176.214.76.39
As of: Mar 29, 2023 7:09pm UTC |
Latest
{
"ip": "176.214.76.39",
"services": [
{
"_decoded": "ftp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 NASFTPD Turbo station 1.3.5a Server (ProFTPD) [192.168.1.218]\r\n",
"banner_hashes": [
"sha256:59f8e0f356b626e34d6f5d47a3f68161c0d511af2f97502e72781b14500ee9c8"
],
"banner_hex": "323230204e41534654504420547572626f2073746174696f6e20312e332e356120536572766572202850726f4654504429205b3139322e3136382e312e3231385d0d0a",
"extended_service_name": "FTP",
"ftp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"auth_tls_response": "DISPLAY_UTF8",
"auth_ssl_response": "DISPLAY_UTF8"
},
"banner": "220 NASFTPD Turbo station 1.3.5a Server (ProFTPD) [192.168.1.218]\r\n",
"auth_tls_response": "500 Command not understood.\r\n",
"auth_ssl_response": "500 Command not understood.\r\n",
"status_code": 220,
"status_meaning": "Service ready for new user.",
"implicit_tls": false
},
"labels": [
"file-sharing"
],
"observed_at": "2023-03-29T10:42:44.498968740Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 21,
"service_name": "FTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:proftpd:proftpd:1.3.5a:*:*:*:*:*:*:*",
"part": "a",
"vendor": "ProFTPD Project",
"product": "ProFTPD",
"version": "1.3.5a",
"other": {
"family": "ProFTPD"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"part": "h",
"vendor": "QNAP",
"other": {
"family": "Turbo Station",
"device": "NAS"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"other": {
"ip": "192.168.1.218"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.248.133.36",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "smtp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 mail.stack-it.ru ESMTP Postfix\r\n",
"banner_hashes": [
"sha256:4b88f2f39a2441c311cac0170d1217c616d34cba82f6e2608847eb1807eb4d83"
],
"banner_hex": "323230206d61696c2e737461636b2d69742e72752045534d545020506f73746669780d0a",
"certificate": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"extended_service_name": "SMTP-STARTTLS",
"labels": [
"email"
],
"observed_at": "2023-03-29T19:07:32.738741690Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 25,
"service_name": "SMTP",
"smtp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"ehlo": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "220 mail.stack-it.ru ESMTP Postfix\r\n",
"ehlo": "250-mail.stack-it.ru\r\n250-PIPELINING\r\n250-SIZE 524288000\r\n250-VRFY\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH PLAIN LOGIN\r\n250-AUTH=PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 DSN\r\n",
"start_tls": "220 2.0.0 Ready to start TLS\r\n"
},
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Postfix",
"product": "Postfix",
"other": {
"family": "Postfix"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.248.133.190",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"chain_fps_sha_256": [
"7c4e90207b2b7caec080426cc469908cb27b925ee3b1c999c22b8568812fda8c",
"ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99"
],
"leaf_data": {
"names": [
"*.stack-it.ru",
"stack-it.ru"
],
"subject_dn": "CN=*.stack-it.ru",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "a4c0876053a589ad9f9192c598188d5f4affa7d67be0f6eeb664497638a922c9",
"fingerprint": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"issuer": {
"common_name": [
"AlphaSSL CA - SHA256 - G4"
],
"organization": [
"GlobalSign nv-sa"
],
"country": [
"BE"
]
},
"subject": {
"common_name": [
"*.stack-it.ru"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "+gtFkdsplt5FN+JagKUr1bCzdiicMNoXTqvjaLsDL0lvYTcO6sSzQyopXyXaL6ECbEFPo9cvgcKR2pYsmimAariLVa6S0V1kUK/oZQvIMA1ZFTblGVB1OsZHeYAtYyDl9G0TpX2nK9oe1VloqAEjeLcCLZ794eIpLg52DFC/e/arjXTFJIgQkryPnk38OQFev86GBZEcoLkz9q8Uw4Ldk25k+zD6USxnD3LO3xl3tZOZsbhC3cmnP6Wye/rnwkTjCzuxbRoNWSxKrdk78THW6q/n6+7SYVCjUGCIKGxbAPSA6K0B+pPhgzCVdBhaJtEqrWlAKx2YLitNVZqnSvOLGMCvX0jSM37cYJIq2gZ2Y+e/xY0jypLcA/Fpkb7xDmSg89bXPdsi5aV2WB7ElcgTMpiqfCmWfM3Q/chk8c45jOY5ittTMQgiwYjP7xHx5P5Caa6w46oszEEfNoTr2xuTOuPUcekvmsZ/iSy81Bt/9b1nXGV1QQJOv4SRptSrhyOtfze4uTJzFUGRJJ9pd+miRW2n+XoSOKPMbUN1tKmy/KbNuHzqtwrx5Wo23wTqaQYen61ox+UydN+iO8EdJaenblKAw4Xz0NrssQsEJz3pi2d28PFrUZ5tIgFSsDAgFCWjQqoPRe4XY3Z+a40flWf46CKAh7bggBhcohEAT6KHwUk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "237b049b78d270ec56150beb3c5abae001dea8744fdef4bafd618e44aceb8f90"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7c4e90207b2b7caec080426cc469908cb27b925ee3b1c999c22b8568812fda8c",
"subject_dn": "C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
},
{
"fingerprint": "ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99",
"subject_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 23
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "303951d4c50efb2e991652225a6f02b1"
},
"transport_fingerprint": {
"raw": "14480,64,false,MSTNW,1440,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 200 OK\r\nDate: <REDACTED>\r\nServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.6.40 mod_wsgi/3.4 Python/2.7.5\r\nX-Powered-By: PHP/5.6.30\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n",
"banner_hashes": [
"sha256:c2755cb118866acec97a45ddc9a18db68f4316935c2ac379f913ff5657026b81"
],
"banner_hex": "485454502f312e3120323030204f4b0d0a446174653a20203c52454441435445443e0d0a5365727665723a204170616368652f322e342e36202843656e744f5329204f70656e53534c2f312e302e31652d66697073205048502f352e362e3430206d6f645f777367692f332e3420507974686f6e2f322e372e350d0a582d506f77657265642d42793a205048502f352e362e33300d0a5472616e736665722d456e636f64696e673a206368756e6b65640d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d5554462d380d0a",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://176.214.76.39/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 200,
"status_reason": "OK",
"headers": {
"Content_Type": [
"text/html; charset=UTF-8"
],
"_encoding": {
"Content_Type": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"X_Powered_By": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8"
},
"Server": [
"Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.6.40 mod_wsgi/3.4 Python/2.7.5"
],
"X_Powered_By": [
"PHP/5.6.30"
],
"Date": [
"<REDACTED>"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>\u041e\u041e\u041e \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0421\u0422\u0415\u041a</title>",
"<meta name=\"viewport\" content=\"width=device-width\">",
"<meta charset=\"UTF-8\">"
],
"body_size": 3262,
"body": "<html>\r\n<head>\r\n <link rel=\"shortcut icon\" href=\"indeximg/favicon.ico\" type=\"image/x-icon\">\r\n <meta name=\"viewport\" content=\"width=device-width\">\r\n <meta charset=\"UTF-8\">\r\n <title>\u041e\u041e\u041e \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0421\u0422\u0415\u041a</title>\r\n\r\n <style type=\"text/css\">\r\n body {\r\n font-family: Tahoma;\r\n background: url(\"indeximg/background.jpg\") no-repeat;\r\n -moz-background-size: 100%;\r\n -webkit-background-size: 100%;\r\n -o-background-size: 100%;\r\n /* background-size: 100%; */\r\n }\r\n ul {\r\n width: 100%;\r\n font-size: 32px;\r\n color: #7d7d7d;\r\n text-align:center;\r\n margin-left: -40px;\r\n margin-top: 27px;\r\n }\r\n li {\r\n display:inline-block;\r\n *display:inline; /*IE7*/\r\n *zoom:1; /*IE7*/\r\n }\r\n p {\r\n font-size: 24px;\r\n color: #7d7d7d;\r\n text-align: center;\r\n }\r\n .button {\r\n background: #91C46C;\r\n border-top: 1px solid #ffffff;\r\n border-left: 1px solid #ffffff;\r\n padding: 8px 60px;\r\n cursor: pointer;\r\n }\r\n .button a {\r\n color: #F8FBF6;\r\n text-decoration: none;\r\n font-size: 19px;\r\n font-weight: 100;\r\n }\r\n .footer {\r\n margin-top: 50px;\r\n font-size: 12px;\r\n color: #7d7d7d;\r\n text-align: center;\r\n }\r\n </style>\r\n\r\n</head>\r\n<body>\r\n<ul>\r\n <li style=\"max-width: 400px; margin-bottom: 30px\">\r\n <img style=\"max-width:400px; width: 100%\" src=\"indeximg/whale.png\">\r\n </li>\r\n <li style=\"max-width: 600px\">\r\n \u0414\u041e\u0411\u0420\u041e \u041f\u041e\u0416\u0410\u041b\u041e\u0412\u0410\u0422\u042c \u0412 \"\u0421\u0422\u0415\u041a\" <br><br>\r\n 150999, \u0443\u043b. \u041c\u0430\u043b\u0430\u044f \u0425\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u0430\u044f, 7\u0430 \u0420\u043e\u0441\u0441\u0438\u044f, \u042f\u0440\u043e\u0441\u043b\u0430\u0432\u043b\u044c <br> \u0442\u0435\u043b.: 8 (4852) 59-45-00 <br><br>\r\n\r\n <ul style=\"margin-top: 0\">\r\n <li class=\"button\" style=\"margin-bottom: 10px\"><a href=\"http://stack-it.ru/\" target=\"_blank\">\u0421\u0430\u0439\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438</a></li>\r\n <li class=\"button\"><a href=\"http://sd.stack-it.ru/\" target=\"_blank\">\u0412\u0445\u043e\u0434 \u0432 ServiceDesk</a></li>\r\n </ul>\r\n </li>\r\n <!--<tr>-->\r\n <!--<td height=\"300px\" valign=\"bottom\" colspan=\"2\">-->\r\n <!--<p>-->\r\n <!--\u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435! \u0423\u0432\u0430\u0436\u0430\u0435\u043c\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b!<br>-->\r\n <!--\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u041f\u041e \u041b\u0438\u0447\u043d\u044b\u0439 \u043a\u0430\u0431\u0438\u043d\u0435\u0442 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0435\u043d \u043d\u0430 \u043d\u043e\u0432\u0443\u044e \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u0443 <b>ServiceDesk</b>,<br>-->\r\n <!--\u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u0443\u044e \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443 <a href=\"http://sd.stack-it.ru/\" target=\"_blank\" style=\"color: #7d7d7d\">http://sd.stack-it.ru/</a><br><br>-->\r\n <!--\u0414\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u043d\u043e\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043b\u043e\u0433\u0438\u043d \u0438 \u043f\u0430\u0440\u043e\u043b\u044c \u0443 \u043d\u0430\u0448\u0438\u0445 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u043e\u0432.-->\r\n <!--</p>-->\r\n <!--</td>-->\r\n <!--</tr>-->\r\n</ul>\r\n\r\n<div class=\"footer\">\r\n \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430, \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435, \u0441\u043e\u043f\u0440\u043e\u0432\u043e\u0436\u0434\u0435\u043d\u0438\u0435<br>\r\n \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f<br><br>\r\n © 1993\u20142023 \u041e\u041e\u041e \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f «\u0421\u0442\u0435\u043a»\r\n</div>\r\n</body>\r\n</html>",
"favicons": [
{
"size": 4286,
"name": "http://176.214.76.39/indeximg/favicon.ico",
"md5_hash": "fbb575b4317d3ea24b0f419e52032275"
}
],
"body_hashes": [
"sha256:065b0af4a0803a5d7dc5a963def989c90774fd7f75a089c3f6b2404176aaf430",
"sha1:6bcfbf7053efcca190571f4d96461c8dec84672a"
],
"body_hash": "sha1:6bcfbf7053efcca190571f4d96461c8dec84672a",
"html_title": "\u041e\u041e\u041e \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0421\u0422\u0415\u041a"
},
"supports_http2": false
},
"observed_at": "2023-03-29T13:12:07.698660949Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 80,
"service_name": "HTTP",
"software": [
{
"product": "apache",
"other": {
"info": "(CentOS) OpenSSL/1.0.1e-fips PHP/5.6.40 mod_wsgi/3.4 Python/2.7.5"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:*:python:2.7.5:*:*:*:*:*:*:*",
"part": "a",
"product": "Python",
"version": "2.7.5",
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:modwsgi:mod_wsgi:3.4:*:*:*:*:*:*:*",
"part": "a",
"vendor": "mod_wsgi",
"product": "mod_wsgi",
"version": "3.4",
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:centos:centos:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "CentOS",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:*:openssl:1.0.1e\\-fips:*:*:*:*:*:*:*",
"part": "a",
"product": "OpenSSL",
"version": "1.0.1e-fips",
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Apache",
"product": "HTTPD",
"version": "2.4.6",
"component_uniform_resource_identifiers": [
"cpe:2.3:a:*:openssl:1.0.1e\\-fips:*:*:*:*:*:*:*",
"cpe:2.3:a:*:php:5.6.40:*:*:*:*:*:*:*",
"cpe:2.3:a:modwsgi:mod_wsgi:3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:*:python:2.7.5:*:*:*:*:*:*:*"
],
"other": {
"family": "Apache"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:*:php:5.6.30:*:*:*:*:*:*:*",
"part": "a",
"product": "PHP",
"version": "5.6.30",
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "162.142.125.226",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 403 Forbidden\r\nDate: <REDACTED>\r\nServer: Apache\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 222\r\nContent-Type: text/html; charset=iso-8859-1\r\n",
"banner_hashes": [
"sha256:e9628c9cbee5865265e019fd56baa5d18f33c3cdbf6ebd4ce60b6f98d0fd7e6e"
],
"banner_hex": "485454502f312e312034303320466f7262696464656e0d0a446174653a20203c52454441435445443e0d0a5365727665723a204170616368650d0a566172793a204163636570742d456e636f64696e670d0a436f6e74656e742d456e636f64696e673a20677a69700d0a436f6e74656e742d4c656e6774683a203232320d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d69736f2d383835392d310d0a",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://176.214.76.39:83/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 403,
"status_reason": "Forbidden",
"headers": {
"Content_Type": [
"text/html; charset=iso-8859-1"
],
"_encoding": {
"Content_Type": "DISPLAY_UTF8",
"Vary": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8"
},
"Vary": [
"Accept-Encoding"
],
"Server": [
"Apache"
],
"Date": [
"<REDACTED>"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>403 Forbidden</title>"
],
"body_size": 265,
"body": "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>403 Forbidden</title>\n</head><body>\n<h1>Forbidden</h1>\n<p>You don't have permission to access /\non this server.</p>\n<hr>\n<address>Apache Server at 176.214.76.39 Port 83</address>\n</body></html>\n",
"body_hashes": [
"sha256:2a5d8b496f13b629653bde0bdb03f6a4b7e1170890241bf187f6f5ff675d72f3",
"sha1:4b9c6cd9c775f33ea9e585705bc8072954460e30"
],
"body_hash": "sha1:4b9c6cd9c775f33ea9e585705bc8072954460e30",
"html_title": "403 Forbidden"
},
"supports_http2": false
},
"observed_at": "2023-03-29T12:58:29.738872882Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 83,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Apache",
"product": "HTTPD",
"other": {
"family": "Apache"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.126",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "pop3",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "+OK example.com Cyrus POP3 v2.4.17-Fedora-RPM-2.4.17-7.el7 server ready <[email protected]>\r\n",
"banner_hashes": [
"sha256:f4d97d542ee1a39c0af79c882a45dfebd9b1e46465dc1b88b0f47c161fb2885a"
],
"banner_hex": "2b4f4b206578616d706c652e636f6d20437972757320504f50332076322e342e31372d4665646f72612d52504d2d322e342e31372d372e656c3720736572766572207265616479203c393232383432383333343138353336303835392e31363830303836363635406578616d706c652e636f6d3e0d0a",
"extended_service_name": "POP3",
"labels": [
"email"
],
"observed_at": "2023-03-29T10:44:24.778334568Z",
"perspective_id": "PERSPECTIVE_TATA",
"pop3": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "+OK example.com Cyrus POP3 v2.4.17-Fedora-RPM-2.4.17-7.el7 server ready <[email protected]>\r\n",
"start_tls": "-ERR Unsupported command!\r\n"
},
"port": 110,
"service_name": "POP3",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:carnegie_mellon_university:cyrus_pop:2.4.17:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Carnegie Mellon University",
"product": "Cyrus POP",
"version": "2.4.17",
"other": {
"family": "Cyrus MTA"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"other": {
"domain": "example.com"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.49",
"transport_fingerprint": {
"raw": "32768,255,false,MSNN,1440,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "imap",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "* OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=PLAIN SASL-IR] example.com Cyrus IMAP v2.4.17-Fedora-RPM-2.4.17-7.el7 server ready\r\n",
"banner_hashes": [
"sha256:1946500503efad20d42056dd3fb98fc0b7455428bb3bc7562d15482e95f2d202"
],
"banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631204c49544552414c2b20494420454e41424c45205354415254544c5320415554483d504c41494e205341534c2d49525d206578616d706c652e636f6d20437972757320494d41502076322e342e31372d4665646f72612d52504d2d322e342e31372d372e656c37207365727665722072656164790d0a",
"certificate": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"extended_service_name": "IMAPS",
"imap": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "* OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=PLAIN SASL-IR] example.com Cyrus IMAP v2.4.17-Fedora-RPM-2.4.17-7.el7 server ready\r\n",
"start_tls": "a001 OK Begin TLS negotiation now\r\n"
},
"labels": [
"email"
],
"observed_at": "2023-03-29T12:39:43.336165934Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 143,
"service_name": "IMAP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.17\\-fedora\\-rpm\\-2.4.17\\-7.el7:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Carnegie Mellon University",
"product": "Cyrus IMAP",
"version": "2.4.17-Fedora-RPM-2.4.17-7.el7",
"other": {
"family": "Cyrus MTA"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.35",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_RSA_WITH_AES_128_GCM_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"chain_fps_sha_256": [
"7c4e90207b2b7caec080426cc469908cb27b925ee3b1c999c22b8568812fda8c",
"ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99"
],
"leaf_data": {
"names": [
"*.stack-it.ru",
"stack-it.ru"
],
"subject_dn": "CN=*.stack-it.ru",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "a4c0876053a589ad9f9192c598188d5f4affa7d67be0f6eeb664497638a922c9",
"fingerprint": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"issuer": {
"common_name": [
"AlphaSSL CA - SHA256 - G4"
],
"organization": [
"GlobalSign nv-sa"
],
"country": [
"BE"
]
},
"subject": {
"common_name": [
"*.stack-it.ru"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "+gtFkdsplt5FN+JagKUr1bCzdiicMNoXTqvjaLsDL0lvYTcO6sSzQyopXyXaL6ECbEFPo9cvgcKR2pYsmimAariLVa6S0V1kUK/oZQvIMA1ZFTblGVB1OsZHeYAtYyDl9G0TpX2nK9oe1VloqAEjeLcCLZ794eIpLg52DFC/e/arjXTFJIgQkryPnk38OQFev86GBZEcoLkz9q8Uw4Ldk25k+zD6USxnD3LO3xl3tZOZsbhC3cmnP6Wye/rnwkTjCzuxbRoNWSxKrdk78THW6q/n6+7SYVCjUGCIKGxbAPSA6K0B+pPhgzCVdBhaJtEqrWlAKx2YLitNVZqnSvOLGMCvX0jSM37cYJIq2gZ2Y+e/xY0jypLcA/Fpkb7xDmSg89bXPdsi5aV2WB7ElcgTMpiqfCmWfM3Q/chk8c45jOY5ittTMQgiwYjP7xHx5P5Caa6w46oszEEfNoTr2xuTOuPUcekvmsZ/iSy81Bt/9b1nXGV1QQJOv4SRptSrhyOtfze4uTJzFUGRJJ9pd+miRW2n+XoSOKPMbUN1tKmy/KbNuHzqtwrx5Wo23wTqaQYen61ox+UydN+iO8EdJaenblKAw4Xz0NrssQsEJz3pi2d28PFrUZ5tIgFSsDAgFCWjQqoPRe4XY3Z+a40flWf46CKAh7bggBhcohEAT6KHwUk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "237b049b78d270ec56150beb3c5abae001dea8744fdef4bafd618e44aceb8f90"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7c4e90207b2b7caec080426cc469908cb27b925ee3b1c999c22b8568812fda8c",
"subject_dn": "C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
},
{
"fingerprint": "ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99",
"subject_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "ccd5709d4a9027ec272e98b9924c36f7"
},
"transport_fingerprint": {
"raw": "14480,64,false,MSTNW,1440,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 200 OK\r\nDate: <REDACTED>\r\nServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.6.40 mod_wsgi/3.4 Python/2.7.5\r\nX-Powered-By: PHP/5.6.40\r\nContent-Length: 3262\r\nContent-Type: text/html; charset=UTF-8\r\n",
"banner_hashes": [
"sha256:7d2d71a849514efb5395530df0d6b2b104177a6d94c187e50960f8148036cdc0"
],
"banner_hex": "485454502f312e3120323030204f4b0d0a446174653a20203c52454441435445443e0d0a5365727665723a204170616368652f322e342e36202843656e744f5329204f70656e53534c2f312e302e31652d66697073205048502f352e362e3430206d6f645f777367692f332e3420507974686f6e2f322e372e350d0a582d506f77657265642d42793a205048502f352e362e34300d0a436f6e74656e742d4c656e6774683a20333236320d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d5554462d380d0a",
"certificate": "6d2b542c41230938be5f86019cd671c4a45da0b0c5165d468d7c9e9d44515810",
"extended_service_name": "HTTPS",
"http": {
"request": {
"method": "GET",
"uri": "https://176.214.76.39/",
"headers": {
"Accept": [
"*/*"
],
"_encoding": {
"Accept": "DISPLAY_UTF8",
"User_Agent": "DISPLAY_UTF8"
},
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 200,
"status_reason": "OK",
"headers": {
"Date": [
"<REDACTED>"
],
"_encoding": {
"Date": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"X_Powered_By": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8"
},
"Content_Length": [
"3262"
],
"Content_Type": [
"text/html; charset=UTF-8"
],
"X_Powered_By": [
"PHP/5.6.40"
],
"Server": [
"Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.6.40 mod_wsgi/3.4 Python/2.7.5"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>\u041e\u041e\u041e \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0421\u0422\u0415\u041a</title>",
"<meta name=\"viewport\" content=\"width=device-width\">",
"<meta charset=\"UTF-8\">"
],
"body_size": 3262,
"body": "<html>\r\n<head>\r\n <link rel=\"shortcut icon\" href=\"indeximg/favicon.ico\" type=\"image/x-icon\">\r\n <meta name=\"viewport\" content=\"width=device-width\">\r\n <meta charset=\"UTF-8\">\r\n <title>\u041e\u041e\u041e \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0421\u0422\u0415\u041a</title>\r\n\r\n <style type=\"text/css\">\r\n body {\r\n font-family: Tahoma;\r\n background: url(\"indeximg/background.jpg\") no-repeat;\r\n -moz-background-size: 100%;\r\n -webkit-background-size: 100%;\r\n -o-background-size: 100%;\r\n /* background-size: 100%; */\r\n }\r\n ul {\r\n width: 100%;\r\n font-size: 32px;\r\n color: #7d7d7d;\r\n text-align:center;\r\n margin-left: -40px;\r\n margin-top: 27px;\r\n }\r\n li {\r\n display:inline-block;\r\n *display:inline; /*IE7*/\r\n *zoom:1; /*IE7*/\r\n }\r\n p {\r\n font-size: 24px;\r\n color: #7d7d7d;\r\n text-align: center;\r\n }\r\n .button {\r\n background: #91C46C;\r\n border-top: 1px solid #ffffff;\r\n border-left: 1px solid #ffffff;\r\n padding: 8px 60px;\r\n cursor: pointer;\r\n }\r\n .button a {\r\n color: #F8FBF6;\r\n text-decoration: none;\r\n font-size: 19px;\r\n font-weight: 100;\r\n }\r\n .footer {\r\n margin-top: 50px;\r\n font-size: 12px;\r\n color: #7d7d7d;\r\n text-align: center;\r\n }\r\n </style>\r\n\r\n</head>\r\n<body>\r\n<ul>\r\n <li style=\"max-width: 400px; margin-bottom: 30px\">\r\n <img style=\"max-width:400px; width: 100%\" src=\"indeximg/whale.png\">\r\n </li>\r\n <li style=\"max-width: 600px\">\r\n \u0414\u041e\u0411\u0420\u041e \u041f\u041e\u0416\u0410\u041b\u041e\u0412\u0410\u0422\u042c \u0412 \"\u0421\u0422\u0415\u041a\" <br><br>\r\n 150999, \u0443\u043b. \u041c\u0430\u043b\u0430\u044f \u0425\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u0430\u044f, 7\u0430 \u0420\u043e\u0441\u0441\u0438\u044f, \u042f\u0440\u043e\u0441\u043b\u0430\u0432\u043b\u044c <br> \u0442\u0435\u043b.: 8 (4852) 59-45-00 <br><br>\r\n\r\n <ul style=\"margin-top: 0\">\r\n <li class=\"button\" style=\"margin-bottom: 10px\"><a href=\"http://stack-it.ru/\" target=\"_blank\">\u0421\u0430\u0439\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438</a></li>\r\n <li class=\"button\"><a href=\"http://sd.stack-it.ru/\" target=\"_blank\">\u0412\u0445\u043e\u0434 \u0432 ServiceDesk</a></li>\r\n </ul>\r\n </li>\r\n <!--<tr>-->\r\n <!--<td height=\"300px\" valign=\"bottom\" colspan=\"2\">-->\r\n <!--<p>-->\r\n <!--\u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435! \u0423\u0432\u0430\u0436\u0430\u0435\u043c\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b!<br>-->\r\n <!--\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u041f\u041e \u041b\u0438\u0447\u043d\u044b\u0439 \u043a\u0430\u0431\u0438\u043d\u0435\u0442 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0435\u043d \u043d\u0430 \u043d\u043e\u0432\u0443\u044e \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u0443 <b>ServiceDesk</b>,<br>-->\r\n <!--\u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u0443\u044e \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443 <a href=\"http://sd.stack-it.ru/\" target=\"_blank\" style=\"color: #7d7d7d\">http://sd.stack-it.ru/</a><br><br>-->\r\n <!--\u0414\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u043d\u043e\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043b\u043e\u0433\u0438\u043d \u0438 \u043f\u0430\u0440\u043e\u043b\u044c \u0443 \u043d\u0430\u0448\u0438\u0445 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u043e\u0432.-->\r\n <!--</p>-->\r\n <!--</td>-->\r\n <!--</tr>-->\r\n</ul>\r\n\r\n<div class=\"footer\">\r\n \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430, \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435, \u0441\u043e\u043f\u0440\u043e\u0432\u043e\u0436\u0434\u0435\u043d\u0438\u0435<br>\r\n \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f<br><br>\r\n © 1993\u20142023 \u041e\u041e\u041e \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f «\u0421\u0442\u0435\u043a»\r\n</div>\r\n</body>\r\n</html>",
"favicons": [
{
"size": 4286,
"name": "https://176.214.76.39/indeximg/favicon.ico",
"md5_hash": "fbb575b4317d3ea24b0f419e52032275"
}
],
"body_hashes": [
"sha256:065b0af4a0803a5d7dc5a963def989c90774fd7f75a089c3f6b2404176aaf430",
"sha1:6bcfbf7053efcca190571f4d96461c8dec84672a"
],
"body_hash": "sha1:6bcfbf7053efcca190571f4d96461c8dec84672a",
"html_title": "\u041e\u041e\u041e \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0421\u0422\u0415\u041a"
},
"supports_http2": false
},
"observed_at": "2023-03-28T15:56:33.684605595Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 443,
"service_name": "HTTP",
"software": [
{
"product": "apache",
"other": {
"info": "(CentOS) OpenSSL/1.0.1e-fips PHP/5.6.40 mod_wsgi/3.4 Python/2.7.5"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:*:python:2.7.5:*:*:*:*:*:*:*",
"part": "a",
"product": "Python",
"version": "2.7.5",
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:modwsgi:mod_wsgi:3.4:*:*:*:*:*:*:*",
"part": "a",
"vendor": "mod_wsgi",
"product": "mod_wsgi",
"version": "3.4",
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:centos:centos:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "CentOS",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:*:openssl:1.0.1e\\-fips:*:*:*:*:*:*:*",
"part": "a",
"product": "OpenSSL",
"version": "1.0.1e-fips",
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Apache",
"product": "HTTPD",
"version": "2.4.6",
"component_uniform_resource_identifiers": [
"cpe:2.3:a:*:openssl:1.0.1e\\-fips:*:*:*:*:*:*:*",
"cpe:2.3:a:*:php:5.6.40:*:*:*:*:*:*:*",
"cpe:2.3:a:modwsgi:mod_wsgi:3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:*:python:2.7.5:*:*:*:*:*:*:*"
],
"other": {
"family": "Apache"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:*:php:5.6.40:*:*:*:*:*:*:*",
"part": "a",
"product": "PHP",
"version": "5.6.40",
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.35",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "6d2b542c41230938be5f86019cd671c4a45da0b0c5165d468d7c9e9d44515810",
"leaf_data": {
"names": [
"platimvmeste.ru",
"www.platimvmeste.ru"
],
"subject_dn": "OU=Domain Control Validated, OU=PositiveSSL, CN=platimvmeste.ru",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "ac9bc641dc4c2f34dae08f2510574c8b2dda8b9acfa53554e03035d651d1c010",
"fingerprint": "6d2b542c41230938be5f86019cd671c4a45da0b0c5165d468d7c9e9d44515810",
"issuer": {
"common_name": [
"COMODO RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"COMODO CA Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"platimvmeste.ru"
],
"organizational_unit": [
"Domain Control Validated",
"PositiveSSL"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "50XmS/1EeDjG497G0BNJ/PN4ne3+LOXBBdkytGFWa7Any965HaE076uhp95jjbgDXERn3kslJGpiahBW0AvApEprNkZDWuC2aAZ1kixypEkhM2NWwxPOKMibwXGfW6kBdSJe6/8VZSkS+Cn0MBci3Pjhh+O3NZyza8kWEsMNpTier5y3aQhWS9EcabBEtrJP+qqa+KpUNAqNdRCQyt2F9LwroyNll3L+txcFHvLA7Gbk3wTgGTo3yQg07Mo7NudlL2QofgpEkxhsKIEOEHAa5hQKq4AP6GWYN1mkTCt/Kfk7jUNXWDEpG9kg87ldAnzj8AQ9Ohy2pvO53pN6z6Gdow==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "cb1c6c4f5868842652ef77f4e1f4e824be904aef3237bf18b7efe219373be9c2"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
}
},
"server_key_exchange": {
"ec_params": {
"named_curve": 23
}
},
"session_ticket": {
"length": 192,
"lifetime_hint": 300
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "ccc514751b175866924439bdbb5bba34"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "imap",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "* OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE AUTH=PLAIN SASL-IR] example.com Cyrus IMAP v2.4.17-Fedora-RPM-2.4.17-7.el7 server ready\r\n",
"banner_hashes": [
"sha256:1e84dbe3d57cc3346aa06d6a58399264a253b177ca05f8361de2813f5968172d"
],
"banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631204c49544552414c2b20494420454e41424c4520415554483d504c41494e205341534c2d49525d206578616d706c652e636f6d20437972757320494d41502076322e342e31372d4665646f72612d52504d2d322e342e31372d372e656c37207365727665722072656164790d0a",
"certificate": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"extended_service_name": "IMAPS",
"imap": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "* OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE AUTH=PLAIN SASL-IR] example.com Cyrus IMAP v2.4.17-Fedora-RPM-2.4.17-7.el7 server ready\r\n"
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "05d02d12d04d04d05c05d02d05d04da441f40918707087561e2af18cf76f0e",
"cipher_and_version_fingerprint": "05d02d12d04d04d05c05d02d05d04d",
"tls_extensions_sha256": "a441f40918707087561e2af18cf76f0e",
"observed_at": "2023-03-14T14:25:12.832544335Z"
},
"labels": [
"email"
],
"observed_at": "2023-03-29T00:39:19.381748643Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 993,
"service_name": "IMAP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:cmu:cyrus_imap_server:2.4.17\\-fedora\\-rpm\\-2.4.17\\-7.el7:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Carnegie Mellon University",
"product": "Cyrus IMAP",
"version": "2.4.17-Fedora-RPM-2.4.17-7.el7",
"other": {
"family": "Cyrus MTA"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.34",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_RSA_WITH_AES_128_GCM_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"chain_fps_sha_256": [
"7c4e90207b2b7caec080426cc469908cb27b925ee3b1c999c22b8568812fda8c",
"ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99"
],
"leaf_data": {
"names": [
"*.stack-it.ru",
"stack-it.ru"
],
"subject_dn": "CN=*.stack-it.ru",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "a4c0876053a589ad9f9192c598188d5f4affa7d67be0f6eeb664497638a922c9",
"fingerprint": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"issuer": {
"common_name": [
"AlphaSSL CA - SHA256 - G4"
],
"organization": [
"GlobalSign nv-sa"
],
"country": [
"BE"
]
},
"subject": {
"common_name": [
"*.stack-it.ru"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "+gtFkdsplt5FN+JagKUr1bCzdiicMNoXTqvjaLsDL0lvYTcO6sSzQyopXyXaL6ECbEFPo9cvgcKR2pYsmimAariLVa6S0V1kUK/oZQvIMA1ZFTblGVB1OsZHeYAtYyDl9G0TpX2nK9oe1VloqAEjeLcCLZ794eIpLg52DFC/e/arjXTFJIgQkryPnk38OQFev86GBZEcoLkz9q8Uw4Ldk25k+zD6USxnD3LO3xl3tZOZsbhC3cmnP6Wye/rnwkTjCzuxbRoNWSxKrdk78THW6q/n6+7SYVCjUGCIKGxbAPSA6K0B+pPhgzCVdBhaJtEqrWlAKx2YLitNVZqnSvOLGMCvX0jSM37cYJIq2gZ2Y+e/xY0jypLcA/Fpkb7xDmSg89bXPdsi5aV2WB7ElcgTMpiqfCmWfM3Q/chk8c45jOY5ittTMQgiwYjP7xHx5P5Caa6w46oszEEfNoTr2xuTOuPUcekvmsZ/iSy81Bt/9b1nXGV1QQJOv4SRptSrhyOtfze4uTJzFUGRJJ9pd+miRW2n+XoSOKPMbUN1tKmy/KbNuHzqtwrx5Wo23wTqaQYen61ox+UydN+iO8EdJaenblKAw4Xz0NrssQsEJz3pi2d28PFrUZ5tIgFSsDAgFCWjQqoPRe4XY3Z+a40flWf46CKAh7bggBhcohEAT6KHwUk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "237b049b78d270ec56150beb3c5abae001dea8744fdef4bafd618e44aceb8f90"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7c4e90207b2b7caec080426cc469908cb27b925ee3b1c999c22b8568812fda8c",
"subject_dn": "C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
},
{
"fingerprint": "ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99",
"subject_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "ccd5709d4a9027ec272e98b9924c36f7"
},
"transport_fingerprint": {
"raw": "14480,64,false,MSTNW,1440,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "pop3",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "+OK example.com Cyrus POP3 v2.4.17-Fedora-RPM-2.4.17-7.el7 server ready <[email protected]>\r\n",
"banner_hashes": [
"sha256:caf3364a090e03a74f2e8e5a3c5da7e1345d40890ea8e269b1151f9647cdb28a"
],
"banner_hex": "2b4f4b206578616d706c652e636f6d20437972757320504f50332076322e342e31372d4665646f72612d52504d2d322e342e31372d372e656c3720736572766572207265616479203c373038343533313331353434343037383734372e31363830313136393733406578616d706c652e636f6d3e0d0a",
"certificate": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"extended_service_name": "POP3S",
"labels": [
"email"
],
"observed_at": "2023-03-29T19:09:32.588042702Z",
"perspective_id": "PERSPECTIVE_NTT",
"pop3": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "+OK example.com Cyrus POP3 v2.4.17-Fedora-RPM-2.4.17-7.el7 server ready <[email protected]>\r\n"
},
"port": 995,
"service_name": "POP3",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:carnegie_mellon_university:cyrus_pop:2.4.17:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Carnegie Mellon University",
"product": "Cyrus POP",
"version": "2.4.17",
"other": {
"family": "Cyrus MTA"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"other": {
"domain": "example.com"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.248.133.38",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_RSA_WITH_AES_128_GCM_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"chain_fps_sha_256": [
"7c4e90207b2b7caec080426cc469908cb27b925ee3b1c999c22b8568812fda8c",
"ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99"
],
"leaf_data": {
"names": [
"*.stack-it.ru",
"stack-it.ru"
],
"subject_dn": "CN=*.stack-it.ru",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "a4c0876053a589ad9f9192c598188d5f4affa7d67be0f6eeb664497638a922c9",
"fingerprint": "419681facd0c2ce64bcf9cf846fdbbcdee1e02fedff5b5fc1e2d73ecf07cdf71",
"issuer": {
"common_name": [
"AlphaSSL CA - SHA256 - G4"
],
"organization": [
"GlobalSign nv-sa"
],
"country": [
"BE"
]
},
"subject": {
"common_name": [
"*.stack-it.ru"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "+gtFkdsplt5FN+JagKUr1bCzdiicMNoXTqvjaLsDL0lvYTcO6sSzQyopXyXaL6ECbEFPo9cvgcKR2pYsmimAariLVa6S0V1kUK/oZQvIMA1ZFTblGVB1OsZHeYAtYyDl9G0TpX2nK9oe1VloqAEjeLcCLZ794eIpLg52DFC/e/arjXTFJIgQkryPnk38OQFev86GBZEcoLkz9q8Uw4Ldk25k+zD6USxnD3LO3xl3tZOZsbhC3cmnP6Wye/rnwkTjCzuxbRoNWSxKrdk78THW6q/n6+7SYVCjUGCIKGxbAPSA6K0B+pPhgzCVdBhaJtEqrWlAKx2YLitNVZqnSvOLGMCvX0jSM37cYJIq2gZ2Y+e/xY0jypLcA/Fpkb7xDmSg89bXPdsi5aV2WB7ElcgTMpiqfCmWfM3Q/chk8c45jOY5ittTMQgiwYjP7xHx5P5Caa6w46oszEEfNoTr2xuTOuPUcekvmsZ/iSy81Bt/9b1nXGV1QQJOv4SRptSrhyOtfze4uTJzFUGRJJ9pd+miRW2n+XoSOKPMbUN1tKmy/KbNuHzqtwrx5Wo23wTqaQYen61ox+UydN+iO8EdJaenblKAw4Xz0NrssQsEJz3pi2d28PFrUZ5tIgFSsDAgFCWjQqoPRe4XY3Z+a40flWf46CKAh7bggBhcohEAT6KHwUk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "237b049b78d270ec56150beb3c5abae001dea8744fdef4bafd618e44aceb8f90"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7c4e90207b2b7caec080426cc469908cb27b925ee3b1c999c22b8568812fda8c",
"subject_dn": "C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
},
{
"fingerprint": "ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99",
"subject_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA",
"issuer_dn": "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "ccd5709d4a9027ec272e98b9924c36f7"
},
"transport_fingerprint": {
"raw": "14480,64,false,MSTNW,1440,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "\\s\u0000\u000b\u0001\u0000\u000b\u0001\u0000\u0000\u0000\\f",
"banner_grab": {
"_encoding": {
"banner": "DISPLAY_BASE64"
},
"banner": "XHMACwEACwEAAABcZg==",
"transport": "TCP"
},
"banner_hashes": [
"sha256:ecfe4935aa7e8fc86cc5ee5496cabaa20b5af34d95d4931643c2fc0c74d35ace"
],
"banner_hex": "5c73000b01000b010000005c66",
"extended_service_name": "UNKNOWN",
"observed_at": "2023-03-28T19:22:16.320723189Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 15000,
"service_name": "UNKNOWN",
"source_ip": "167.94.138.36",
"transport_fingerprint": {
"raw": "1480,255,false,,0,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX"
},
"banner": "",
"banner_grab": {
"transport": "TCP"
},
"banner_hashes": [
"sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
],
"certificate": "97476614e71332c09b6350e1e046ee1e7a61ed2d6c9a924a8e93ae4c657dc1da",
"extended_service_name": "UNKNOWN",
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "05d02d20d21d20d05c05d02d05d20d74fcf6501ae7a92319e575bfafd2a827",
"cipher_and_version_fingerprint": "05d02d20d21d20d05c05d02d05d20d",
"tls_extensions_sha256": "74fcf6501ae7a92319e575bfafd2a827",
"observed_at": "2023-03-25T16:15:19.050674215Z"
},
"observed_at": "2023-03-29T19:07:36.664679465Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 15151,
"service_name": "UNKNOWN",
"source_ip": "162.142.125.214",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "97476614e71332c09b6350e1e046ee1e7a61ed2d6c9a924a8e93ae4c657dc1da",
"leaf_data": {
"subject_dn": "C=ru, ST=Yaroslavl, O=stack, OU=stack, CN=Dispatcher",
"issuer_dn": "[email protected], C=ru, ST=Yaroslavl, L=Yaroslavl, O=stack, OU=stack, CN=stack, [email protected]",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "415f30978f6e3a1eb2b7d70fd75bf507f24f36af58b53ff36b520a9bcdbe89a3",
"fingerprint": "97476614e71332c09b6350e1e046ee1e7a61ed2d6c9a924a8e93ae4c657dc1da",
"issuer": {
"common_name": [
"stack"
],
"locality": [
"Yaroslavl"
],
"organization": [
"stack"
],
"organizational_unit": [
"stack"
],
"province": [
"Yaroslavl"
],
"country": [
"ru"
],
"email_address": [
"[email protected]"
]
},
"subject": {
"common_name": [
"Dispatcher"
],
"organization": [
"stack"
],
"organizational_unit": [
"stack"
],
"province": [
"Yaroslavl"
],
"country": [
"ru"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "6QereBHK92mKBKhTJMnBeFAMCecDXn8WiDJFEv7OSZ1XvIv/NIYMVn6zj5+RthArrE6w5xcPJ3lvH0IYMZKF4AFKBriy2EM9RcxGLZ10mHkl5lwBeOm/QnPiaPdLjsyjVwVsfh4Asvmoq/o23NLg04MdKlk3wg8rvltpleO6Q5fXbEHxc8HVHeGZ6pbPo8SyLldNulTfn7kbIVPuIjLe8zcp/YxRJzn3CPcGN8Fhvcwg8oPXR3oCxyLD1ievQLJe7WqBudw6MoNj2pDghRdbgnnLMDgvN/DrPOkCxaLp6kZqeLOVnudpfoZvU9TT775Q7KGLScKU5i58Zu+jcrY7XYWgFTMrGOtl2DxNbnMZR8OGLM51muSER/pTFF+rH2h7NmeIzf4FFBDIbHQ64XL/lj5OtTaGCjHL1VihsyhG5sYBeoU5zFQ20J+WF4v2UM+esgbEPcQ/ejDisFSaUT/FPmUKrg9UFbVjlZN3+L+PTDwDoTiv+3DAnlDOBhCnTtDpZoduFL026nlll4ALpZA3UFUMio28BGrRg3H+hZIzZRYMqU5KBBAhB8lRtPSR9ykpPZsAdRTXhk7ilBswYSzKzAUQCiyDSC56wuU2YUMr9rEqFv4AKqqTD50qi7pHJSwTi0R9oACfnulyn+06NdowVIceq3D8QHL4E93oMPa1cD0=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "bf599990d9622c133ecfa823a6f53b538b076e63d0ba9bddb81ed0e445c93d55"
},
"signature": {
"signature_algorithm": "SHA1-RSA",
"self_signed": false
}
}
},
"server_key_exchange": {
"ec_params": {
"named_curve": 23
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "303951d4c50efb2e991652225a6f02b1"
},
"transport_fingerprint": {
"raw": "1480,255,false,,0,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 401 Authorization Required\r\nDate: <REDACTED>\r\nServer: Apache\r\nX-Frame-Options: SAMEORIGIN\r\nWWW-Authenticate: Basic realm=\"VisualSVN Server\"\r\nContent-Length: 401\r\nContent-Type: text/html; charset=iso-8859-1\r\n",
"banner_hashes": [
"sha256:560ac5df69f9d5bf0e905ef1b5f8b3a2f70dbc3619c6b7e8086adc449e28dcc4"
],
"banner_hex": "485454502f312e312034303120417574686f72697a6174696f6e2052657175697265640d0a446174653a20203c52454441435445443e0d0a5365727665723a204170616368650d0a582d4672616d652d4f7074696f6e733a2053414d454f524947494e0d0a5757572d41757468656e7469636174653a204261736963207265616c6d3d2256697375616c53564e20536572766572220d0a436f6e74656e742d4c656e6774683a203430310d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d69736f2d383835392d310d0a",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://176.214.76.39:54321/",
"headers": {
"Accept": [
"*/*"
],
"_encoding": {
"Accept": "DISPLAY_UTF8",
"User_Agent": "DISPLAY_UTF8"
},
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 401,
"status_reason": "Authorization Required",
"headers": {
"Date": [
"<REDACTED>"
],
"_encoding": {
"Date": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"Www_Authenticate": "DISPLAY_UTF8",
"X_Frame_Options": "DISPLAY_UTF8"
},
"Content_Length": [
"401"
],
"Content_Type": [
"text/html; charset=iso-8859-1"
],
"Server": [
"Apache"
],
"Www_Authenticate": [
"Basic realm=\"VisualSVN Server\""
],
"X_Frame_Options": [
"SAMEORIGIN"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>401 Authorization Required</title>"
],
"body_size": 401,
"body": "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>401 Authorization Required</title>\n</head><body>\n<h1>Authorization Required</h1>\n<p>This server could not verify that you\nare authorized to access the document\nrequested. Either you supplied the wrong\ncredentials (e.g., bad password), or your\nbrowser doesn't understand how to supply\nthe credentials required.</p>\n</body></html>\n",
"body_hashes": [
"sha256:a0f4bdb216ccd677e0e7260a3fad50a7dc056db1fee3837fab920237306e802c",
"sha1:e8aa02e6125d266ba60000f7735767347e76bafb"
],
"body_hash": "sha1:e8aa02e6125d266ba60000f7735767347e76bafb",
"html_title": "401 Authorization Required"
},
"supports_http2": false
},
"observed_at": "2023-03-28T19:40:22.456261212Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 54321,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Apache",
"product": "HTTPD",
"other": {
"family": "Apache"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "162.142.125.225",
"transport_protocol": "TCP",
"truncated": false
}
],
"location": {
"continent": "Europe",
"country": "Russia",
"country_code": "RU",
"city": "Yaroslavl",
"postal_code": "150522",
"timezone": "Europe/Moscow",
"province": "Yaroslavl Oblast",
"coordinates": {
"latitude": 57.4977,
"longitude": 39.7458
},
"registered_country": "Russia",
"registered_country_code": "RU"
},
"location_updated_at": "2023-03-17T15:53:18.135436Z",
"autonomous_system": {
"asn": 51819,
"description": "YAR-AS",
"bgp_prefix": "176.214.64.0/19",
"name": "YAR-AS",
"country_code": "RU"
},
"autonomous_system_updated_at": "2023-03-25T04:47:31.704826Z",
"operating_system": {
"uniform_resource_identifier": "cpe:2.3:o:centos:centos:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "CentOS",
"product": "Linux",
"other": {
"family": "Linux"
}
},
"dns": {
"names": [
"sd.stack-it.ru",
"lkul.stack-it.ru",
"lk-exchange.stack-it.ru",
"lkul-api.stack-it.ru",
"mail.stack-it.ru",
"www.sd.stack-it.ru"
],
"records": {
"sd.stack-it.ru": {
"record_type": "A",
"resolved_at": "2023-03-02T19:28:40.227167153Z"
},
"lkul-api.stack-it.ru": {
"record_type": "A",
"resolved_at": "2023-03-19T02:55:14.262810044Z"
},
"lkul.stack-it.ru": {
"record_type": "A",
"resolved_at": "2023-03-28T05:00:40.408616084Z"
},
"www.sd.stack-it.ru": {
"record_type": "A",
"resolved_at": "2023-03-28T22:01:53.068775344Z"
},
"lk-exchange.stack-it.ru": {
"record_type": "A",
"resolved_at": "2023-03-24T21:04:42.401728067Z"
},
"mail.stack-it.ru": {
"record_type": "A",
"resolved_at": "2023-03-14T03:45:56.328401842Z"
}
},
"reverse_dns": {
"names": [
"mail.stack-it.ru"
],
"resolved_at": "2023-03-27T11:32:42.522212242Z"
}
},
"last_updated_at": "2023-03-29T19:09:33.498Z",
"labels": [
"email",
"file-sharing"
]
}