42.236.74.122

As of: Sep 12, 2024 2:29am UTC | Latest
{
  "ip": "42.236.74.122",
  "services": [
    {
      "_decoded": "ssh",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "SSH-2.0-OpenSSH_7.2 FreeBSD-20161230",
      "banner_hashes": [
        "sha256:bfa8a86c06e3972ee8796023c13ee9cdfc9d1030a1f9d74b85902eb7c8b994e7"
      ],
      "banner_hex": "5353482d322e302d4f70656e5353485f372e3220467265654253442d3230313631323330",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "SSH",
      "labels": [
        "remote-access"
      ],
      "observed_at": "2024-09-12T02:29:25.296113147Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 22,
      "service_name": "SSH",
      "software": [
        {
          "product": "openssh",
          "other": {
            "comment": "FreeBSD-20161230"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "FreeBSD",
          "product": "FreeBSD",
          "version": "11.1",
          "other": {
            "family": "FreeBSD"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:openbsd:openssh:7.2:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "OpenBSD",
          "product": "OpenSSH",
          "version": "7.2",
          "other": {
            "family": "OpenSSH"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "162.142.125.211",
      "ssh": {
        "endpoint_id": {
          "_encoding": {
            "raw": "DISPLAY_UTF8"
          },
          "raw": "SSH-2.0-OpenSSH_7.2 FreeBSD-20161230",
          "protocol_version": "2.0",
          "software_version": "OpenSSH_7.2",
          "comment": "FreeBSD-20161230"
        },
        "kex_init_message": {
          "kex_algorithms": [
            "[email protected]",
            "ecdh-sha2-nistp256",
            "ecdh-sha2-nistp384",
            "ecdh-sha2-nistp521",
            "diffie-hellman-group-exchange-sha256",
            "diffie-hellman-group14-sha1"
          ],
          "host_key_algorithms": [
            "ssh-rsa",
            "rsa-sha2-512",
            "rsa-sha2-256",
            "ecdsa-sha2-nistp256",
            "ssh-ed25519"
          ],
          "client_to_server_ciphers": [
            "[email protected]",
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "[email protected]",
            "[email protected]",
            "aes128-cbc",
            "aes192-cbc",
            "aes256-cbc"
          ],
          "server_to_client_ciphers": [
            "[email protected]",
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "[email protected]",
            "[email protected]",
            "aes128-cbc",
            "aes192-cbc",
            "aes256-cbc"
          ],
          "client_to_server_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "server_to_client_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "client_to_server_compression": [
            "none",
            "[email protected]"
          ],
          "server_to_client_compression": [
            "none",
            "[email protected]"
          ],
          "first_kex_follows": false
        },
        "algorithm_selection": {
          "kex_algorithm": "[email protected]",
          "host_key_algorithm": "ecdsa-sha2-nistp256",
          "client_to_server_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          },
          "server_to_client_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          }
        },
        "server_host_key": {
          "fingerprint_sha256": "2007b1f1b512a9585a19c05aad04527f124d501bc4fa380e4cb744d59eb16a3c",
          "ecdsa_public_key": {
            "_encoding": {
              "b": "DISPLAY_BASE64",
              "gx": "DISPLAY_BASE64",
              "gy": "DISPLAY_BASE64",
              "n": "DISPLAY_BASE64",
              "p": "DISPLAY_BASE64",
              "x": "DISPLAY_BASE64",
              "y": "DISPLAY_BASE64"
            },
            "b": "WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=",
            "curve": "P-256",
            "gx": "axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=",
            "gy": "T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=",
            "length": 256,
            "n": "/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=",
            "p": "/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=",
            "x": "IEkf1XTOTUm8ObGY3zNrfTZn6qcHVk10boU2KQHMu+Q=",
            "y": "JG1x+N1E80RqexWpPrJjNgbBiKextkW4k5zO47jWnCo="
          }
        },
        "hassh_fingerprint": "07094a2b29664fb4178658c6e95a241f"
      },
      "transport_fingerprint": {
        "raw": "65535,64,true,MNWST,1400,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 200 OK\r\nLast-Modified: Sat, 27 Jul 2024 01:58:47 GMT\r\nContent-Length: 2734\r\nDate:  <REDACTED>\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1;mode-block\r\nX-Content-Type-Options: nosniff\r\n",
      "banner_hashes": [
        "sha256:349cf0ae9b068429653973d5c4ef054f88b2466dd69ae7f94a700540b8d52285"
      ],
      "banner_hex": "485454502f312e3120323030204f4b0d0a4c6173742d4d6f6469666965643a205361742c203237204a756c20323032342030313a35383a343720474d540d0a436f6e74656e742d4c656e6774683a20323733340d0a446174653a20203c52454441435445443e0d0a436f6e6e656374696f6e3a204b6565702d416c6976650d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a582d4672616d652d4f7074696f6e733a2053414d454f524947494e0d0a582d5853532d50726f74656374696f6e3a20313b6d6f64652d626c6f636b0d0a582d436f6e74656e742d547970652d4f7074696f6e733a206e6f736e6966660d0a",
      "certificate": "8085148023a271eda44dafb0d4c2a272dc97c8a00708a0dba8ba33ca170e834c",
      "discovery_method": "PREDICTIVE_METHOD_15",
      "extended_service_name": "HTTPS",
      "http": {
        "request": {
          "method": "GET",
          "uri": "https://42.236.74.122/web/index.html",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 200,
          "status_reason": "OK",
          "headers": {
            "X_Frame_Options": [
              "SAMEORIGIN"
            ],
            "_encoding": {
              "X_Frame_Options": "DISPLAY_UTF8",
              "X_XSS_Protection": "DISPLAY_UTF8",
              "Content_Length": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8",
              "X_Content_Type_Options": "DISPLAY_UTF8",
              "Date": "DISPLAY_UTF8",
              "Last_Modified": "DISPLAY_UTF8"
            },
            "X_XSS_Protection": [
              "1;mode-block"
            ],
            "Content_Length": [
              "2734"
            ],
            "Content_Type": [
              "text/html"
            ],
            "Connection": [
              "Keep-Alive"
            ],
            "X_Content_Type_Options": [
              "nosniff"
            ],
            "Date": [
              "<REDACTED>"
            ],
            "Last_Modified": [
              "Sat, 27 Jul 2024 01:58:47 GMT"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>Web managerment Home</title>"
          ],
          "body_size": 2734,
          "body": "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<title>Web managerment Home</title>\r\n\r\n<script language=javascript>\r\nvar sUrl = (\"http:\"==window.location.protocol) ? \"/wnm/ssl/web/frame/login.html?ssl=false\": \"frame/login.html\";\r\n<!--redirect url-->\r\nfunction DetectActiveX()\r\n{ \r\n\t//xmlhttp\u5bf9\u8c61\r\n\tvar oXmlHttp = null;    \r\n\ttry\r\n\t{\r\n\t\t // \u5148\u5224\u65ad\u5185\u5d4c\u5bf9\u8c61\u7684\u652f\u6301, \u5305\u62ecIE7+\u548c\u975eIE\r\n\t\tif (typeof XMLHttpRequest != \"undefined\")\r\n\t\t{\r\n\t\t   oXmlHttp = new XMLHttpRequest();\r\n\t\t   return true;\r\n\t\t}     \r\n\t}\r\n\tcatch(e)\r\n\t{  }\r\n\r\n\t//IE\u652f\u6301\u7684xmlhttp\u5bf9\u8c61\r\n\tvar aVers = [\"MSXML2.XMLHttp\", \"Microsoft.XMLHttp\"];\r\n\tfor (var i = 0; i < aVers.length; i++)\r\n\t{\r\n\t\ttry\r\n\t\t{\r\n\t\t   oXmlHttp = new ActiveXObject(aVers[i]);\r\n\t\t   return true;\r\n\t\t}\r\n\t\tcatch(e)\r\n\t\t{}      \r\n\t}\r\n\treturn false;\r\n}\r\n\r\nfunction onBodyLoad()\r\n{\r\n\tif(false === DetectActiveX())\r\n\t{\r\n\t\tvar sId = (typeof XMLHttpRequest != \"undefined\") ? \"noh\" : \"nox\";\r\n\t\tdocument.getElementById(sId).style.display = \"\";\r\n\t\treturn false;\r\n\t}\r\n\tvar sHost = window.location.host;\r\n\tif(-1 != sHost.indexOf(\"quicknet.h3c.com\") && \"http:\" == window.location.protocol) {\r\n\t\tsUrl = \"frame/login.html\"\r\n\t}\r\n\twindow.location = sUrl;\r\n}\r\n</script>\r\n</head>\r\n\r\n<body style=\"background-color: #E1E9F5;\" onload=\"onBodyLoad()\">\r\n<noscript>\r\n<H2>This WebUI administration tool requires scripting support.</H2>\r\n<div>Please obtain the latest version of browsers which support the Javascript \r\nlanguage or enable scripting by changing the browser setting if you are using \r\nthe latest version of the browsers. </div>\r\n<H2>Web\u7f51\u7ba1\u4e2d\u9700\u8981\u6d3b\u52a8\u811a\u672c\u652f\u6301</H2>\r\n<div>\u8bf7\u4f7f\u7528\u6700\u65b0\u7684\u652f\u6301JavaScript\u811a\u672c\u529f\u80fd\u7684\u6d4f\u89c8\u5668, \u5982\u679c\u60a8\u5df2\u7ecf\u4f7f\u7528\u4e86\u65b0\u7248\u672c\u7684\u6d4f\u89c8\u5668,\r\n\u8bf7\u542f\u7528\u6d4f\u89c8\u5668\u7684\u6d3b\u52a8\u811a\u672c\u529f\u80fd</div>\r\n</noscript>\r\n<div id=\"noh\" style=\"display:none\">\r\n<H2>This WebUI administration tool requires XMLHttpRequest.</H2>\r\n<div>Please obtain the latest version of browsers which support the XMLHttpRequest \r\ncontrol. </div>\r\n<H2>Web\u7f51\u7ba1\u4e2d\u9700\u8981XMLHttpRequest\u63a7\u4ef6\u652f\u6301</H2>\r\n<div>\u8bf7\u4f7f\u7528\u6700\u65b0\u7684\u652f\u6301XMLHttpRequest\u529f\u80fd\u7684\u6d4f\u89c8\u5668\u7248\u672c\u3002</div>\r\n</div>\r\n<div id=\"nox\" style=\"display:none\">\r\n<H2>This WebUI administration tool requires ActiveX.</H2>\r\n<div>Please obtain the latest version of browsers which support the ActiveX, \r\nor enable the ActiveX by changing the browser setting if you are using \r\nthe latest version of the browsers. </div>\r\n<H2>Web\u7f51\u7ba1\u4e2d\u9700\u8981ActiveX\u63a7\u4ef6\u652f\u6301</H2>\r\n<div>\u8bf7\u4f7f\u7528\u6700\u65b0\u7684\u652f\u6301ActiveX\u7684\u6d4f\u89c8\u5668, \u5982\u679c\u60a8\u5df2\u7ecf\u4f7f\u7528\u4e86\u65b0\u7248\u672c\u7684\u6d4f\u89c8\u5668,\r\n\u8bf7\u542f\u7528\u6d4f\u89c8\u5668\u7684ActiveX\u529f\u80fd</div>\r\n</div>\r\n</body>\r\n</html>\r\n",
          "body_hashes": [
            "sha256:b8bea5b4546e3bd0aacc573c6f89ee1df3443c72f6ae5c6e4272c14fa5da823b",
            "sha1:3a7081f66cf821238f99011f413ed463428c7b02"
          ],
          "body_hash": "sha1:3a7081f66cf821238f99011f413ed463428c7b02",
          "html_title": "Web managerment Home"
        },
        "supports_http2": false
      },
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "07d08d09d06d06d07c42d43d000000413114f24a58f6b16f5514998088c5f3",
        "cipher_and_version_fingerprint": "07d08d09d06d06d07c42d43d000000",
        "tls_extensions_sha256": "413114f24a58f6b16f5514998088c5f3",
        "observed_at": "2024-09-06T23:07:33.926476874Z"
      },
      "observed_at": "2024-09-11T20:37:27.713664983Z",
      "perspective_id": "PERSPECTIVE_ORANGE",
      "port": 443,
      "service_name": "HTTP",
      "source_ip": "167.94.145.100",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "8085148023a271eda44dafb0d4c2a272dc97c8a00708a0dba8ba33ca170e834c",
          "leaf_data": {
            "subject_dn": "CN=HTTPS-Self-Signed-Certificate-86bb3f5a9d3eea07",
            "issuer_dn": "CN=HTTPS-Self-Signed-Certificate-86bb3f5a9d3eea07",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "f106fbb31ccf40e972d195aeeab71e3f7c5bbeb778eef544d965accca40d4529",
            "fingerprint": "8085148023a271eda44dafb0d4c2a272dc97c8a00708a0dba8ba33ca170e834c",
            "issuer": {
              "common_name": [
                "HTTPS-Self-Signed-Certificate-86bb3f5a9d3eea07"
              ]
            },
            "subject": {
              "common_name": [
                "HTTPS-Self-Signed-Certificate-86bb3f5a9d3eea07"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wGMAw5j8KMXmEG1LraZTkf5VQ5rUO3hpetH9MGFTMFJpM2HNnXdiXojiYxD23DgLmlPOOZBVladjMKwv5hKyqN0EtWSP6xXKg1CsL0WxNkpXGVwa092ph1+LTOVwxI3EGPz1BRvJMIGN1qPoqpf1FjXX/n8AP303rzNJ5eLlPgxtjsmXm7D0KK+3VZ2fTkj7MejAKj3G6O8QGSsJ0l7a5lq6mQbiFwmTXq+1OWH9pLEnKN5mcibC6JPS1OdaYps8usCPuDTNyR3s3nNFuhtVhpprjnCBlWvYq769MUMEu+9IEZA1UVLPXUofH4E2t8WcdvCxeKJNvT4jedbr0JRIqw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "6d20951883696289266abb0f2a3a8e96fab4e7e44e9c7605a8d03f75b429ed3c"
            },
            "signature": {
              "self_signed": true,
              "signature_algorithm": "SHA256-RSA"
            }
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891",
        "ja4s": "t130200_1303_a56c5b993250",
        "versions": [
          {
            "tls_version": "TLSv1_3",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "475c9302dc42b2751db9edcac3b74891",
            "ja4s": "t130200_1303_a56c5b993250"
          },
          {
            "tls_version": "TLSv1_2",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "573a9f3f80037fb40d481e2054def5bb",
            "ja4s": "t120100_002f_bc98f8e001b5"
          },
          {
            "tls_version": "TLSv1_1",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "a77004cef34419c10c586e4b99da96b1",
            "ja4s": "t110100_002f_bc98f8e001b5"
          }
        ]
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "ike",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_2",
      "extended_service_name": "IKE",
      "ike": {
        "v1": {
          "supported": true,
          "notify_message_types": [
            14
          ],
          "accepted_proposal": false
        },
        "v2": {
          "supported": true,
          "notify_message_types": [
            14
          ],
          "accepted_proposal": false
        }
      },
      "observed_at": "2024-09-11T13:32:34.748887797Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 500,
      "service_name": "IKE",
      "source_ip": "206.168.34.119",
      "transport_protocol": "UDP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 404 Not Found\r\nDate:  <REDACTED>\r\nTransfer-encoding: chunked\r\n",
      "banner_hashes": [
        "sha256:22aed24f6335aef965db1a2f9e57fe6b7dafe772755a233ae847d2d16afcf8ee"
      ],
      "banner_hex": "485454502f312e3120343034204e6f7420466f756e640d0a446174653a20203c52454441435445443e0d0a5472616e736665722d656e636f64696e673a206368756e6b65640d0a",
      "discovery_method": "PREDICTIVE_METHOD_7",
      "extended_service_name": "HTTP",
      "http": {
        "request": {
          "method": "GET",
          "uri": "http://42.236.74.122:6215/",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 404,
          "status_reason": "Not Found",
          "headers": {
            "Date": [
              "<REDACTED>"
            ],
            "_encoding": {
              "Date": "DISPLAY_UTF8",
              "Transfer_encoding": "DISPLAY_UTF8"
            },
            "Transfer_encoding": [
              "chunked"
            ]
          },
          "body_size": 15,
          "_encoding": {
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8"
          },
          "body": "path not found ",
          "body_hashes": [
            "sha256:ea0a114c33a3a62b767fe7ba8df529230d18db663d9d099d27f7dcb9c0929b6a",
            "sha1:81433c860f347f27ba6b5d464fbf459a24683458"
          ],
          "body_hash": "sha1:81433c860f347f27ba6b5d464fbf459a24683458"
        },
        "supports_http2": false
      },
      "observed_at": "2024-09-09T03:25:00.014307079Z",
      "pending_removal_since": "2024-09-11T10:48:17.402464549Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 6215,
      "service_name": "HTTP",
      "source_ip": "162.142.125.202",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "banner_grab",
      "_encoding": {
        "banner": "DISPLAY_UTF8"
      },
      "banner": "",
      "banner_hashes": [
        "sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
      ],
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_3",
      "extended_service_name": "HIKVISION",
      "labels": [
        "camera"
      ],
      "observed_at": "2024-09-11T11:32:23.011372917Z",
      "parsed": {
        "hikvision": {
          "web_version": "V4.0.1build240514",
          "plugin_version": "4.0.0.3",
          "platforms": null
        }
      },
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 8181,
      "service_name": "HIKVISION",
      "source_ip": "167.94.138.58",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 200 OK\r\nServer: nginx/1.17.6\r\nDate:  <REDACTED>\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n",
      "banner_hashes": [
        "sha256:805edb566dbb47295606d0e95b0da3ce2e0c34e0d329140b3171c825149a9940"
      ],
      "banner_hex": "485454502f312e3120323030204f4b0d0a5365727665723a206e67696e782f312e31372e360d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d7574662d380d0a5472616e736665722d456e636f64696e673a206368756e6b65640d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a",
      "certificate": "e0da54e1e75ced5083a2455920404240384774f7deeed614d665e398451e34eb",
      "discovery_method": "PREDICTIVE_METHOD_7",
      "extended_service_name": "HTTPS",
      "http": {
        "request": {
          "method": "GET",
          "uri": "https://42.236.74.122:65534/",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 200,
          "status_reason": "OK",
          "headers": {
            "Date": [
              "<REDACTED>"
            ],
            "_encoding": {
              "Date": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Transfer_Encoding": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8"
            },
            "Server": [
              "nginx/1.17.6"
            ],
            "Transfer_Encoding": [
              "chunked"
            ],
            "Content_Type": [
              "text/html; charset=utf-8"
            ],
            "Connection": [
              "keep-alive"
            ]
          },
          "body_size": 56,
          "_encoding": {
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8"
          },
          "body": "<script>location='cloud/page.php?r=user@login';</script>",
          "body_hashes": [
            "sha256:fbc2dfb6fdfb8e66b36cb74a9fe20ba609fb60afe5fe124394fbc252bdfd94a6",
            "sha1:b8c2cbca50b36bce8f6594c590c9743c4a348f73"
          ],
          "body_hash": "sha1:b8c2cbca50b36bce8f6594c590c9743c4a348f73"
        },
        "supports_http2": false
      },
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "2ad2ad0002ad2ad22c2ad2ad2ad2ad6a7bd8f51d54bfc07e1cd34e5ca50bb3",
        "cipher_and_version_fingerprint": "2ad2ad0002ad2ad22c2ad2ad2ad2ad",
        "tls_extensions_sha256": "6a7bd8f51d54bfc07e1cd34e5ca50bb3",
        "observed_at": "2024-08-31T10:56:20.703373924Z"
      },
      "observed_at": "2024-09-10T05:13:42.804429929Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 65534,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:f5:nginx:1.17.6:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "nginx",
          "product": "nginx",
          "version": "1.17.6",
          "other": {
            "family": "nginx"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "162.142.125.36",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "e0da54e1e75ced5083a2455920404240384774f7deeed614d665e398451e34eb",
          "leaf_data": {
            "subject_dn": "C=BJ, ST=BeiJing, L=BeiJing, O=Panabit, OU=Panabit, CN=Panabit, [email protected]",
            "issuer_dn": "C=BJ, ST=BeiJing, L=BeiJing, O=Panabit, OU=Panabit, CN=Panabit, [email protected]",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "02a4af2923cc6486bd774b6eba7f487dedc989d0b4129afefd2a9da11d44347e",
            "fingerprint": "e0da54e1e75ced5083a2455920404240384774f7deeed614d665e398451e34eb",
            "issuer": {
              "common_name": [
                "Panabit"
              ],
              "locality": [
                "BeiJing"
              ],
              "organization": [
                "Panabit"
              ],
              "organizational_unit": [
                "Panabit"
              ],
              "province": [
                "BeiJing"
              ],
              "country": [
                "BJ"
              ],
              "email_address": [
                "[email protected]"
              ]
            },
            "subject": {
              "common_name": [
                "Panabit"
              ],
              "locality": [
                "BeiJing"
              ],
              "organization": [
                "Panabit"
              ],
              "organizational_unit": [
                "Panabit"
              ],
              "province": [
                "BeiJing"
              ],
              "country": [
                "BJ"
              ],
              "email_address": [
                "[email protected]"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "5OSWO+xPflwyDHDN4cMrNHNTMzxlr+lAoqwLmah+PykaIqmfMd66DJzA0yZl9OvvTWrKpU3aGiElThAVKYqeczfhKUPz6ega3M30vn9Hxni7PbxWASdbOIexQrNxgZSQxM2Il86LSRb/97XQB95/AREbQmFvAPyl4VONLjEwN68L71w2zLm7Sers/c3DKOAvrHzlxWb9ZsducLxLbhzhPXVOO3cSjK4mwZ4h40/Q/Bzwxvn2gV5hFVWDaV3BOS6JiQ9Gr4+g/VIih8l+K3+af6oRUYevTdk3DSPvi3iXV0Vr9K6tQ9xeDjLF4WnUwbNdwcGaakDQUXWX14vNeRlIaQ==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "0c31fe6ca3f69fcacb658cf392c1cfbd559d43128e03c263e6251ca8e1f9ac70"
            },
            "signature": {
              "self_signed": true,
              "signature_algorithm": "SHA256-RSA"
            }
          }
        },
        "server_key_exchange": {
          "ec_params": {
            "named_curve": 23
          }
        },
        "session_ticket": {
          "length": 176,
          "lifetime_hint": 300
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "e35df3e00ca4ef31d42b34bebaa2f86e",
        "ja4s": "t120300_c030_bec8bdbaef8a",
        "versions": [
          {
            "tls_version": "TLSv1_2",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "e35df3e00ca4ef31d42b34bebaa2f86e",
            "ja4s": "t120300_c030_bec8bdbaef8a"
          },
          {
            "tls_version": "TLSv1_1",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "ce815ab6e37127ab1cb9fe33d3ba250d",
            "ja4s": "t110200_c014_344b4dce5a52"
          },
          {
            "tls_version": "TLSv1_0",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "623de93db17d313345d7ea481e7443cf",
            "ja4s": "t100200_c014_344b4dce5a52"
          }
        ]
      },
      "transport_fingerprint": {
        "raw": "65535,64,true,MNWST,1400,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Asia",
    "country": "China",
    "country_code": "CN",
    "city": "Shanghai",
    "postal_code": "200000",
    "timezone": "Asia/Shanghai",
    "province": "Shanghai",
    "coordinates": {
      "latitude": 31.22222,
      "longitude": 121.45806
    }
  },
  "location_updated_at": "2024-09-10T18:24:28.386508433Z",
  "autonomous_system": {
    "asn": 4837,
    "description": "CHINA169-BACKBONE CHINA UNICOM China169 Backbone",
    "bgp_prefix": "42.224.0.0/12",
    "name": "CHINA169-BACKBONE CHINA UNICOM China169 Backbone",
    "country_code": "CN"
  },
  "autonomous_system_updated_at": "2024-08-30T10:39:30.676080687Z",
  "whois": {
    "network": {
      "handle": "UNICOM-HA",
      "name": "China Unicom Henan province network",
      "cidrs": [
        "42.224.0.0/12"
      ],
      "updated": "2016-05-04T00:00:00Z"
    }
  },
  "operating_system": {
    "uniform_resource_identifier": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
    "part": "o",
    "vendor": "FreeBSD",
    "product": "FreeBSD",
    "version": "11.1",
    "other": {
      "family": "FreeBSD"
    }
  },
  "dns": {
    "reverse_dns": {
      "names": [
        "hn.kd.ny.adsl"
      ],
      "resolved_at": "2024-09-02T18:05:39.268364830Z"
    }
  },
  "last_updated_at": "2024-09-12T02:29:26.693Z",
  "labels": [
    "camera",
    "remote-access"
  ]
}