NONE from ecm-401b-0029:9999"
            ],
            "Via": [
              "1.1 ecm-401b-0029 (squid/3.5.20)"
            ],
            "Mime_Version": [
              "1.0"
            ],
            "Content_Type": [
              "text/html;charset=utf-8"
            ],
            "Date": [
              "<REDACTED>"
            ],
            "Connection": [
              "close"
            ],
            "X_Squid_Error": [
              "ERR_INVALID_URL 0"
            ],
            "X_Cache": [
              "MISS from ecm-401b-0029"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>ERROR: The requested URL could not be retrieved</title>",
            "<meta type=\"copyright\" content=\"Copyright (C) 1996-2016 The Squid Software Foundation and contributors\">",
            "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">"
          ],
          "body_size": 3523,
          "body": "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html><head>\n<meta type=\"copyright\" content=\"Copyright (C) 1996-2016 The Squid Software Foundation and contributors\">\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<title>ERROR: The requested URL could not be retrieved</title>\n<style type=\"text/css\"><!-- \n /*\n * Copyright (C) 1996-2016 The Squid Software Foundation and contributors\n *\n * Squid software is distributed under GPLv2+ license and includes\n * contributions from numerous individuals and organizations.\n * Please see the COPYING and CONTRIBUTORS files for details.\n */\n\n/*\n Stylesheet for Squid Error pages\n Adapted from design by Free CSS Templates\n http://www.freecsstemplates.org\n Released for free under a Creative Commons Attribution 2.5 License\n*/\n\n/* Page basics */\n* {\n\tfont-family: verdana, sans-serif;\n}\n\nhtml body {\n\tmargin: 0;\n\tpadding: 0;\n\tbackground: #efefef;\n\tfont-size: 12px;\n\tcolor: #1e1e1e;\n}\n\n/* Page displayed title area */\n#titles {\n\tmargin-left: 15px;\n\tpadding: 10px;\n\tpadding-left: 100px;\n\tbackground: url('/squid-internal-static/icons/SN.png') no-repeat left;\n}\n\n/* initial title */\n#titles h1 {\n\tcolor: #000000;\n}\n#titles h2 {\n\tcolor: #000000;\n}\n\n/* special event: FTP success page titles */\n#titles ftpsuccess {\n\tbackground-color:#00ff00;\n\twidth:100%;\n}\n\n/* Page displayed body content area */\n#content {\n\tpadding: 10px;\n\tbackground: #ffffff;\n}\n\n/* General text */\np {\n}\n\n/* error brief description */\n#error p {\n}\n\n/* some data which may have caused the problem */\n#data {\n}\n\n/* the error message received from the system or other software */\n#sysmsg {\n}\n\npre {\n    font-family:sans-serif;\n}\n\n/* special event: FTP / Gopher directory listing */\n#dirmsg {\n    font-family: courier;\n    color: black;\n    font-size: 10pt;\n}\n#dirlisting {\n    margin-left: 2%;\n    margin-right: 2%;\n}\n#dirlisting tr.entry td.icon,td.filename,td.size,td.date {\n    border-bottom: groove;\n}\n#dirlisting td.size {\n    width: 50px;\n    text-align: right;\n    padding-right: 5px;\n}\n\n/* horizontal lines */\nhr {\n\tmargin: 0;\n}\n\n/* page displayed footer area */\n#footer {\n\tfont-size: 9px;\n\tpadding-left: 10px;\n}\n\n\nbody\n:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }\n:lang(he) { direction: rtl; }\n --></style>\n</head><body id=ERR_INVALID_URL>\n<div id=\"titles\">\n<h1>ERROR</h1>\n<h2>The requested URL could not be retrieved</h2>\n</div>\n<hr>\n\n<div id=\"content\">\n<p>The following error was encountered while trying to retrieve the URL: <a href=\"/\">/</a></p>\n\n<blockquote id=\"error\">\n<p><b>Invalid URL</b></p>\n</blockquote>\n\n<p>Some aspect of the requested URL is incorrect.</p>\n\n<p>Some possible problems are:</p>\n<ul>\n<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>\n<li><p>Missing hostname</p></li>\n<li><p>Illegal double-escape in the URL-Path</p></li>\n<li><p>Illegal character in hostname; underscores are not allowed.</p></li>\n</ul>\n\n<p>Your cache administrator is <a href=\"mailto:root?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20ecm-401b-0029%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Sat,%2005%20Oct%202024%2009%3A21%3A51%20GMT%0D%0A%0D%0AClientIP%3A%20167.94.146.55%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A\">root</a>.</p>\n<br>\n</div>\n\n<hr>\n<div id=\"footer\">\n<p>Generated Sat, 05 Oct 2024 09:21:51 GMT by ecm-401b-0029 (squid/3.5.20)</p>\n<!-- ERR_INVALID_URL -->\n</div>\n</body></html>\n",
          "body_hashes": [
            "sha256:65b489393c31afcb492a3bd4febd81189d332a11c9527e2ed2dbb81bab1a6cc8",
            "sha1:d2171773fa69d41b2153f034f3d4c87a82b4703c"
          ],
          "body_hash": "sha1:d2171773fa69d41b2153f034f3d4c87a82b4703c",
          "html_title": "ERROR: The requested URL could not be retrieved"
        },
        "supports_http2": false
      },
      "labels": [
        "proxy"
      ],
      "observed_at": "2024-10-05T09:21:50.361566132Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "port": 9999,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:squid\\-cache:squid:3.5.20:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Squid Cache",
          "product": "Squid",
          "version": "3.5.20",
          "other": {
            "family": "Squid"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.146.55",
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Asia",
    "country": "China",
    "country_code": "CN",
    "city": "Shanghai",
    "postal_code": "200000",
    "timezone": "Asia/Shanghai",
    "province": "Shanghai",
    "coordinates": {
      "latitude": 31.22222,
      "longitude": 121.45806
    }
  },
  "location_updated_at": "2024-10-01T02:25:31.316373822Z",
  "autonomous_system": {
    "asn": 4134,
    "description": "CHINANET-BACKBONE No.31,Jin-rong Street",
    "bgp_prefix": "114.216.0.0/13",
    "name": "CHINANET-BACKBONE No.31,Jin-rong Street",
    "country_code": "CN"
  },
  "autonomous_system_updated_at": "2024-10-01T02:25:31.316944421Z",
  "whois": {
    "network": {
      "handle": "CHINANET-JS",
      "name": "Chinanet Jiangsu Province Network",
      "cidrs": [
        "114.216.0.0/13"
      ],
      "updated": "2021-06-15T00:00:00Z"
    }
  },
  "dns": {},
  "last_updated_at": "2024-10-05T14:59:30.466Z",
  "labels": [
    "file-sharing",
    "proxy",
    "remote-access"
  ]
}