212.85.125.218

As of: Oct 06, 2024 10:45am UTC | Latest
{
  "ip": "212.85.125.218",
  "services": [
    {
      "_decoded": "ftp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220-Idea FTP Server 6.2.0 (localhost) [212.85.125.218]\r\n220 Ready\r\n",
      "banner_hashes": [
        "sha256:7eb822b8f1050a4b127ff33751a80495dd68bb929197aac25f5834a14c0af256"
      ],
      "banner_hex": "3232302d49646561204654502053657276657220362e322e3020286c6f63616c686f737429205b3231322e38352e3132352e3231385d0d0a3232302052656164790d0a",
      "certificate": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "FTPes",
      "ftp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "auth_tls_response": "DISPLAY_UTF8"
        },
        "banner": "220-Idea FTP Server 6.2.0 (localhost) [212.85.125.218]\r\n220 Ready\r\n",
        "auth_tls_response": "234 AUTH command successful.\r\n",
        "status_code": 220,
        "status_meaning": "Service ready for new user.",
        "implicit_tls": false
      },
      "labels": [
        "file-sharing"
      ],
      "observed_at": "2024-10-05T10:36:05.385312513Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 21,
      "service_name": "FTP",
      "source_ip": "167.94.138.57",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
          "chain_fps_sha_256": [
            "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
            "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
            "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e"
          ],
          "leaf_data": {
            "names": [
              "*.home.pl",
              "home.pl"
            ],
            "subject_dn": "CN=*.home.pl",
            "issuer_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "b807971c7c77a9b1d29605c36800a6de0b187340a2aa0086a88d70656f313845",
            "fingerprint": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
            "issuer": {
              "common_name": [
                "Certyfikat SSL"
              ],
              "organization": [
                "home.pl S.A."
              ],
              "country": [
                "PL"
              ]
            },
            "subject": {
              "common_name": [
                "*.home.pl"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5vsb3m8t53OmPOeuFMuLbTjRCOvJq87kcgnhz1EuMJPGFenPS+TqlgjPmDaTqyFIas1ouLzMA/WOXOA3oRsAKGJ9b/Bo9hb1JikVqjwIEMYrQQa8M9d4e0LrPr0Dv539XsfkOU+tOETU7isAaDtqmEaPaaHyMr2UgQHAIwN5WgYKrvGJKnk8199QNSV8Xq5bO5qxg6LMysAM6yicQIp1QrRgd6HqsgPb+kM51UFAkySCbU0JGdgSkUVmGatxALl/jpLcBGDTxFPFcPgrXOl2qe1Ub4OrXM/GCTgmDrEXOJPzhdnEHqI0fjfpT9JCDBs6e/ZKnlq1dAU/3IxiGavz5w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1a7e3e768f8709c2b3a45327e0af99ea1429f0ee8f081c085c3a271340b09ce7"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
              "subject_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2"
            },
            {
              "fingerprint": "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            },
            {
              "fingerprint": "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "15af977ce25de452b96affa2addb1036",
        "ja4s": "t130200_1302_a56c5b993250"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 misiontek.pl ESMTP Mailsystemx\r\n",
      "banner_hashes": [
        "sha256:fe29c77ac844338053814d6071f6d0489eeb4c372a0e0488a0eeeb5f74e61015"
      ],
      "banner_hex": "323230206d6973696f6e74656b2e706c2045534d5450204d61696c73797374656d780d0a",
      "certificate": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
      "extended_service_name": "SMTP-STARTTLS",
      "labels": [
        "email"
      ],
      "observed_at": "2024-10-06T06:26:01.678480682Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "port": 25,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8",
          "start_tls": "DISPLAY_UTF8"
        },
        "banner": "220 misiontek.pl ESMTP Mailsystemx\r\n",
        "ehlo": "250-misiontek.pl\r\n250-PIPELINING\r\n250-SIZE 157286400\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250 CHUNKING\r\n",
        "start_tls": "220 2.0.0 Ready to start TLS\r\n"
      },
      "source_ip": "167.94.146.63",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
          "chain_fps_sha_256": [
            "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
            "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
            "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e"
          ],
          "leaf_data": {
            "names": [
              "*.home.pl",
              "home.pl"
            ],
            "subject_dn": "CN=*.home.pl",
            "issuer_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "b807971c7c77a9b1d29605c36800a6de0b187340a2aa0086a88d70656f313845",
            "fingerprint": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
            "issuer": {
              "common_name": [
                "Certyfikat SSL"
              ],
              "organization": [
                "home.pl S.A."
              ],
              "country": [
                "PL"
              ]
            },
            "subject": {
              "common_name": [
                "*.home.pl"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5vsb3m8t53OmPOeuFMuLbTjRCOvJq87kcgnhz1EuMJPGFenPS+TqlgjPmDaTqyFIas1ouLzMA/WOXOA3oRsAKGJ9b/Bo9hb1JikVqjwIEMYrQQa8M9d4e0LrPr0Dv539XsfkOU+tOETU7isAaDtqmEaPaaHyMr2UgQHAIwN5WgYKrvGJKnk8199QNSV8Xq5bO5qxg6LMysAM6yicQIp1QrRgd6HqsgPb+kM51UFAkySCbU0JGdgSkUVmGatxALl/jpLcBGDTxFPFcPgrXOl2qe1Ub4OrXM/GCTgmDrEXOJPzhdnEHqI0fjfpT9JCDBs6e/ZKnlq1dAU/3IxiGavz5w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1a7e3e768f8709c2b3a45327e0af99ea1429f0ee8f081c085c3a271340b09ce7"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
              "subject_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2"
            },
            {
              "fingerprint": "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            },
            {
              "fingerprint": "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891",
        "ja4s": "t130200_1303_a56c5b993250"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 200 OK\r\nDate:  <REDACTED>\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: IdeaWebServer/6.2.0\r\nContent-Encoding: gzip\r\n",
      "banner_hashes": [
        "sha256:9540f9bcc26389b929373116511950894a918b58ddee691928d060f328f7eaa8"
      ],
      "banner_hex": "485454502f312e3120323030204f4b0d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a5472616e736665722d456e636f64696e673a206368756e6b65640d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a5365727665723a20496465615765625365727665722f362e322e300d0a436f6e74656e742d456e636f64696e673a20677a69700d0a",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "HTTP",
      "http": {
        "request": {
          "method": "GET",
          "uri": "http://212.85.125.218/",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 200,
          "status_reason": "OK",
          "headers": {
            "Date": [
              "<REDACTED>"
            ],
            "_encoding": {
              "Date": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Content_Encoding": "DISPLAY_UTF8",
              "Transfer_Encoding": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8"
            },
            "Server": [
              "IdeaWebServer/6.2.0"
            ],
            "Content_Encoding": [
              "gzip"
            ],
            "Transfer_Encoding": [
              "chunked"
            ],
            "Content_Type": [
              "text/html"
            ],
            "Connection": [
              "keep-alive"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>home.pl: Nr 1 w Polsce. Domeny, Hosting, Serwery WWW, Strony, eSklep, Office 365</title>",
            "<meta name=\"keywords\" content=\"domena, domeny, serwer www, serwery www, konto email, poczta, sklep internetowy, certyfikat ssl\" />",
            "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">",
            "<meta http-equiv=\"Refresh\" content=\"12; url=https://home.pl/?utm_source=parking&utm_medium=auto&utm_campaign=brak_akcji\">"
          ],
          "body_size": 2204,
          "body": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\n<html><head>\n\n\n<title>home.pl: Nr 1 w Polsce. Domeny, Hosting, Serwery WWW, Strony, eSklep, Office 365</title>\n<meta name=\"keywords\" content=\"domena, domeny, serwer www, serwery www, konto email, poczta, sklep internetowy, certyfikat ssl\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\n<script type='text/javascript' src='http://homeads.home.pl/ads/www/delivery/spcjs.php?id=2'></script>\n<meta http-equiv=\"Refresh\" content=\"12; url=https://home.pl/?utm_source=parking&utm_medium=auto&utm_campaign=brak_akcji\">\n<style type=\"text/css\">\n    <!--\n    P,TD,TH { font-size: 9pt; font-family: Verdana, Tahoma, Arial, sans-serif; }\n    SMALL { font-size: 7.5pt; font-family: Verdana, Tahoma, Arial, sans-serif; }\n\t\tA             { text-decoration: none; }\n\t\tA:hover       { color: #CC3300; text-decoration: underline; }\n\t\tA.leftmenu    { color: #000000; }\n    -->\n</style>\n</head><body bgcolor=\"#ffffff\" link=\"#003399\" text=\"#333333\" vlink=\"#003399\">\n<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" height=\"100%\" width=\"100%\">\n<tbody><tr><td align=\"center\"><p style=\"width: 750px; text-align: left; margin: 0 0 6px 0; color:#999;\"><small>REKLAMA</small></p>\n<script type='text/javascript'><!--// <![CDATA[\n    OA_show(2);\n// ]]> --></script>\n<noscript>\n<a target='_blank' href='http://homeads.home.pl/ads/www/delivery/ck.php?n=f90e22f'><img border='0' alt='' src='http://homeads.home.pl/ads/www/delivery/avw.php?zoneid=2&n=f90e22f' /></a>\n</noscript>\n<p style=\"margin-top: 40px;\">Obs\u0142ug\u0119 techniczn\u0105 <a href=\"https://home.pl/?utm_source=parking_logo\" class=\"leftmenu\">domeny</a> <b>212.85.125.218</b> zapewnia <a href=\"https://home.pl/?utm_source=parking_logo\" class=\"leftmenu\"><b>hom<span style=\"color: rgb(204, 51, 0);\">e</span>.pl</b></a> - najwi\u0119kszy w Polsce dostawca us\u0142ug internetowych. <br></p>\n<p><font size=\"1\">Copyright &#169; 1997-2024 <a href=\"http://home.pl/\" class=\"leftmenu\"><b>hom<span style=\"color: rgb(204, 51, 0);\">e</span>.pl</b></a>. All Rights Reserved.<br>\nKontakt: <a href=\"https://home.pl/kontakt\">https://home.pl/kontakt</a>, 504 502 500</font>\n</p></td></tr>\n</tbody></table>\n</body></html>\n",
          "body_hashes": [
            "sha256:5cd96014c2d93fb4c9c0fda4d35467b2519fe235404f285418dd433fb0cbbb25",
            "sha1:247c819b6e22fd7f5cf282ec5c04f3fb00d89f0f"
          ],
          "body_hash": "sha1:247c819b6e22fd7f5cf282ec5c04f3fb00d89f0f",
          "html_title": "home.pl: Nr 1 w Polsce. Domeny, Hosting, Serwery WWW, Strony, eSklep, Office 365"
        },
        "supports_http2": false
      },
      "observed_at": "2024-10-06T05:22:38.775043424Z",
      "perspective_id": "PERSPECTIVE_PCCW",
      "port": 80,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:home.pl:idea_web_server:6.2.0:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "home.pl",
          "product": "Idea Web Server",
          "version": "6.2.0",
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "199.45.154.141",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "pop3",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "+OK Dovecot ready.\r\n",
      "banner_hashes": [
        "sha256:095c6dbf7d6290d9c885271a78f82e11a7df7c9a8733d4e13236b47608e527c4"
      ],
      "banner_hex": "2b4f4b20446f7665636f742072656164792e0d0a",
      "certificate": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "POP3S",
      "labels": [
        "email"
      ],
      "observed_at": "2024-10-05T17:58:46.648404582Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "pop3": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "start_tls": "DISPLAY_UTF8"
        },
        "banner": "+OK Dovecot ready.\r\n",
        "start_tls": "+OK Begin TLS negotiation now.\r\n"
      },
      "port": 110,
      "service_name": "POP3",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Dovecot",
          "product": "Dovecot",
          "other": {
            "family": "Dovecot"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.146.53",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
          "chain_fps_sha_256": [
            "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
            "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
            "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e"
          ],
          "leaf_data": {
            "names": [
              "*.home.pl",
              "home.pl"
            ],
            "subject_dn": "CN=*.home.pl",
            "issuer_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "b807971c7c77a9b1d29605c36800a6de0b187340a2aa0086a88d70656f313845",
            "fingerprint": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
            "issuer": {
              "common_name": [
                "Certyfikat SSL"
              ],
              "organization": [
                "home.pl S.A."
              ],
              "country": [
                "PL"
              ]
            },
            "subject": {
              "common_name": [
                "*.home.pl"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5vsb3m8t53OmPOeuFMuLbTjRCOvJq87kcgnhz1EuMJPGFenPS+TqlgjPmDaTqyFIas1ouLzMA/WOXOA3oRsAKGJ9b/Bo9hb1JikVqjwIEMYrQQa8M9d4e0LrPr0Dv539XsfkOU+tOETU7isAaDtqmEaPaaHyMr2UgQHAIwN5WgYKrvGJKnk8199QNSV8Xq5bO5qxg6LMysAM6yicQIp1QrRgd6HqsgPb+kM51UFAkySCbU0JGdgSkUVmGatxALl/jpLcBGDTxFPFcPgrXOl2qe1Ub4OrXM/GCTgmDrEXOJPzhdnEHqI0fjfpT9JCDBs6e/ZKnlq1dAU/3IxiGavz5w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1a7e3e768f8709c2b3a45327e0af99ea1429f0ee8f081c085c3a271340b09ce7"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
              "subject_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2"
            },
            {
              "fingerprint": "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            },
            {
              "fingerprint": "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891",
        "ja4s": "t130200_1303_a56c5b993250"
      },
      "transport_fingerprint": {
        "raw": "31856,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "imap",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.\r\n",
      "banner_hashes": [
        "sha256:6bbb57521067d37a1d9f59c01b41df949b35ccc44edbf97bbbe2d0cdcb0e81a4"
      ],
      "banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c45204c49544552414c2b205354415254544c5320415554483d504c41494e20415554483d4c4f47494e5d20446f7665636f742072656164792e0d0a",
      "certificate": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "IMAPS",
      "imap": {
        "_encoding": {
          "banner": "DISPLAY_UTF8"
        },
        "banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.\r\n",
        "start_tls": "a001 OK Begin TLS negotiation now.\r\n"
      },
      "labels": [
        "email"
      ],
      "observed_at": "2024-10-05T06:36:37.869539927Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "port": 143,
      "service_name": "IMAP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Dovecot",
          "product": "Dovecot",
          "other": {
            "family": "Dovecot"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.146.57",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
          "chain_fps_sha_256": [
            "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
            "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
            "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e"
          ],
          "leaf_data": {
            "names": [
              "*.home.pl",
              "home.pl"
            ],
            "subject_dn": "CN=*.home.pl",
            "issuer_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "b807971c7c77a9b1d29605c36800a6de0b187340a2aa0086a88d70656f313845",
            "fingerprint": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
            "issuer": {
              "common_name": [
                "Certyfikat SSL"
              ],
              "organization": [
                "home.pl S.A."
              ],
              "country": [
                "PL"
              ]
            },
            "subject": {
              "common_name": [
                "*.home.pl"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5vsb3m8t53OmPOeuFMuLbTjRCOvJq87kcgnhz1EuMJPGFenPS+TqlgjPmDaTqyFIas1ouLzMA/WOXOA3oRsAKGJ9b/Bo9hb1JikVqjwIEMYrQQa8M9d4e0LrPr0Dv539XsfkOU+tOETU7isAaDtqmEaPaaHyMr2UgQHAIwN5WgYKrvGJKnk8199QNSV8Xq5bO5qxg6LMysAM6yicQIp1QrRgd6HqsgPb+kM51UFAkySCbU0JGdgSkUVmGatxALl/jpLcBGDTxFPFcPgrXOl2qe1Ub4OrXM/GCTgmDrEXOJPzhdnEHqI0fjfpT9JCDBs6e/ZKnlq1dAU/3IxiGavz5w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1a7e3e768f8709c2b3a45327e0af99ea1429f0ee8f081c085c3a271340b09ce7"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
              "subject_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2"
            },
            {
              "fingerprint": "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            },
            {
              "fingerprint": "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891",
        "ja4s": "t130200_1303_a56c5b993250",
        "versions": [
          {
            "tls_version": "TLSv1_3",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "475c9302dc42b2751db9edcac3b74891",
            "ja4s": "t130200_1303_a56c5b993250"
          }
        ]
      },
      "transport_fingerprint": {
        "raw": "31856,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate:  <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 226\r\nConnection: close\r\n",
      "banner_hashes": [
        "sha256:2fd6b95be8bae01207ccbeabe5ac2344607a36eefd2fcff14bb5ab02e4301356"
      ],
      "banner_hex": "485454502f312e31203430302042616420526571756573740d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203232360d0a436f6e6e656374696f6e3a20636c6f73650d0a",
      "discovery_method": "PREDICTIVE_METHOD_7",
      "extended_service_name": "HTTP",
      "http": {
        "request": {
          "method": "GET",
          "uri": "http://212.85.125.218:443/",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 400,
          "status_reason": "Bad Request",
          "headers": {
            "Date": [
              "<REDACTED>"
            ],
            "_encoding": {
              "Date": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Content_Length": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8"
            },
            "Server": [
              "nginx"
            ],
            "Content_Length": [
              "226"
            ],
            "Content_Type": [
              "text/html"
            ],
            "Connection": [
              "close"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>Oops! 400 The plain HTTP request was sent to HTTPS port</title>"
          ],
          "body_size": 226,
          "body": "<html>\r\n<head><title>Oops! 400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n</body>\r\n</html>\r\n",
          "body_hashes": [
            "sha256:43479af0320a9adab84005d76ef634d98db5b737204ce2c8ea60efcf8c2eb7ae",
            "sha1:dba44e21cff1de79cb32c598fceafd6d12d75467"
          ],
          "body_hash": "sha1:dba44e21cff1de79cb32c598fceafd6d12d75467",
          "html_title": "Oops! 400 The plain HTTP request was sent to HTTPS port"
        },
        "supports_http2": false
      },
      "observed_at": "2024-10-04T22:13:31.092316712Z",
      "perspective_id": "PERSPECTIVE_PCCW",
      "port": 443,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "nginx",
          "product": "nginx",
          "other": {
            "family": "nginx"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "199.45.154.124",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 misiontek.pl ESMTP Mailsystemx\r\n",
      "banner_hashes": [
        "sha256:fe29c77ac844338053814d6071f6d0489eeb4c372a0e0488a0eeeb5f74e61015"
      ],
      "banner_hex": "323230206d6973696f6e74656b2e706c2045534d5450204d61696c73797374656d780d0a",
      "certificate": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "SMTPS",
      "labels": [
        "email"
      ],
      "observed_at": "2024-10-06T00:21:08.472384131Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 465,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8"
        },
        "banner": "220 misiontek.pl ESMTP Mailsystemx\r\n",
        "ehlo": "250-misiontek.pl\r\n250-PIPELINING\r\n250-SIZE 157286400\r\n250-ETRN\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250 CHUNKING\r\n"
      },
      "source_ip": "167.94.138.47",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
          "chain_fps_sha_256": [
            "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
            "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
            "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e"
          ],
          "leaf_data": {
            "names": [
              "*.home.pl",
              "home.pl"
            ],
            "subject_dn": "CN=*.home.pl",
            "issuer_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "b807971c7c77a9b1d29605c36800a6de0b187340a2aa0086a88d70656f313845",
            "fingerprint": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
            "issuer": {
              "common_name": [
                "Certyfikat SSL"
              ],
              "organization": [
                "home.pl S.A."
              ],
              "country": [
                "PL"
              ]
            },
            "subject": {
              "common_name": [
                "*.home.pl"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5vsb3m8t53OmPOeuFMuLbTjRCOvJq87kcgnhz1EuMJPGFenPS+TqlgjPmDaTqyFIas1ouLzMA/WOXOA3oRsAKGJ9b/Bo9hb1JikVqjwIEMYrQQa8M9d4e0LrPr0Dv539XsfkOU+tOETU7isAaDtqmEaPaaHyMr2UgQHAIwN5WgYKrvGJKnk8199QNSV8Xq5bO5qxg6LMysAM6yicQIp1QrRgd6HqsgPb+kM51UFAkySCbU0JGdgSkUVmGatxALl/jpLcBGDTxFPFcPgrXOl2qe1Ub4OrXM/GCTgmDrEXOJPzhdnEHqI0fjfpT9JCDBs6e/ZKnlq1dAU/3IxiGavz5w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1a7e3e768f8709c2b3a45327e0af99ea1429f0ee8f081c085c3a271340b09ce7"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
              "subject_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2"
            },
            {
              "fingerprint": "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            },
            {
              "fingerprint": "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891",
        "ja4s": "t130200_1303_a56c5b993250",
        "versions": [
          {
            "tls_version": "TLSv1_3",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "475c9302dc42b2751db9edcac3b74891",
            "ja4s": "t130200_1303_a56c5b993250"
          },
          {
            "tls_version": "TLSv1_2",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "d25619cb77d3219fc9fc14cb6b35eacc",
            "ja4s": "t120200_cca8_344b4dce5a52"
          }
        ]
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 misiontek.pl ESMTP Mailsystemx\r\n",
      "banner_hashes": [
        "sha256:fe29c77ac844338053814d6071f6d0489eeb4c372a0e0488a0eeeb5f74e61015"
      ],
      "banner_hex": "323230206d6973696f6e74656b2e706c2045534d5450204d61696c73797374656d780d0a",
      "certificate": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
      "extended_service_name": "SMTP-STARTTLS",
      "labels": [
        "email"
      ],
      "observed_at": "2024-10-06T03:20:49.833361591Z",
      "perspective_id": "PERSPECTIVE_PCCW",
      "port": 587,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8",
          "start_tls": "DISPLAY_UTF8"
        },
        "banner": "220 misiontek.pl ESMTP Mailsystemx\r\n",
        "ehlo": "250-misiontek.pl\r\n250-PIPELINING\r\n250-SIZE 157286400\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250 CHUNKING\r\n",
        "start_tls": "220 2.0.0 Ready to start TLS\r\n"
      },
      "source_ip": "199.45.154.153",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
          "chain_fps_sha_256": [
            "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
            "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
            "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e"
          ],
          "leaf_data": {
            "names": [
              "*.home.pl",
              "home.pl"
            ],
            "subject_dn": "CN=*.home.pl",
            "issuer_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "b807971c7c77a9b1d29605c36800a6de0b187340a2aa0086a88d70656f313845",
            "fingerprint": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
            "issuer": {
              "common_name": [
                "Certyfikat SSL"
              ],
              "organization": [
                "home.pl S.A."
              ],
              "country": [
                "PL"
              ]
            },
            "subject": {
              "common_name": [
                "*.home.pl"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5vsb3m8t53OmPOeuFMuLbTjRCOvJq87kcgnhz1EuMJPGFenPS+TqlgjPmDaTqyFIas1ouLzMA/WOXOA3oRsAKGJ9b/Bo9hb1JikVqjwIEMYrQQa8M9d4e0LrPr0Dv539XsfkOU+tOETU7isAaDtqmEaPaaHyMr2UgQHAIwN5WgYKrvGJKnk8199QNSV8Xq5bO5qxg6LMysAM6yicQIp1QrRgd6HqsgPb+kM51UFAkySCbU0JGdgSkUVmGatxALl/jpLcBGDTxFPFcPgrXOl2qe1Ub4OrXM/GCTgmDrEXOJPzhdnEHqI0fjfpT9JCDBs6e/ZKnlq1dAU/3IxiGavz5w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1a7e3e768f8709c2b3a45327e0af99ea1429f0ee8f081c085c3a271340b09ce7"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
              "subject_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2"
            },
            {
              "fingerprint": "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            },
            {
              "fingerprint": "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891",
        "ja4s": "t130200_1303_a56c5b993250"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "ftp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220-Idea FTP Server 6.2.0 (localhost) [212.85.125.218]\r\n220 Ready\r\n",
      "banner_hashes": [
        "sha256:7eb822b8f1050a4b127ff33751a80495dd68bb929197aac25f5834a14c0af256"
      ],
      "banner_hex": "3232302d49646561204654502053657276657220362e322e3020286c6f63616c686f737429205b3231322e38352e3132352e3231385d0d0a3232302052656164790d0a",
      "certificate": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "FTPS",
      "ftp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8"
        },
        "banner": "220-Idea FTP Server 6.2.0 (localhost) [212.85.125.218]\r\n220 Ready\r\n",
        "implicit_tls": true,
        "status_code": 220,
        "status_meaning": "Service ready for new user."
      },
      "labels": [
        "file-sharing"
      ],
      "observed_at": "2024-10-05T00:07:09.356099406Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 990,
      "service_name": "FTP",
      "source_ip": "206.168.34.193",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
          "chain_fps_sha_256": [
            "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
            "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
            "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e"
          ],
          "leaf_data": {
            "names": [
              "*.home.pl",
              "home.pl"
            ],
            "subject_dn": "CN=*.home.pl",
            "issuer_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "b807971c7c77a9b1d29605c36800a6de0b187340a2aa0086a88d70656f313845",
            "fingerprint": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
            "issuer": {
              "common_name": [
                "Certyfikat SSL"
              ],
              "organization": [
                "home.pl S.A."
              ],
              "country": [
                "PL"
              ]
            },
            "subject": {
              "common_name": [
                "*.home.pl"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5vsb3m8t53OmPOeuFMuLbTjRCOvJq87kcgnhz1EuMJPGFenPS+TqlgjPmDaTqyFIas1ouLzMA/WOXOA3oRsAKGJ9b/Bo9hb1JikVqjwIEMYrQQa8M9d4e0LrPr0Dv539XsfkOU+tOETU7isAaDtqmEaPaaHyMr2UgQHAIwN5WgYKrvGJKnk8199QNSV8Xq5bO5qxg6LMysAM6yicQIp1QrRgd6HqsgPb+kM51UFAkySCbU0JGdgSkUVmGatxALl/jpLcBGDTxFPFcPgrXOl2qe1Ub4OrXM/GCTgmDrEXOJPzhdnEHqI0fjfpT9JCDBs6e/ZKnlq1dAU/3IxiGavz5w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1a7e3e768f8709c2b3a45327e0af99ea1429f0ee8f081c085c3a271340b09ce7"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
              "subject_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2"
            },
            {
              "fingerprint": "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            },
            {
              "fingerprint": "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "15af977ce25de452b96affa2addb1036",
        "ja4s": "t130200_1302_a56c5b993250",
        "versions": [
          {
            "tls_version": "TLSv1_3",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "15af977ce25de452b96affa2addb1036",
            "ja4s": "t130200_1302_a56c5b993250"
          },
          {
            "tls_version": "TLSv1_2",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "0debd3853f330c574b05e0b6d882dc27",
            "ja4s": "t120200_c030_344b4dce5a52"
          },
          {
            "tls_version": "TLSv1_1",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "ce815ab6e37127ab1cb9fe33d3ba250d",
            "ja4s": "t110200_c014_344b4dce5a52"
          }
        ]
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "imap",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot ready.\r\n",
      "banner_hashes": [
        "sha256:9fa634d81d68ef4e1e3b5f551a9e29411262794be17b6dff29abacd32d69acd2"
      ],
      "banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c45204c49544552414c2b20415554483d504c41494e20415554483d4c4f47494e5d20446f7665636f742072656164792e0d0a",
      "certificate": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
      "discovery_method": "PREDICTIVE_METHOD_15",
      "extended_service_name": "IMAPS",
      "imap": {
        "_encoding": {
          "banner": "DISPLAY_UTF8"
        },
        "banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot ready.\r\n"
      },
      "labels": [
        "email"
      ],
      "observed_at": "2024-10-05T00:08:35.638028779Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 993,
      "service_name": "IMAP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Dovecot",
          "product": "Dovecot",
          "other": {
            "family": "Dovecot"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.138.54",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
          "chain_fps_sha_256": [
            "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
            "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
            "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e"
          ],
          "leaf_data": {
            "names": [
              "*.home.pl",
              "home.pl"
            ],
            "subject_dn": "CN=*.home.pl",
            "issuer_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "b807971c7c77a9b1d29605c36800a6de0b187340a2aa0086a88d70656f313845",
            "fingerprint": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
            "issuer": {
              "common_name": [
                "Certyfikat SSL"
              ],
              "organization": [
                "home.pl S.A."
              ],
              "country": [
                "PL"
              ]
            },
            "subject": {
              "common_name": [
                "*.home.pl"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5vsb3m8t53OmPOeuFMuLbTjRCOvJq87kcgnhz1EuMJPGFenPS+TqlgjPmDaTqyFIas1ouLzMA/WOXOA3oRsAKGJ9b/Bo9hb1JikVqjwIEMYrQQa8M9d4e0LrPr0Dv539XsfkOU+tOETU7isAaDtqmEaPaaHyMr2UgQHAIwN5WgYKrvGJKnk8199QNSV8Xq5bO5qxg6LMysAM6yicQIp1QrRgd6HqsgPb+kM51UFAkySCbU0JGdgSkUVmGatxALl/jpLcBGDTxFPFcPgrXOl2qe1Ub4OrXM/GCTgmDrEXOJPzhdnEHqI0fjfpT9JCDBs6e/ZKnlq1dAU/3IxiGavz5w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1a7e3e768f8709c2b3a45327e0af99ea1429f0ee8f081c085c3a271340b09ce7"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
              "subject_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2"
            },
            {
              "fingerprint": "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            },
            {
              "fingerprint": "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891",
        "ja4s": "t130200_1303_a56c5b993250",
        "versions": [
          {
            "tls_version": "TLSv1_3",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "475c9302dc42b2751db9edcac3b74891",
            "ja4s": "t130200_1303_a56c5b993250"
          },
          {
            "tls_version": "TLSv1_2",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "d25619cb77d3219fc9fc14cb6b35eacc",
            "ja4s": "t120200_cca8_344b4dce5a52"
          }
        ]
      },
      "transport_fingerprint": {
        "raw": "31856,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "pop3",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "+OK Dovecot ready.\r\n",
      "banner_hashes": [
        "sha256:095c6dbf7d6290d9c885271a78f82e11a7df7c9a8733d4e13236b47608e527c4"
      ],
      "banner_hex": "2b4f4b20446f7665636f742072656164792e0d0a",
      "certificate": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "POP3S",
      "labels": [
        "email"
      ],
      "observed_at": "2024-10-06T03:49:31.757879900Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "pop3": {
        "_encoding": {
          "banner": "DISPLAY_UTF8"
        },
        "banner": "+OK Dovecot ready.\r\n"
      },
      "port": 995,
      "service_name": "POP3",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Dovecot",
          "product": "Dovecot",
          "other": {
            "family": "Dovecot"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.138.58",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
          "chain_fps_sha_256": [
            "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
            "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
            "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e"
          ],
          "leaf_data": {
            "names": [
              "*.home.pl",
              "home.pl"
            ],
            "subject_dn": "CN=*.home.pl",
            "issuer_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "b807971c7c77a9b1d29605c36800a6de0b187340a2aa0086a88d70656f313845",
            "fingerprint": "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8",
            "issuer": {
              "common_name": [
                "Certyfikat SSL"
              ],
              "organization": [
                "home.pl S.A."
              ],
              "country": [
                "PL"
              ]
            },
            "subject": {
              "common_name": [
                "*.home.pl"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5vsb3m8t53OmPOeuFMuLbTjRCOvJq87kcgnhz1EuMJPGFenPS+TqlgjPmDaTqyFIas1ouLzMA/WOXOA3oRsAKGJ9b/Bo9hb1JikVqjwIEMYrQQa8M9d4e0LrPr0Dv539XsfkOU+tOETU7isAaDtqmEaPaaHyMr2UgQHAIwN5WgYKrvGJKnk8199QNSV8Xq5bO5qxg6LMysAM6yicQIp1QrRgd6HqsgPb+kM51UFAkySCbU0JGdgSkUVmGatxALl/jpLcBGDTxFPFcPgrXOl2qe1Ub4OrXM/GCTgmDrEXOJPzhdnEHqI0fjfpT9JCDBs6e/ZKnlq1dAU/3IxiGavz5w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "1a7e3e768f8709c2b3a45327e0af99ea1429f0ee8f081c085c3a271340b09ce7"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "a95f23b52af10895886fb65323d29a9876ea7d396f805e4ca280d561c26e3dad",
              "subject_dn": "C=PL, O=home.pl S.A., CN=Certyfikat SSL",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2"
            },
            {
              "fingerprint": "9e852c59dfc6fd6abd4e17ea80b5f4e56fc04192d107258d54da8a92528670d6",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Global Services CA SHA2",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            },
            {
              "fingerprint": "5c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e",
              "subject_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA",
              "issuer_dn": "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891",
        "ja4s": "t130200_1303_a56c5b993250"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "mysql",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "5.7.42-46",
      "banner_hashes": [
        "sha256:69d023c1beb369087daeed7ef966cd4eced4e529ece2910262e3d99cdd1ee2aa"
      ],
      "banner_hex": "352e372e34322d3436",
      "certificate": "208a797e2b4470e19cf9256b92a72ce53274a4e40b57ee337a4da8dadd42e007",
      "extended_service_name": "MYSQL",
      "labels": [
        "database"
      ],
      "mysql": {
        "protocol_version": 10,
        "server_version": "5.7.42-46",
        "connection_id": 24114713,
        "_encoding": {
          "auth_plugin_data": "DISPLAY_HEX"
        },
        "auth_plugin_data": "656729672559734651605b7d375d1d08123e764f00",
        "character_set": 9,
        "status_flags": {
          "SERVER_STATUS_AUTOCOMMIT": true
        },
        "capability_flags": {
          "CLIENT_RESERVED": true,
          "CLIENT_MULTI_STATEMENTS": true,
          "CLIENT_PROTOCOL_41": true,
          "CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS": true,
          "CLIENT_CONNECT_WITH_DB": true,
          "CLIENT_SECURE_CONNECTION": true,
          "CLIENT_ODBC": true,
          "CLIENT_LONG_PASSWORD": true,
          "CLIENT_IGNORE_SPACE": true,
          "CLIENT_LOCAL_FILES": true,
          "CLIENT_PLUGIN_AUTH_LEN_ENC_CLIENT_DATA": true,
          "CLIENT_SSL": true,
          "CLIENT_DEPRECATED_EOF": true,
          "CLIENT_FOUND_ROWS": true,
          "CLIENT_SESSION_TRACK": true,
          "CLIENT_INTERACTIVE": true,
          "CLIENT_IGNORE_SIGPIPE": true,
          "CLIENT_PLUGIN_AUTH": true,
          "CLIENT_MULTI_RESULTS": true,
          "CLIENT_CONNECT_ATTRS": true,
          "CLIENT_LONG_FLAG": true,
          "CLIENT_TRANSACTIONS": true,
          "CLIENT_COMPRESS": true,
          "CLIENT_PS_MULTI_RESULTS": true,
          "CLIENT_NO_SCHEMA": true
        },
        "auth_plugin_name": "mysql_native_password",
        "error_code": 0
      },
      "observed_at": "2024-10-06T10:45:42.522292505Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 3306,
      "service_name": "MYSQL",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:oracle:mysql:5.7.42\\-46:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Oracle",
          "product": "MySQL",
          "version": "5.7.42-46",
          "other": {
            "family": "MySQL"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "162.142.125.202",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "208a797e2b4470e19cf9256b92a72ce53274a4e40b57ee337a4da8dadd42e007",
          "chain_fps_sha_256": [
            "cb9f1fb2df7decc24f4f5267fbe090b1fd82718ad5166949635250d123715015"
          ],
          "leaf_data": {
            "subject_dn": "CN=MySQL_Server_5.7.18-14_Auto_Generated_Server_Certificate",
            "issuer_dn": "CN=MySQL_Server_5.7.18-14_Auto_Generated_CA_Certificate",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "ce3b66b832d95151844c4817a5dbe1b39f2900a0b5f33ef55886b5dbb18e69ab",
            "fingerprint": "208a797e2b4470e19cf9256b92a72ce53274a4e40b57ee337a4da8dadd42e007",
            "issuer": {
              "common_name": [
                "MySQL_Server_5.7.18-14_Auto_Generated_CA_Certificate"
              ]
            },
            "subject": {
              "common_name": [
                "MySQL_Server_5.7.18-14_Auto_Generated_Server_Certificate"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "tc7OixUrGI/XeICNNHdtwBN12obsWigq0j1rZLXBC+5fuvl1bxi9pTaDLc7T/QWmUEDKh7OXHg39IA+XMa+lVG1zqo5KyRcD6Zrfy9pShMnBOYdVtoBtRiv7lIv03jJOaD84FIv/KHDjFKJvl0Xq8mXUSShYHeY/AVgt4Hq+b20EJ4D1Va/oAGyQ10vwDWSxU/nY+Dl6s2l9PojbVyK9D0iFnyZEyhAmvtAhwYVew5fFjN35EowX4jli0f5VXS+QM7kSuNInXoX7mgqB7k/XZj6cObTpxcvFI21t3yN58Ab1rQ5o/41zsZPrSXaHaUo/SeUVjugVfwgVeqxW4zsJDw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "c2ea0165997fa13012f97710f650849a8651d0ec76215787c034ea4435269ef7"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "cb9f1fb2df7decc24f4f5267fbe090b1fd82718ad5166949635250d123715015",
              "subject_dn": "CN=MySQL_Server_5.7.18-14_Auto_Generated_CA_Certificate",
              "issuer_dn": "CN=MySQL_Server_5.7.18-14_Auto_Generated_CA_Certificate"
            }
          ]
        },
        "server_key_exchange": {
          "ec_params": {
            "named_curve": 29
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "303951d4c50efb2e991652225a6f02b1",
        "ja4s": "t120200_c02f_344b4dce5a52",
        "versions": [
          {
            "tls_version": "TLSv1_2",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "303951d4c50efb2e991652225a6f02b1",
            "ja4s": "t120200_c02f_344b4dce5a52"
          }
        ]
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "mysql",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "8.0.33-25",
      "banner_hashes": [
        "sha256:d5674732b9fa0f4c3ae138b0502269b6b1ee010cca46aededc4727b0a892f3a9"
      ],
      "banner_hex": "382e302e33332d3235",
      "certificate": "ebf5c582389cdf13a7ff9da697659e9f68e1a06a8622ff575c544c0cdbf6bb21",
      "discovery_method": "PREDICTIVE_METHOD_30",
      "extended_service_name": "MYSQL",
      "labels": [
        "database"
      ],
      "mysql": {
        "protocol_version": 10,
        "server_version": "8.0.33-25",
        "connection_id": 6380574,
        "_encoding": {
          "auth_plugin_data": "DISPLAY_HEX"
        },
        "auth_plugin_data": "2b0d6b75790b0f204d5779592a15592e445e667100",
        "character_set": 45,
        "status_flags": {
          "SERVER_STATUS_AUTOCOMMIT": true
        },
        "capability_flags": {
          "CLIENT_RESERVED": true,
          "CLIENT_MULTI_STATEMENTS": true,
          "CLIENT_PROTOCOL_41": true,
          "CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS": true,
          "CLIENT_CONNECT_WITH_DB": true,
          "CLIENT_SECURE_CONNECTION": true,
          "CLIENT_ODBC": true,
          "CLIENT_LONG_PASSWORD": true,
          "CLIENT_IGNORE_SPACE": true,
          "CLIENT_LOCAL_FILES": true,
          "CLIENT_PLUGIN_AUTH_LEN_ENC_CLIENT_DATA": true,
          "CLIENT_SSL": true,
          "CLIENT_DEPRECATED_EOF": true,
          "CLIENT_FOUND_ROWS": true,
          "CLIENT_SESSION_TRACK": true,
          "CLIENT_INTERACTIVE": true,
          "CLIENT_IGNORE_SIGPIPE": true,
          "CLIENT_PLUGIN_AUTH": true,
          "CLIENT_MULTI_RESULTS": true,
          "CLIENT_CONNECT_ATTRS": true,
          "CLIENT_LONG_FLAG": true,
          "CLIENT_TRANSACTIONS": true,
          "CLIENT_COMPRESS": true,
          "CLIENT_PS_MULTI_RESULTS": true,
          "CLIENT_NO_SCHEMA": true
        },
        "auth_plugin_name": "mysql_native_password",
        "error_code": 0
      },
      "observed_at": "2024-10-04T19:42:20.716099246Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 3380,
      "service_name": "MYSQL",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:oracle:mysql:8.0.33\\-25:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Oracle",
          "product": "MySQL",
          "version": "8.0.33-25",
          "other": {
            "family": "MySQL"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "206.168.34.217",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "ebf5c582389cdf13a7ff9da697659e9f68e1a06a8622ff575c544c0cdbf6bb21",
          "chain_fps_sha_256": [
            "a2810bf48eb7fe4b85548da09b4029efd86527b1aeb234eff5b9c6596a1ae43d"
          ],
          "leaf_data": {
            "subject_dn": "CN=MySQL_Server_8.0.31-23_Auto_Generated_Server_Certificate",
            "issuer_dn": "CN=MySQL_Server_8.0.31-23_Auto_Generated_CA_Certificate",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "a0ca3932fcc1e8154912f318ea362e93260d79a57c6cce9fc338743b613db8e4",
            "fingerprint": "ebf5c582389cdf13a7ff9da697659e9f68e1a06a8622ff575c544c0cdbf6bb21",
            "issuer": {
              "common_name": [
                "MySQL_Server_8.0.31-23_Auto_Generated_CA_Certificate"
              ]
            },
            "subject": {
              "common_name": [
                "MySQL_Server_8.0.31-23_Auto_Generated_Server_Certificate"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "v0tofZkS5KV+pnl/As/IMIauae8OsmLkp25CtmUYuAkF2ZUN8guGTny1pK3uiiHEFbApzgZFJltRSlK+vjhS8q0LuQuvAf+HsjQbPb+XzNxZFtuuM8yMwIMpEaRJSClgerdUmOk+zAPyU2NjicZ8o+9JxbvrJvITxaH1nHBg2MyH06JEBTEbPjxvxy4Fd5S7VYrKpG9SuKzsM9/aX9JbnoY0Y4RCwdFhS/hlFLG14IdiFW6tAi2lMQ0WXkIhVjj5e0rh5TjsXDlGgStP89xIxWwz34qdLRcZSOxgDF4v+vW7JrAApoxGfv4w5m+a0OQsDeO1pbG06HAVtw5399Doyw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "b1fe5dfa5f408da7c5a17a62acc9cc7a97f5c23a92954a3d598879dbd746d192"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "a2810bf48eb7fe4b85548da09b4029efd86527b1aeb234eff5b9c6596a1ae43d",
              "subject_dn": "CN=MySQL_Server_8.0.31-23_Auto_Generated_CA_Certificate",
              "issuer_dn": "CN=MySQL_Server_8.0.31-23_Auto_Generated_CA_Certificate"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891",
        "ja4s": "t130200_1303_a56c5b993250",
        "versions": [
          {
            "tls_version": "TLSv1_3",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "475c9302dc42b2751db9edcac3b74891",
            "ja4s": "t130200_1303_a56c5b993250"
          }
        ]
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "postgres",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "POSTGRES",
      "labels": [
        "database"
      ],
      "observed_at": "2024-10-05T02:13:17.444713567Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 5432,
      "postgres": {
        "supported_versions": "FATAL:  unsupported frontend protocol 0.0: server supports 2.0 to 3.0",
        "protocol_error": {
          "line": "2137",
          "message": "unsupported frontend protocol 255.255: server supports 2.0 to 3.0",
          "file": "postmaster.c",
          "severity_v": "FATAL",
          "code": "0A000",
          "routine": "ProcessStartupPacket",
          "severity": "FATAL"
        },
        "startup_error": {
          "line": "2287",
          "message": "no PostgreSQL user name specified in startup packet",
          "file": "postmaster.c",
          "severity_v": "FATAL",
          "code": "28000",
          "routine": "ProcessStartupPacket",
          "severity": "FATAL"
        }
      },
      "service_name": "POSTGRES",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Postgresql",
          "product": "Postgresql",
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "162.142.125.192",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "ssh",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "SSH-2.0-HomeSSH-v1.2",
      "banner_hashes": [
        "sha256:aa9021c894a782228f0df246f2c6b0b1632a2dcbdee94ec6eb073f28609e56ae"
      ],
      "banner_hex": "5353482d322e302d486f6d655353482d76312e32",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "SSH",
      "labels": [
        "remote-access"
      ],
      "observed_at": "2024-10-04T20:08:19.989769424Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 22222,
      "service_name": "SSH",
      "source_ip": "162.142.125.219",
      "ssh": {
        "endpoint_id": {
          "_encoding": {
            "raw": "DISPLAY_UTF8"
          },
          "raw": "SSH-2.0-HomeSSH-v1.2",
          "protocol_version": "2.0",
          "software_version": "HomeSSH-v1.2"
        },
        "kex_init_message": {
          "kex_algorithms": [
            "ecdh-sha2-nistp256",
            "diffie-hellman-group14-sha1"
          ],
          "host_key_algorithms": [
            "ecdsa-sha2-nistp256",
            "rsa-sha2-512",
            "rsa-sha2-256",
            "ssh-rsa",
            "ssh-dss"
          ],
          "client_to_server_ciphers": [
            "[email protected]",
            "[email protected]",
            "aes256-ctr",
            "aes192-ctr",
            "aes128-ctr",
            "aes256-cbc",
            "aes192-cbc",
            "aes128-cbc",
            "3des-cbc"
          ],
          "server_to_client_ciphers": [
            "aes256-ctr",
            "aes192-ctr",
            "aes128-ctr"
          ],
          "client_to_server_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "server_to_client_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "client_to_server_compression": [
            "none"
          ],
          "server_to_client_compression": [
            "none"
          ],
          "first_kex_follows": false
        },
        "algorithm_selection": {
          "kex_algorithm": "ecdh-sha2-nistp256",
          "host_key_algorithm": "ecdsa-sha2-nistp256",
          "client_to_server_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          },
          "server_to_client_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          }
        },
        "server_host_key": {
          "fingerprint_sha256": "2651d3c58c3e1466891352d71f1870f1385d254e2a05fa7caf95430f1f4dcad2",
          "ecdsa_public_key": {
            "_encoding": {
              "b": "DISPLAY_BASE64",
              "gx": "DISPLAY_BASE64",
              "gy": "DISPLAY_BASE64",
              "n": "DISPLAY_BASE64",
              "p": "DISPLAY_BASE64",
              "x": "DISPLAY_BASE64",
              "y": "DISPLAY_BASE64"
            },
            "b": "WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=",
            "curve": "P-256",
            "gx": "axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=",
            "gy": "T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=",
            "length": 256,
            "n": "/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=",
            "p": "/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=",
            "x": "mB8tVUuKWED38eMdCaiCAL1KYsExiRTZwKfnHTdBOCg=",
            "y": "b+iEbGbPdTXYTLfFU5mrfsdJJScruEKG1S2uope33d0="
          }
        },
        "hassh_fingerprint": "f0c354503999219c5dc8e5c1a3ca032f"
      },
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Europe",
    "country": "Poland",
    "country_code": "PL",
    "city": "Warsaw",
    "postal_code": "00-002",
    "timezone": "Europe/Warsaw",
    "province": "Mazovia",
    "coordinates": {
      "latitude": 52.22977,
      "longitude": 21.01178
    }
  },
  "location_updated_at": "2024-09-26T11:34:21.109313105Z",
  "autonomous_system": {
    "asn": 12824,
    "description": "HOMEPL-AS",
    "bgp_prefix": "212.85.96.0/19",
    "name": "HOMEPL-AS",
    "country_code": "PL"
  },
  "autonomous_system_updated_at": "2024-09-26T11:34:21.109386402Z",
  "whois": {
    "network": {
      "handle": "PL-HOMENET-991123",
      "name": "home.pl S.A.",
      "cidrs": [
        "212.85.96.0/19"
      ],
      "created": "2002-03-06T00:00:00Z",
      "updated": "2024-02-20T00:00:00Z"
    },
    "organization": {
      "handle": "ORG-HA12-RIPE",
      "name": "home.pl S.A.",
      "address": "ul. Zbozowa 4\\n70-653\\nSzczecin\\nPOLAND",
      "abuse_contacts": [
        {
          "handle": "HA2866-RIPE",
          "name": "home.pl abuse",
          "email": "[email protected]"
        }
      ],
      "admin_contacts": [
        {
          "handle": "HNA8-RIPE",
          "name": "home.pl Network Administrators",
          "email": "[email protected]"
        }
      ]
    }
  },
  "dns": {
    "names": [
      "cloudserver007584.home.pl"
    ],
    "records": {
      "cloudserver007584.home.pl": {
        "record_type": "A",
        "resolved_at": "2024-09-30T23:52:07.758674174Z"
      }
    },
    "reverse_dns": {
      "names": [
        "misiontek.pl"
      ],
      "resolved_at": "2024-09-23T02:42:22.073277145Z"
    }
  },
  "last_updated_at": "2024-10-06T10:45:48.493Z",
  "labels": [
    "database",
    "email",
    "file-sharing",
    "remote-access"
  ]
}