139.162.252.4

As of: Feb 01, 2023 1:20am UTC | Latest
{
  "ip": "139.162.252.4",
  "services": [
    {
      "_decoded": "ssh",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5",
      "banner_hashes": [
        "sha256:06fb0c01d3a2a962b56d99bbce69166fe6ceb99184ee4d7f3cbc62739a480bd4"
      ],
      "banner_hex": "5353482d322e302d4f70656e5353485f382e327031205562756e74752d347562756e7475302e35",
      "extended_service_name": "SSH",
      "observed_at": "2023-01-31T17:52:26.237284903Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 22,
      "service_name": "SSH",
      "software": [
        {
          "product": "openssh",
          "other": {
            "comment": "Ubuntu-4ubuntu0.5"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Ubuntu",
          "product": "Linux",
          "version": "20.04",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:openbsd:openssh:8.2:p1:*:*:*:*:*:*",
          "part": "a",
          "vendor": "OpenBSD",
          "product": "OpenSSH",
          "version": "8.2",
          "update": "p1",
          "other": {
            "family": "OpenSSH"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.138.118",
      "ssh": {
        "endpoint_id": {
          "_encoding": {
            "raw": "DISPLAY_UTF8"
          },
          "raw": "SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5",
          "protocol_version": "2.0",
          "software_version": "OpenSSH_8.2p1",
          "comment": "Ubuntu-4ubuntu0.5"
        },
        "kex_init_message": {
          "kex_algorithms": [
            "curve25519-sha256",
            "[email protected]",
            "ecdh-sha2-nistp256",
            "ecdh-sha2-nistp384",
            "ecdh-sha2-nistp521",
            "diffie-hellman-group-exchange-sha256",
            "diffie-hellman-group16-sha512",
            "diffie-hellman-group18-sha512",
            "diffie-hellman-group14-sha256"
          ],
          "host_key_algorithms": [
            "rsa-sha2-512",
            "rsa-sha2-256",
            "ssh-rsa",
            "ecdsa-sha2-nistp256",
            "ssh-ed25519"
          ],
          "client_to_server_ciphers": [
            "[email protected]",
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "[email protected]",
            "[email protected]"
          ],
          "server_to_client_ciphers": [
            "[email protected]",
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "[email protected]",
            "[email protected]"
          ],
          "client_to_server_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "server_to_client_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "client_to_server_compression": [
            "none",
            "[email protected]"
          ],
          "server_to_client_compression": [
            "none",
            "[email protected]"
          ],
          "first_kex_follows": false
        },
        "algorithm_selection": {
          "kex_algorithm": "[email protected]",
          "host_key_algorithm": "ecdsa-sha2-nistp256",
          "client_to_server_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          },
          "server_to_client_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          }
        },
        "server_host_key": {
          "fingerprint_sha256": "0213adae2e5479b8b74c6679388ad5c40b586e5b1409cfd35f1131e48941e509",
          "ecdsa_public_key": {
            "_encoding": {
              "b": "DISPLAY_BASE64",
              "gx": "DISPLAY_BASE64",
              "gy": "DISPLAY_BASE64",
              "n": "DISPLAY_BASE64",
              "p": "DISPLAY_BASE64",
              "x": "DISPLAY_BASE64",
              "y": "DISPLAY_BASE64"
            },
            "b": "WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=",
            "curve": "P-256",
            "gx": "axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=",
            "gy": "T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=",
            "length": 256,
            "n": "/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=",
            "p": "/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=",
            "x": "/OkvbkGwMyJ5EaqEbO6FGnpGHMBSZKuxYoWI7u9/TFw=",
            "y": "DTKauOsts1xr+VYJIfFpl08LTCWR9hEEwP1zG2EsRKs="
          }
        },
        "hassh_fingerprint": "3ccd1778a76049721c71ad7d2bf62bbc"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "banner_grab",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Tue, 31 Jan 2023 10:22:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 248\r\nConnection: close\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
      "banner_grab": {
        "_encoding": {
          "banner": "DISPLAY_BASE64"
        },
        "banner": "SFRUUC8xLjEgNDAwIEJhZCBSZXF1ZXN0DQpTZXJ2ZXI6IG5naW54DQpEYXRlOiBUdWUsIDMxIEphbiAyMDIzIDEwOjIyOjQ2IEdNVA0KQ29udGVudC1UeXBlOiB0ZXh0L2h0bWwNCkNvbnRlbnQtTGVuZ3RoOiAyNDgNCkNvbm5lY3Rpb246IGNsb3NlDQpTdHJpY3QtVHJhbnNwb3J0LVNlY3VyaXR5OiBtYXgtYWdlPTMxNTM2MDAwOyBpbmNsdWRlU3ViRG9tYWlucw0KDQo8aHRtbD4NCjxoZWFkPjx0aXRsZT40MDAgVGhlIHBsYWluIEhUVFAgcmVxdWVzdCB3YXMgc2VudCB0byBIVFRQUyBwb3J0PC90aXRsZT48L2hlYWQ+DQo8Ym9keT4NCjxjZW50ZXI+PGgxPjQwMCBCYWQgUmVxdWVzdDwvaDE+PC9jZW50ZXI+DQo8Y2VudGVyPlRoZSBwbGFpbiBIVFRQIHJlcXVlc3Qgd2FzIHNlbnQgdG8gSFRUUFMgcG9ydDwvY2VudGVyPg0KPGhyPjxjZW50ZXI+bmdpbng8L2NlbnRlcj4NCjwvYm9keT4NCjwvaHRtbD4NCg==",
        "transport": "TCP"
      },
      "banner_hashes": [
        "sha256:3d0de60eda3cae4dd49910a35adc03afcfe22bc7808b106a8bf823a37a5b7e43"
      ],
      "banner_hex": "485454502f312e31203430302042616420526571756573740d0a5365727665723a206e67696e780d0a446174653a205475652c203331204a616e20323032332031303a32323a343620474d540d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203234380d0a436f6e6e656374696f6e3a20636c6f73650d0a5374726963742d5472616e73706f72742d53656375726974793a206d61782d6167653d33313533363030303b20696e636c756465537562446f6d61696e730d0a0d0a3c68746d6c3e0d0a3c686561643e3c7469746c653e3430302054686520706c61696e20485454502072657175657374207761732073656e7420746f20485454505320706f72743c2f7469746c653e3c2f686561643e0d0a3c626f64793e0d0a3c63656e7465723e3c68313e3430302042616420526571756573743c2f68313e3c2f63656e7465723e0d0a3c63656e7465723e54686520706c61696e20485454502072657175657374207761732073656e7420746f20485454505320706f72743c2f63656e7465723e0d0a3c68723e3c63656e7465723e6e67696e783c2f63656e7465723e0d0a3c2f626f64793e0d0a3c2f68746d6c3e0d0a",
      "certificate": "c3a87b57ce5e0be3d0e1a5cc98e27b954eb351ae0dacb298834dae8ba42c52eb",
      "extended_service_name": "UNKNOWN",
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "3fd3fd0003fd3fd00042d42d0000002059a3b916699461c5923779b77cf06b",
        "cipher_and_version_fingerprint": "3fd3fd0003fd3fd00042d42d000000",
        "tls_extensions_sha256": "2059a3b916699461c5923779b77cf06b",
        "observed_at": "2023-01-26T18:31:21.120518488Z"
      },
      "observed_at": "2023-01-31T10:22:43.092730482Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 443,
      "service_name": "UNKNOWN",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "167.94.138.46",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "c3a87b57ce5e0be3d0e1a5cc98e27b954eb351ae0dacb298834dae8ba42c52eb",
          "leaf_data": {
            "subject_dn": "C=US, O=SpinupWP",
            "issuer_dn": "C=US, O=SpinupWP",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "53a121e3e0ba1572d6d880686d4c1d6f453b44070c8ee3e9a8ceb7c32bd76bc2",
            "fingerprint": "c3a87b57ce5e0be3d0e1a5cc98e27b954eb351ae0dacb298834dae8ba42c52eb",
            "issuer": {
              "organization": [
                "SpinupWP"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "organization": [
                "SpinupWP"
              ],
              "country": [
                "US"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5ozxBOPllJshO/zxZNo4QDrF/UXWPIdrRE6YDVhcLkwxSvi6Tu9EYj/uKSsO7QKvANJeCFYGntze52OlKt6Te/TVBHZscP8LaNL4Fn1YqmRK7owR7vJrbC+o37xE0DyF+FWN6dH+h2yn07UMAzhTzOSihnlXxInazz2ZsW9Mpn+iyvOtal1ji1JLSGSw5LI5REpvTJ1ywmIlxldXM3YY/t2z7nLESg20WKfTbMDP98xzsb8ofoZgJGtVC5nwPJ+604nap3xPI27DlHjN4hPM/ytPhz/sdOtD+f1Y3gIfSy5pRy1JEp3UWVUerXJIWXd9ubBm44Ru3cTnBcYyPjoD+w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "45506497d6bc250c4b456c87e9444ac82846de0d2780bc54e5a5701b3f298d4c"
            },
            "signature": {
              "self_signed": true,
              "signature_algorithm": "SHA256-RSA"
            }
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "15af977ce25de452b96affa2addb1036"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Europe",
    "country": "United Kingdom",
    "country_code": "GB",
    "city": "London",
    "postal_code": "EC2V",
    "timezone": "Europe/London",
    "province": "England",
    "coordinates": {
      "latitude": 51.5095,
      "longitude": -0.0955
    },
    "registered_country": "Netherlands",
    "registered_country_code": "NL"
  },
  "location_updated_at": "2023-01-29T05:16:45.358676Z",
  "autonomous_system": {
    "asn": 63949,
    "description": "AKAMAI-AP Akamai Technologies, Inc.",
    "bgp_prefix": "139.162.224.0/19",
    "name": "AKAMAI-AP Akamai Technologies, Inc.",
    "country_code": "SG"
  },
  "autonomous_system_updated_at": "2023-01-29T05:16:45.359936Z",
  "operating_system": {
    "uniform_resource_identifier": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:*:*:*:*",
    "part": "o",
    "vendor": "Ubuntu",
    "product": "Linux",
    "version": "20.04",
    "other": {
      "family": "Linux"
    }
  },
  "dns": {
    "names": [
      "citysightseeingoxford.com",
      "li1537-4.members.linode.com",
      "www.circassia.co.uk",
      "www.forktrucks.ltd.uk",
      "www.therealwood.co.uk",
      "forktrucks.ltd.uk.production.purplefrogapp.com",
      "organisationdiagnostic.healthprocurementafrica.org",
      "julestemp.purplefrogapp.com",
      "www.lithiumlifttrucks.com",
      "www.lithiumlifttrucks.co.uk",
      "www.realwood.co.uk",
      "hpaassessment.staging.purplefrogapp.com",
      "leander.staging.purplefrogapp.com",
      "hpaassessment.production.purplefrogapp.com",
      "hpaorgdiagnostic.production.purplefrogapp.com",
      "lithiumlifttrucks.com.production.purplefrogapp.com",
      "assessment.healthprocurementafrica.org",
      "www.citysightseeingoxford.com",
      "lithiumforktrucks.co.uk.production.purplefrogapp.com",
      "realwood.production.purplefrogapp.com",
      "hpaorgdiagnostic.staging.purplefrogapp.com",
      "citysightseeingoxford.production.purplefrogapp.com",
      "lithiumlifttrucks.co.uk.production.purplefrogapp.com",
      "www.rwfco.co.uk",
      "www.prosonix.co.uk",
      "www.gloucesterlifttrucks.co.uk",
      "lithiumforktrucks.multisite.production.purplefrogapp.com",
      "pharmacysundries.production.purplefrogapp.com",
      "jules.host.purplefrogapp.com",
      "gloucesterlifttrucks.production.purplefrogapp.com",
      "www.pharmacysundries.com",
      "www.scrumpie.co.uk",
      "circassia.production.purplefrogapp.com",
      "www.realwoodfurniture.co.uk",
      "www.rwfco.com",
      "lithiumforktrucks.com.production.purplefrogapp.com",
      "www.lithiumforktrucks.com"
    ],
    "records": {
      "circassia.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-30T13:49:46.434352230Z"
      },
      "hpaassessment.staging.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-07T13:59:30.404805618Z"
      },
      "forktrucks.ltd.uk.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-05T13:57:43.343802209Z"
      },
      "citysightseeingoxford.com": {
        "record_type": "A",
        "resolved_at": "2023-01-10T13:06:36.184534058Z"
      },
      "li1537-4.members.linode.com": {
        "record_type": "A",
        "resolved_at": "2023-01-25T13:42:43.047445687Z"
      },
      "www.circassia.co.uk": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-02T16:54:53.553986124Z"
      },
      "pharmacysundries.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-10T13:41:24.868372671Z"
      },
      "www.rwfco.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-31T14:12:53.529032037Z"
      },
      "www.pharmacysundries.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-24T13:35:39.106420792Z"
      },
      "lithiumlifttrucks.com.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-07T13:59:30.225475437Z"
      },
      "www.rwfco.co.uk": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-03T16:16:40.329836071Z"
      },
      "hpaorgdiagnostic.staging.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-04T13:47:57.804861334Z"
      },
      "www.lithiumlifttrucks.co.uk": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-21T18:06:00.253709795Z"
      },
      "www.lithiumlifttrucks.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-25T13:43:10.462908869Z"
      },
      "hpaorgdiagnostic.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-04T13:47:57.009603356Z"
      },
      "hpaassessment.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-29T14:00:44.291834368Z"
      },
      "www.lithiumforktrucks.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-21T13:34:15.689333479Z"
      },
      "www.therealwood.co.uk": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-21T18:08:47.052669292Z"
      },
      "julestemp.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-22T13:50:49.245439073Z"
      },
      "organisationdiagnostic.healthprocurementafrica.org": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-15T20:53:21.959974920Z"
      },
      "leander.staging.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-21T13:53:28.154868559Z"
      },
      "realwood.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-22T17:00:30.167229974Z"
      },
      "www.prosonix.co.uk": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-25T17:29:03.512538117Z"
      },
      "citysightseeingoxford.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-14T13:49:58.720499357Z"
      },
      "www.scrumpie.co.uk": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-26T04:53:46.809616579Z"
      },
      "www.gloucesterlifttrucks.co.uk": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-29T18:15:13.862579059Z"
      },
      "gloucesterlifttrucks.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-29T14:00:44.264246591Z"
      },
      "lithiumlifttrucks.co.uk.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-18T13:51:28.664394736Z"
      },
      "jules.host.purplefrogapp.com": {
        "record_type": "A",
        "resolved_at": "2023-01-17T13:43:11.279038615Z"
      },
      "www.realwood.co.uk": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-22T17:00:29.922307826Z"
      },
      "www.realwoodfurniture.co.uk": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-21T19:51:55.564971840Z"
      },
      "lithiumforktrucks.com.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-17T13:43:11.361800540Z"
      },
      "www.citysightseeingoxford.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-05T21:33:59.984895628Z"
      },
      "lithiumforktrucks.co.uk.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-24T13:37:08.795003711Z"
      },
      "assessment.healthprocurementafrica.org": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-20T15:06:20.313991346Z"
      },
      "www.forktrucks.ltd.uk": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-18T05:37:43.011398913Z"
      },
      "lithiumforktrucks.multisite.production.purplefrogapp.com": {
        "record_type": "CNAME",
        "resolved_at": "2023-01-16T14:12:27.763370186Z"
      }
    },
    "reverse_dns": {
      "names": [
        "li1537-4.members.linode.com"
      ],
      "resolved_at": "2023-01-26T02:58:58.199746707Z"
    }
  },
  "last_updated_at": "2023-02-01T01:20:03.742Z"
}