80.155.23.20

As of: Dec 03, 2022 4:49am UTC | Latest
{
  "ip": "80.155.23.20",
  "services": [
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 mail.geistlich.de ESMTP ready.\r\n",
      "banner_hashes": [
        "sha256:38bf1b152427e759ebf5b065e9f9ea276b66baadb007b3d97326bcdba5f0632e"
      ],
      "banner_hex": "323230206d61696c2e67656973746c6963682e64652045534d54502072656164792e0d0a",
      "certificate": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
      "extended_service_name": "SMTP-STARTTLS",
      "observed_at": "2022-12-01T17:49:10.300447342Z",
      "perspective_id": "PERSPECTIVE_ORANGE",
      "port": 25,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8",
          "start_tls": "DISPLAY_UTF8"
        },
        "banner": "220 mail.geistlich.de ESMTP ready.\r\n",
        "ehlo": "250-mail.geistlich.de Hello www.censys.io [167.94.145.60]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPE_CONNECT\r\n250-STARTTLS\r\n250 HELP\r\n",
        "start_tls": "220 TLS go ahead\r\n"
      },
      "source_ip": "167.94.145.60",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "autodiscover.geistlich.de",
              "mail.geistlich.de"
            ],
            "subject_dn": "CN=mail.geistlich.de",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "20f534bafa8a6ffaeefda4e260c5d798502f6dfe0e3d0476cf303a8f93299324",
            "fingerprint": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "mail.geistlich.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "8AAK8ZLJNlOU1jbaU0aQraHC1HmkVou7JnGEkDpHPiefZ/UhFZSXMiDTsZf5C0j6rqQENVZVj3nPBOcipGIViIij0dN4Zpduf7yeIZdoF6wOA2iMNRZ5+FyHJv6z8b4dFn7e1q2HhRzqzFlKQr+SaUGqYz0hn8U7rKf9ro4EqiKkTZ2CGCWxBa7O2eIHk2Z+tcAoZ5qvdVtGZsXm3zDGGTHBILcA1bBQqnXFLNxDI55wDueqaUQQQRb+2e2C39jfRY1l+/jxk1LvA3BeEJWYwySRUQXQQey3Y2aPrUNa/Dty0AC849fkDu1f3h5EaaXTUVYmeZRRM6H+xNpcv+CFGw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "e48ee14522a690d1c61caec51b39675c3a26ab60dbdebd5f1acaff27439c89e0"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "server_key_exchange": {
          "ec_params": {
            "named_curve": 23
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "303951d4c50efb2e991652225a6f02b1"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 403 Forbidden\r\nDate:  <REDACTED>\r\nServer: Apache\r\nContent-Length: 199\r\nContent-Type: text/html; charset=iso-8859-1\r\n",
      "banner_hashes": [
        "sha256:e947c815659364e0dfdab814bc6a1f83b31f96bcb522c21dfa55e53fd6295052"
      ],
      "banner_hex": "485454502f312e312034303320466f7262696464656e0d0a446174653a20203c52454441435445443e0d0a5365727665723a204170616368650d0a436f6e74656e742d4c656e6774683a203139390d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d69736f2d383835392d310d0a",
      "extended_service_name": "HTTP",
      "http": {
        "request": {
          "method": "GET",
          "uri": "http://80.155.23.20/",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 403,
          "status_reason": "Forbidden",
          "headers": {
            "Content_Length": [
              "199"
            ],
            "_encoding": {
              "Content_Length": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Date": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8"
            },
            "Server": [
              "Apache"
            ],
            "Date": [
              "<REDACTED>"
            ],
            "Content_Type": [
              "text/html; charset=iso-8859-1"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>403 Forbidden</title>"
          ],
          "body_size": 199,
          "body": "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>403 Forbidden</title>\n</head><body>\n<h1>Forbidden</h1>\n<p>You don't have permission to access this resource.</p>\n</body></html>\n",
          "body_hashes": [
            "sha256:5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10",
            "sha1:832e403d42aac1fec93e4f602338544d3fd2e4f1"
          ],
          "body_hash": "sha1:832e403d42aac1fec93e4f602338544d3fd2e4f1",
          "html_title": "403 Forbidden"
        },
        "supports_http2": false
      },
      "observed_at": "2022-12-02T13:46:36.721302497Z",
      "perspective_id": "PERSPECTIVE_ORANGE",
      "port": 80,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Apache",
          "product": "HTTPD",
          "other": {
            "family": "Apache"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.145.57",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 403 Forbidden\r\nDate:  <REDACTED>\r\nServer: Apache\r\nContent-Length: 199\r\nContent-Type: text/html; charset=iso-8859-1\r\n",
      "banner_hashes": [
        "sha256:e947c815659364e0dfdab814bc6a1f83b31f96bcb522c21dfa55e53fd6295052"
      ],
      "banner_hex": "485454502f312e312034303320466f7262696464656e0d0a446174653a20203c52454441435445443e0d0a5365727665723a204170616368650d0a436f6e74656e742d4c656e6774683a203139390d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d69736f2d383835392d310d0a",
      "certificate": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
      "extended_service_name": "HTTPS",
      "http": {
        "request": {
          "method": "GET",
          "uri": "https://80.155.23.20/",
          "headers": {
            "Accept": [
              "*/*"
            ],
            "_encoding": {
              "Accept": "DISPLAY_UTF8",
              "User_Agent": "DISPLAY_UTF8"
            },
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 403,
          "status_reason": "Forbidden",
          "headers": {
            "Date": [
              "<REDACTED>"
            ],
            "_encoding": {
              "Date": "DISPLAY_UTF8",
              "Content_Length": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8"
            },
            "Content_Length": [
              "199"
            ],
            "Server": [
              "Apache"
            ],
            "Content_Type": [
              "text/html; charset=iso-8859-1"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>403 Forbidden</title>"
          ],
          "body_size": 199,
          "body": "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>403 Forbidden</title>\n</head><body>\n<h1>Forbidden</h1>\n<p>You don't have permission to access this resource.</p>\n</body></html>\n",
          "body_hashes": [
            "sha256:5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10",
            "sha1:832e403d42aac1fec93e4f602338544d3fd2e4f1"
          ],
          "body_hash": "sha1:832e403d42aac1fec93e4f602338544d3fd2e4f1",
          "html_title": "403 Forbidden"
        },
        "supports_http2": false
      },
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "2ad2ad16d2ad2ad0002ad2ad2ad2ad96f985e03e80eb27111a2ea9dd745f27",
        "cipher_and_version_fingerprint": "2ad2ad16d2ad2ad0002ad2ad2ad2ad",
        "tls_extensions_sha256": "96f985e03e80eb27111a2ea9dd745f27",
        "observed_at": "2022-11-26T13:31:03.789768017Z"
      },
      "observed_at": "2022-12-02T09:41:32.537110770Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 443,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Apache",
          "product": "HTTPD",
          "other": {
            "family": "Apache"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.248.133.117",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "autodiscover.geistlich.de",
              "mail.geistlich.de"
            ],
            "subject_dn": "CN=mail.geistlich.de",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "20f534bafa8a6ffaeefda4e260c5d798502f6dfe0e3d0476cf303a8f93299324",
            "fingerprint": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "mail.geistlich.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "8AAK8ZLJNlOU1jbaU0aQraHC1HmkVou7JnGEkDpHPiefZ/UhFZSXMiDTsZf5C0j6rqQENVZVj3nPBOcipGIViIij0dN4Zpduf7yeIZdoF6wOA2iMNRZ5+FyHJv6z8b4dFn7e1q2HhRzqzFlKQr+SaUGqYz0hn8U7rKf9ro4EqiKkTZ2CGCWxBa7O2eIHk2Z+tcAoZ5qvdVtGZsXm3zDGGTHBILcA1bBQqnXFLNxDI55wDueqaUQQQRb+2e2C39jfRY1l+/jxk1LvA3BeEJWYwySRUQXQQey3Y2aPrUNa/Dty0AC849fkDu1f3h5EaaXTUVYmeZRRM6H+xNpcv+CFGw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "e48ee14522a690d1c61caec51b39675c3a26ab60dbdebd5f1acaff27439c89e0"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "server_key_exchange": {
          "ec_params": {
            "named_curve": 23
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "0debd3853f330c574b05e0b6d882dc27"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 mail.geistlich.de ESMTP ready.\r\n",
      "banner_hashes": [
        "sha256:38bf1b152427e759ebf5b065e9f9ea276b66baadb007b3d97326bcdba5f0632e"
      ],
      "banner_hex": "323230206d61696c2e67656973746c6963682e64652045534d54502072656164792e0d0a",
      "certificate": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
      "extended_service_name": "SMTPS",
      "observed_at": "2022-12-02T23:38:36.124168318Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 465,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8"
        },
        "banner": "220 mail.geistlich.de ESMTP ready.\r\n",
        "ehlo": "250-mail.geistlich.de Hello scanner-08.ch1.censys-scanner.com [167.248.133.44]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPE_CONNECT\r\n250 HELP\r\n"
      },
      "source_ip": "167.248.133.44",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "autodiscover.geistlich.de",
              "mail.geistlich.de"
            ],
            "subject_dn": "CN=mail.geistlich.de",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "20f534bafa8a6ffaeefda4e260c5d798502f6dfe0e3d0476cf303a8f93299324",
            "fingerprint": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "mail.geistlich.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "8AAK8ZLJNlOU1jbaU0aQraHC1HmkVou7JnGEkDpHPiefZ/UhFZSXMiDTsZf5C0j6rqQENVZVj3nPBOcipGIViIij0dN4Zpduf7yeIZdoF6wOA2iMNRZ5+FyHJv6z8b4dFn7e1q2HhRzqzFlKQr+SaUGqYz0hn8U7rKf9ro4EqiKkTZ2CGCWxBa7O2eIHk2Z+tcAoZ5qvdVtGZsXm3zDGGTHBILcA1bBQqnXFLNxDI55wDueqaUQQQRb+2e2C39jfRY1l+/jxk1LvA3BeEJWYwySRUQXQQey3Y2aPrUNa/Dty0AC849fkDu1f3h5EaaXTUVYmeZRRM6H+xNpcv+CFGw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "e48ee14522a690d1c61caec51b39675c3a26ab60dbdebd5f1acaff27439c89e0"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "server_key_exchange": {
          "ec_params": {
            "named_curve": 23
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "303951d4c50efb2e991652225a6f02b1"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 mail.geistlich.de ESMTP ready.\r\n",
      "banner_hashes": [
        "sha256:38bf1b152427e759ebf5b065e9f9ea276b66baadb007b3d97326bcdba5f0632e"
      ],
      "banner_hex": "323230206d61696c2e67656973746c6963682e64652045534d54502072656164792e0d0a",
      "certificate": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
      "extended_service_name": "SMTP-STARTTLS",
      "observed_at": "2022-12-03T04:49:56.827761219Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 587,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8",
          "start_tls": "DISPLAY_UTF8"
        },
        "banner": "220 mail.geistlich.de ESMTP ready.\r\n",
        "ehlo": "250-mail.geistlich.de Hello scanner-09.ch1.censys-scanner.com [167.248.133.63]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPE_CONNECT\r\n250-STARTTLS\r\n250 HELP\r\n",
        "start_tls": "220 TLS go ahead\r\n"
      },
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "167.248.133.63",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "autodiscover.geistlich.de",
              "mail.geistlich.de"
            ],
            "subject_dn": "CN=mail.geistlich.de",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "20f534bafa8a6ffaeefda4e260c5d798502f6dfe0e3d0476cf303a8f93299324",
            "fingerprint": "d20dba7efb5c1febfc71886e6248523c5b23eb484c3e8c2b0228d4eaf301d2e8",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "mail.geistlich.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "8AAK8ZLJNlOU1jbaU0aQraHC1HmkVou7JnGEkDpHPiefZ/UhFZSXMiDTsZf5C0j6rqQENVZVj3nPBOcipGIViIij0dN4Zpduf7yeIZdoF6wOA2iMNRZ5+FyHJv6z8b4dFn7e1q2HhRzqzFlKQr+SaUGqYz0hn8U7rKf9ro4EqiKkTZ2CGCWxBa7O2eIHk2Z+tcAoZ5qvdVtGZsXm3zDGGTHBILcA1bBQqnXFLNxDI55wDueqaUQQQRb+2e2C39jfRY1l+/jxk1LvA3BeEJWYwySRUQXQQey3Y2aPrUNa/Dty0AC849fkDu1f3h5EaaXTUVYmeZRRM6H+xNpcv+CFGw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "e48ee14522a690d1c61caec51b39675c3a26ab60dbdebd5f1acaff27439c89e0"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "server_key_exchange": {
          "ec_params": {
            "named_curve": 23
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "303951d4c50efb2e991652225a6f02b1"
      },
      "transport_fingerprint": {
        "id": 72,
        "os": "Ubuntu / Debian / CentOS",
        "raw": "28960,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "banner_grab",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX"
      },
      "banner": "",
      "banner_grab": {
        "transport": "TCP"
      },
      "banner_hashes": [
        "sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
      ],
      "certificate": "cfd8abd95443122b555f5dabcd6e54d3766b4494f0492bdc2f3124e216cc935e",
      "extended_service_name": "UNKNOWN",
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "26d26d00026d26d22c26d26d26d26dd3b67dd3674d9af9dd91c1955a35d0e9",
        "cipher_and_version_fingerprint": "26d26d00026d26d22c26d26d26d26d",
        "tls_extensions_sha256": "d3b67dd3674d9af9dd91c1955a35d0e9",
        "observed_at": "2022-11-23T13:36:42.144090172Z"
      },
      "observed_at": "2022-12-01T14:15:32.496338890Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 8460,
      "service_name": "UNKNOWN",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "microsoft",
          "product": "windows",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "167.94.138.61",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "cfd8abd95443122b555f5dabcd6e54d3766b4494f0492bdc2f3124e216cc935e",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676"
          ],
          "leaf_data": {
            "names": [
              "*.geistlich.de",
              "geistlich.de"
            ],
            "subject_dn": "CN=*.geistlich.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "ceac99c76947f52d42ca9b5579dc018fef65cbc1fcbc739993a2e75a595c803f",
            "fingerprint": "cfd8abd95443122b555f5dabcd6e54d3766b4494f0492bdc2f3124e216cc935e",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.geistlich.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "yg4yfDqobcKu6ApIa0o982ZKrzC4xA2zk+acq0/h6UHAo/URiowIhNsJ9dBvtczqil/XtfOq6JaVTw4jIXnLt7vZaY9RpKTvqWHXRuZEPTajQylPuXjkOZHkPhEX44dvkZBL4pALp+NK8LZz8GQ+iwgPC+VgIF97hF9qUNC614zPOjDrEUWnr2UHb/dhx986djzkqrWnUNHLV49ewDJjmAjxlq/mYDX9G2wuTnxqjZqVipCAlf93Bf+hYe1IHsXeNEszRLXg3gNRMsL2Z3NCWb9fO/PQJiS9mKCGk5/9VEjZl7OLkbhueaBcozEqC+CAqdT1e6NPqmk2Bay3iy4g+w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "c8ab2c141caeab51a7b14168c9b9059b3cde826560b132f9ed46b6b061c7e91b"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            }
          ]
        },
        "server_key_exchange": {
          "ec_params": {
            "named_curve": 24
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "507bcb4f8187a3fb0cbc7fdfaf344f0d"
      },
      "transport_fingerprint": {
        "id": 310,
        "os": "Windows 2008 R2 / 2012",
        "raw": "8192,128,true,MNWST,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 401 Unauthorized\r\nContent-Length: 0\r\nServer: Microsoft-HTTPAPI/2.0\r\nWWW-Authenticate: Basic realm=\"\"\r\nDate:  <REDACTED>\r\n",
      "banner_hashes": [
        "sha256:b81834b2e48951eb9640e5396358542851cedceb59313d8530acaa7d56ddd501"
      ],
      "banner_hex": "485454502f312e312034303120556e617574686f72697a65640d0a436f6e74656e742d4c656e6774683a20300d0a5365727665723a204d6963726f736f66742d485454504150492f322e300d0a5757572d41757468656e7469636174653a204261736963207265616c6d3d22220d0a446174653a20203c52454441435445443e0d0a",
      "certificate": "cfd8abd95443122b555f5dabcd6e54d3766b4494f0492bdc2f3124e216cc935e",
      "extended_service_name": "HTTPS",
      "http": {
        "request": {
          "method": "GET",
          "uri": "https://80.155.23.20:8463/",
          "headers": {
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ],
            "_encoding": {
              "User_Agent": "DISPLAY_UTF8",
              "Accept": "DISPLAY_UTF8"
            },
            "Accept": [
              "*/*"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 401,
          "status_reason": "Unauthorized",
          "headers": {
            "Date": [
              "<REDACTED>"
            ],
            "_encoding": {
              "Date": "DISPLAY_UTF8",
              "Www_Authenticate": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Content_Length": "DISPLAY_UTF8"
            },
            "Www_Authenticate": [
              "Basic realm=\"\""
            ],
            "Server": [
              "Microsoft-HTTPAPI/2.0"
            ],
            "Content_Length": [
              "0"
            ]
          },
          "body_size": 0
        },
        "supports_http2": false
      },
      "jarm": {
        "_encoding": {
          "fingerprint": "DISPLAY_HEX",
          "cipher_and_version_fingerprint": "DISPLAY_HEX",
          "tls_extensions_sha256": "DISPLAY_HEX"
        },
        "fingerprint": "26d26d00026d26d22c26d26d26d26dd3b67dd3674d9af9dd91c1955a35d0e9",
        "cipher_and_version_fingerprint": "26d26d00026d26d22c26d26d26d26d",
        "tls_extensions_sha256": "d3b67dd3674d9af9dd91c1955a35d0e9",
        "observed_at": "2022-11-22T15:46:08.914220141Z"
      },
      "observed_at": "2022-12-01T14:15:22.554945217Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 8463,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Microsoft",
          "product": "Windows",
          "other": {
            "family": "Windows"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:microsoft:http_api:2.0:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Microsoft",
          "product": "HTTP API",
          "version": "2.0",
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "162.142.125.8",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "cfd8abd95443122b555f5dabcd6e54d3766b4494f0492bdc2f3124e216cc935e",
          "chain_fps_sha_256": [
            "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676"
          ],
          "leaf_data": {
            "names": [
              "*.geistlich.de",
              "geistlich.de"
            ],
            "subject_dn": "CN=*.geistlich.de",
            "issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "ceac99c76947f52d42ca9b5579dc018fef65cbc1fcbc739993a2e75a595c803f",
            "fingerprint": "cfd8abd95443122b555f5dabcd6e54d3766b4494f0492bdc2f3124e216cc935e",
            "issuer": {
              "common_name": [
                "Sectigo RSA Domain Validation Secure Server CA"
              ],
              "locality": [
                "Salford"
              ],
              "organization": [
                "Sectigo Limited"
              ],
              "province": [
                "Greater Manchester"
              ],
              "country": [
                "GB"
              ]
            },
            "subject": {
              "common_name": [
                "*.geistlich.de"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "yg4yfDqobcKu6ApIa0o982ZKrzC4xA2zk+acq0/h6UHAo/URiowIhNsJ9dBvtczqil/XtfOq6JaVTw4jIXnLt7vZaY9RpKTvqWHXRuZEPTajQylPuXjkOZHkPhEX44dvkZBL4pALp+NK8LZz8GQ+iwgPC+VgIF97hF9qUNC614zPOjDrEUWnr2UHb/dhx986djzkqrWnUNHLV49ewDJjmAjxlq/mYDX9G2wuTnxqjZqVipCAlf93Bf+hYe1IHsXeNEszRLXg3gNRMsL2Z3NCWb9fO/PQJiS9mKCGk5/9VEjZl7OLkbhueaBcozEqC+CAqdT1e6NPqmk2Bay3iy4g+w==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "c8ab2c141caeab51a7b14168c9b9059b3cde826560b132f9ed46b6b061c7e91b"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
              "subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
              "issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
            }
          ]
        },
        "server_key_exchange": {
          "ec_params": {
            "named_curve": 24
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "507bcb4f8187a3fb0cbc7fdfaf344f0d"
      },
      "transport_fingerprint": {
        "id": 310,
        "os": "Windows 2008 R2 / 2012",
        "raw": "8192,128,true,MNWST,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Europe",
    "country": "Germany",
    "country_code": "DE",
    "city": "Trebur",
    "postal_code": "65468",
    "timezone": "Europe/Berlin",
    "province": "Hesse",
    "coordinates": {
      "latitude": 49.9265,
      "longitude": 8.396
    },
    "registered_country": "Germany",
    "registered_country_code": "DE"
  },
  "location_updated_at": "2022-12-01T16:33:46.113485Z",
  "autonomous_system": {
    "asn": 3320,
    "description": "DTAG Internet service provider operations",
    "bgp_prefix": "80.152.0.0/14",
    "name": "DTAG Internet service provider operations",
    "country_code": "DE"
  },
  "autonomous_system_updated_at": "2022-11-27T04:13:29.854925Z",
  "operating_system": {
    "uniform_resource_identifier": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
    "part": "o",
    "vendor": "Microsoft",
    "product": "Windows",
    "other": {
      "family": "Windows"
    }
  },
  "dns": {
    "names": [
      "mailstore.geistlich.de",
      "autodiscover.geistlich.de",
      "mail.geistlich.de"
    ],
    "records": {
      "autodiscover.geistlich.de": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-05T14:50:29.251384821Z"
      },
      "mailstore.geistlich.de": {
        "record_type": "CNAME",
        "resolved_at": "2022-11-14T14:23:32.378347357Z"
      },
      "mail.geistlich.de": {
        "record_type": "A",
        "resolved_at": "2022-11-24T14:21:26.634742621Z"
      }
    },
    "reverse_dns": {
      "names": [
        "mail.geistlich.de"
      ],
      "resolved_at": "2022-11-21T08:43:49.311389261Z"
    }
  },
  "last_updated_at": "2022-12-03T04:49:58.317Z"
}