80.74.142.130
As of: Dec 07, 2023 4:40pm UTC |
Latest
{
"ip": "80.74.142.130",
"services": [
{
"_decoded": "ftp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 ProFTPD Server (ProFTPD) [80.74.142.130]\r\n",
"banner_hashes": [
"sha256:62d8c0689f2f8307be3181447dcf7a27f81bbb80ae26dbe0dbc750712303808b"
],
"banner_hex": "3232302050726f4654504420536572766572202850726f4654504429205b38302e37342e3134322e3133305d0d0a",
"certificate": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"extended_service_name": "FTPes",
"ftp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"auth_tls_response": "DISPLAY_UTF8"
},
"banner": "220 ProFTPD Server (ProFTPD) [80.74.142.130]\r\n",
"auth_tls_response": "234 AUTH TLS successful\r\n",
"status_code": 220,
"status_meaning": "Service ready for new user.",
"implicit_tls": false
},
"labels": [
"file-sharing"
],
"observed_at": "2023-12-06T14:45:49.507522425Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 21,
"service_name": "FTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "ProFTPD Project",
"product": "ProFTPD",
"other": {
"family": "ProFTPD"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"other": {
"ip": "80.74.142.130"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.248.133.49",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.sui-inter.net",
"sui-inter.net"
],
"subject_dn": "CN=*.sui-inter.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "c45d77ed1c3359e53b8f54d86d18ee2f00a2ba0147f908e91162265e6f0de153",
"fingerprint": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.sui-inter.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "2KrGH45QlaGxXDh8hsriblyj1kYgZ6ols/grtLFuwLDwNKvYIg52r6dpsKZsEM/8FR0Vy63b+9wqlTwhveRttU577DGLWFWbQ4lTeE5gxytcp8HiYwN68n6G+JO+RUJougRPaXxAInznERfa3+99TbfTsrl8APhbvtskSvMWY58WAzrVSSslm24JUF+IuAt1nPjFMLbNtHg5/9StPmxO6FJY8qvblqJulTHzdzunBD6CHeGftQjzqZFcWP5jS2tknglPFm6/rmUnwRGc/AtwWcNhuPAXNyT1oFEYR7hyM91YnyoyYArkIOnUp/JkHFAetnkeR4/AlTZppLbGH16FIy0Mi5Yq/wfTXCMTkeNdaSYJO9sf0Ah5BndbMSoQatUdug/CGYsPl0LYJ2R+uc6xVSPl6k0P4KWi3U7vTphD08Fi+s4KiG9HmEgFiY8s6L+vRNDUMky9nkX9yCGy4NmFvB+ClmKbv2e3owqADy0w/tS21Ef3fY2QhL+nQwuapXWDNVI5sYGw146Dbvugyhq9+pCE+Ofo1nkiAA/b21kBFZH/3/DTtCfZ9LLmkYNtAwvGIzB94ej17yUBPMakZCErJ/dh0S3k0cLFB4n6BH01KCy5hCI/MgM92JeeFXOkay/Kpio+vvtzpQYqA/UJ5JQTRAIExwIA6VpSdTdotCLphbE=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "ec2196b0a7090e694d1978b4a762803fc9c0e01cdb93128bd6a6105843392de9"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 23
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "0debd3853f330c574b05e0b6d882dc27"
},
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "smtp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 decimus.sui-inter.net ESMTP Postfix\r\n",
"banner_hashes": [
"sha256:7079be685ca42735304709507a2871a612493f6104ab19bf28d8af00a5503dd3"
],
"banner_hex": "32323020646563696d75732e7375692d696e7465722e6e65742045534d545020506f73746669780d0a",
"certificate": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"extended_service_name": "SMTP-STARTTLS",
"labels": [
"email"
],
"observed_at": "2023-12-07T16:40:17.487711448Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 25,
"service_name": "SMTP",
"smtp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"ehlo": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "220 decimus.sui-inter.net ESMTP Postfix\r\n",
"ehlo": "250-decimus.sui-inter.net\r\n250-PIPELINING\r\n250-SIZE 52428800\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH CRAM-MD5 PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250 CHUNKING\r\n",
"start_tls": "220 2.0.0 Ready to start TLS\r\n"
},
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Postfix",
"product": "Postfix",
"other": {
"family": "Postfix"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.125",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.sui-inter.net",
"sui-inter.net"
],
"subject_dn": "CN=*.sui-inter.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "c45d77ed1c3359e53b8f54d86d18ee2f00a2ba0147f908e91162265e6f0de153",
"fingerprint": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.sui-inter.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "2KrGH45QlaGxXDh8hsriblyj1kYgZ6ols/grtLFuwLDwNKvYIg52r6dpsKZsEM/8FR0Vy63b+9wqlTwhveRttU577DGLWFWbQ4lTeE5gxytcp8HiYwN68n6G+JO+RUJougRPaXxAInznERfa3+99TbfTsrl8APhbvtskSvMWY58WAzrVSSslm24JUF+IuAt1nPjFMLbNtHg5/9StPmxO6FJY8qvblqJulTHzdzunBD6CHeGftQjzqZFcWP5jS2tknglPFm6/rmUnwRGc/AtwWcNhuPAXNyT1oFEYR7hyM91YnyoyYArkIOnUp/JkHFAetnkeR4/AlTZppLbGH16FIy0Mi5Yq/wfTXCMTkeNdaSYJO9sf0Ah5BndbMSoQatUdug/CGYsPl0LYJ2R+uc6xVSPl6k0P4KWi3U7vTphD08Fi+s4KiG9HmEgFiY8s6L+vRNDUMky9nkX9yCGy4NmFvB+ClmKbv2e3owqADy0w/tS21Ef3fY2QhL+nQwuapXWDNVI5sYGw146Dbvugyhq9+pCE+Ofo1nkiAA/b21kBFZH/3/DTtCfZ9LLmkYNtAwvGIzB94ej17yUBPMakZCErJ/dh0S3k0cLFB4n6BH01KCy5hCI/MgM92JeeFXOkay/Kpio+vvtzpQYqA/UJ5JQTRAIExwIA6VpSdTdotCLphbE=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "ec2196b0a7090e694d1978b4a762803fc9c0e01cdb93128bd6a6105843392de9"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 29
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "d25619cb77d3219fc9fc14cb6b35eacc"
},
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "dns",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "none",
"banner_hashes": [
"sha256:140bedbf9c3f6d56a9846d2ba7088798683f4da0c248231336e6a05679e4fdfe"
],
"banner_hex": "6e6f6e65",
"dns": {
"version": "none",
"server_type": "AUTHORITATIVE",
"r_code": "REFUSED",
"resolves_correctly": false
},
"extended_service_name": "DNS",
"observed_at": "2023-12-07T12:37:55.116712216Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 53,
"service_name": "DNS",
"source_ip": "167.248.133.51",
"transport_protocol": "UDP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 540\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Mon, 29 May 2006 08:22:54 GMT\r\nETag: \"21c-414e906641380\"\r\nAccept-Ranges: bytes\r\n",
"banner_hashes": [
"sha256:60116b3a6e75a81d3a542af252a3199336c5e6973c155ef9554385bce02493be"
],
"banner_hex": "485454502f312e3120323030204f4b0d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203534300d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a566172793a204163636570742d456e636f64696e670d0a4c6173742d4d6f6469666965643a204d6f6e2c203239204d617920323030362030383a32323a353420474d540d0a455461673a20223231632d34313465393036363431333830220d0a4163636570742d52616e6765733a2062797465730d0a",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://80.74.142.130/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 200,
"status_reason": "OK",
"headers": {
"Last_Modified": [
"Mon, 29 May 2006 08:22:54 GMT"
],
"_encoding": {
"Last_Modified": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8",
"Vary": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Accept_Ranges": "DISPLAY_UTF8",
"ETag": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8"
},
"Server": [
"nginx"
],
"Date": [
"<REDACTED>"
],
"Vary": [
"Accept-Encoding"
],
"Content_Type": [
"text/html"
],
"Content_Length": [
"540"
],
"Accept_Ranges": [
"bytes"
],
"ETag": [
"\"21c-414e906641380\""
],
"Connection": [
"keep-alive"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>[]</title>",
"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">"
],
"body_size": 540,
"body": "<html>\n<head>\n<title>[]</title>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">\n</head>\n\n<body bgcolor=\"#FFFFFF\">\n<table width=\"564\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\n\n \n\n <tr>\n <td colspan=2>\n <p> </p>\n <h3><font face=\"Arial, Helvetica, sans-serif\">Site Temporarily Closed</font></h3>\n \n <p><font face=\"Arial, Helvetica, sans-serif\" color=\"#0000a0\">For further information\n please contact the webmaster.</font></p>\n </td>\n </tr>\n</table>\n</body>\n</html>\n",
"favicons": [
{
"size": 17542,
"name": "http://80.74.142.130/favicon.ico",
"md5_hash": "dcea02a5797ce9e36f19b7590752563e"
}
],
"body_hashes": [
"sha256:c795b985da4273a760b0201e6c825c90e6e9f98da96cbc58dc167a3c8c34cee3",
"sha1:1d723ba8cedca5402e5935892003d19f9bee09a2"
],
"body_hash": "sha1:1d723ba8cedca5402e5935892003d19f9bee09a2",
"html_title": "[]"
},
"supports_http2": false
},
"observed_at": "2023-12-07T06:10:33.512215388Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 80,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "nginx",
"product": "nginx",
"other": {
"family": "nginx"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.52",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "pop3",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "+OK Dovecot ready. <684f.1.656fc204.W2cnqIAKeCDFa//87T/[email protected]>\r\n",
"banner_hashes": [
"sha256:aaa0ea7149e93882e353f0c37e77d3428d4430818018d3cfbb60d0beac19c28e"
],
"banner_hex": "2b4f4b20446f7665636f742072656164792e203c363834662e312e36353666633230342e5732636e7149414b65434446612f2f3837542f6943673d3d40646563696d75732e7375692d696e7465722e6e65743e0d0a",
"certificate": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"extended_service_name": "POP3S",
"labels": [
"email"
],
"observed_at": "2023-12-06T00:36:20.668918191Z",
"perspective_id": "PERSPECTIVE_TATA",
"pop3": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "+OK Dovecot ready. <684f.1.656fc204.W2cnqIAKeCDFa//87T/[email protected]>\r\n",
"start_tls": "+OK Begin TLS negotiation now.\r\n"
},
"port": 110,
"service_name": "POP3",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Dovecot",
"product": "Dovecot",
"other": {
"family": "Dovecot"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.50",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.sui-inter.net",
"sui-inter.net"
],
"subject_dn": "CN=*.sui-inter.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "c45d77ed1c3359e53b8f54d86d18ee2f00a2ba0147f908e91162265e6f0de153",
"fingerprint": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.sui-inter.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "2KrGH45QlaGxXDh8hsriblyj1kYgZ6ols/grtLFuwLDwNKvYIg52r6dpsKZsEM/8FR0Vy63b+9wqlTwhveRttU577DGLWFWbQ4lTeE5gxytcp8HiYwN68n6G+JO+RUJougRPaXxAInznERfa3+99TbfTsrl8APhbvtskSvMWY58WAzrVSSslm24JUF+IuAt1nPjFMLbNtHg5/9StPmxO6FJY8qvblqJulTHzdzunBD6CHeGftQjzqZFcWP5jS2tknglPFm6/rmUnwRGc/AtwWcNhuPAXNyT1oFEYR7hyM91YnyoyYArkIOnUp/JkHFAetnkeR4/AlTZppLbGH16FIy0Mi5Yq/wfTXCMTkeNdaSYJO9sf0Ah5BndbMSoQatUdug/CGYsPl0LYJ2R+uc6xVSPl6k0P4KWi3U7vTphD08Fi+s4KiG9HmEgFiY8s6L+vRNDUMky9nkX9yCGy4NmFvB+ClmKbv2e3owqADy0w/tS21Ef3fY2QhL+nQwuapXWDNVI5sYGw146Dbvugyhq9+pCE+Ofo1nkiAA/b21kBFZH/3/DTtCfZ9LLmkYNtAwvGIzB94ej17yUBPMakZCErJ/dh0S3k0cLFB4n6BH01KCy5hCI/MgM92JeeFXOkay/Kpio+vvtzpQYqA/UJ5JQTRAIExwIA6VpSdTdotCLphbE=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "ec2196b0a7090e694d1978b4a762803fc9c0e01cdb93128bd6a6105843392de9"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 23
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "0debd3853f330c574b05e0b6d882dc27"
},
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "imap",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.\r\n",
"banner_hashes": [
"sha256:3535c1c91c9938cc78b1a93a8b510daff703245d7abc0d8ca0e217b0480eeca0"
],
"banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c45204c49544552414c2b205354415254544c5320415554483d504c41494e20415554483d4c4f47494e20415554483d4449474553542d4d443520415554483d4352414d2d4d44355d20446f7665636f742072656164792e0d0a",
"certificate": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"extended_service_name": "IMAPS",
"imap": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.\r\n",
"start_tls": "a001 OK Begin TLS negotiation now.\r\n"
},
"labels": [
"email"
],
"observed_at": "2023-12-07T09:17:41.705545084Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 143,
"service_name": "IMAP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Dovecot",
"product": "Dovecot",
"other": {
"family": "Dovecot"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.34",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.sui-inter.net",
"sui-inter.net"
],
"subject_dn": "CN=*.sui-inter.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "c45d77ed1c3359e53b8f54d86d18ee2f00a2ba0147f908e91162265e6f0de153",
"fingerprint": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.sui-inter.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "2KrGH45QlaGxXDh8hsriblyj1kYgZ6ols/grtLFuwLDwNKvYIg52r6dpsKZsEM/8FR0Vy63b+9wqlTwhveRttU577DGLWFWbQ4lTeE5gxytcp8HiYwN68n6G+JO+RUJougRPaXxAInznERfa3+99TbfTsrl8APhbvtskSvMWY58WAzrVSSslm24JUF+IuAt1nPjFMLbNtHg5/9StPmxO6FJY8qvblqJulTHzdzunBD6CHeGftQjzqZFcWP5jS2tknglPFm6/rmUnwRGc/AtwWcNhuPAXNyT1oFEYR7hyM91YnyoyYArkIOnUp/JkHFAetnkeR4/AlTZppLbGH16FIy0Mi5Yq/wfTXCMTkeNdaSYJO9sf0Ah5BndbMSoQatUdug/CGYsPl0LYJ2R+uc6xVSPl6k0P4KWi3U7vTphD08Fi+s4KiG9HmEgFiY8s6L+vRNDUMky9nkX9yCGy4NmFvB+ClmKbv2e3owqADy0w/tS21Ef3fY2QhL+nQwuapXWDNVI5sYGw146Dbvugyhq9+pCE+Ofo1nkiAA/b21kBFZH/3/DTtCfZ9LLmkYNtAwvGIzB94ej17yUBPMakZCErJ/dh0S3k0cLFB4n6BH01KCy5hCI/MgM92JeeFXOkay/Kpio+vvtzpQYqA/UJ5JQTRAIExwIA6VpSdTdotCLphbE=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "ec2196b0a7090e694d1978b4a762803fc9c0e01cdb93128bd6a6105843392de9"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 23
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "0debd3853f330c574b05e0b6d882dc27"
},
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 540\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Mon, 29 May 2006 08:22:54 GMT\r\nETag: \"21c-414e906641380\"\r\nAccept-Ranges: bytes\r\n",
"banner_hashes": [
"sha256:60116b3a6e75a81d3a542af252a3199336c5e6973c155ef9554385bce02493be"
],
"banner_hex": "485454502f312e3120323030204f4b0d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203534300d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a566172793a204163636570742d456e636f64696e670d0a4c6173742d4d6f6469666965643a204d6f6e2c203239204d617920323030362030383a32323a353420474d540d0a455461673a20223231632d34313465393036363431333830220d0a4163636570742d52616e6765733a2062797465730d0a",
"certificate": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"extended_service_name": "HTTPS",
"http": {
"request": {
"method": "GET",
"uri": "https://80.74.142.130/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 200,
"status_reason": "OK",
"headers": {
"ETag": [
"\"21c-414e906641380\""
],
"_encoding": {
"ETag": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8",
"Accept_Ranges": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8",
"Vary": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Last_Modified": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8"
},
"Connection": [
"keep-alive"
],
"Accept_Ranges": [
"bytes"
],
"Content_Type": [
"text/html"
],
"Date": [
"<REDACTED>"
],
"Vary": [
"Accept-Encoding"
],
"Content_Length": [
"540"
],
"Last_Modified": [
"Mon, 29 May 2006 08:22:54 GMT"
],
"Server": [
"nginx"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>[]</title>",
"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">"
],
"body_size": 540,
"body": "<html>\n<head>\n<title>[]</title>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">\n</head>\n\n<body bgcolor=\"#FFFFFF\">\n<table width=\"564\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\n\n \n\n <tr>\n <td colspan=2>\n <p> </p>\n <h3><font face=\"Arial, Helvetica, sans-serif\">Site Temporarily Closed</font></h3>\n \n <p><font face=\"Arial, Helvetica, sans-serif\" color=\"#0000a0\">For further information\n please contact the webmaster.</font></p>\n </td>\n </tr>\n</table>\n</body>\n</html>\n",
"favicons": [
{
"size": 17542,
"name": "https://80.74.142.130/favicon.ico",
"md5_hash": "dcea02a5797ce9e36f19b7590752563e"
}
],
"body_hashes": [
"sha256:c795b985da4273a760b0201e6c825c90e6e9f98da96cbc58dc167a3c8c34cee3",
"sha1:1d723ba8cedca5402e5935892003d19f9bee09a2"
],
"body_hash": "sha1:1d723ba8cedca5402e5935892003d19f9bee09a2",
"html_title": "[]"
},
"supports_http2": true
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "15d3fd16d29d29d00042d43d00000071784fa9f8305ba9220d0a7894b6ff2c",
"cipher_and_version_fingerprint": "15d3fd16d29d29d00042d43d000000",
"tls_extensions_sha256": "71784fa9f8305ba9220d0a7894b6ff2c",
"observed_at": "2023-12-01T15:39:57.320209418Z"
},
"observed_at": "2023-12-06T18:43:50.800218012Z",
"perspective_id": "PERSPECTIVE_TELIA",
"port": 443,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "nginx",
"product": "nginx",
"other": {
"family": "nginx"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.146.58",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.sui-inter.net",
"sui-inter.net"
],
"subject_dn": "CN=*.sui-inter.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "c45d77ed1c3359e53b8f54d86d18ee2f00a2ba0147f908e91162265e6f0de153",
"fingerprint": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.sui-inter.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "2KrGH45QlaGxXDh8hsriblyj1kYgZ6ols/grtLFuwLDwNKvYIg52r6dpsKZsEM/8FR0Vy63b+9wqlTwhveRttU577DGLWFWbQ4lTeE5gxytcp8HiYwN68n6G+JO+RUJougRPaXxAInznERfa3+99TbfTsrl8APhbvtskSvMWY58WAzrVSSslm24JUF+IuAt1nPjFMLbNtHg5/9StPmxO6FJY8qvblqJulTHzdzunBD6CHeGftQjzqZFcWP5jS2tknglPFm6/rmUnwRGc/AtwWcNhuPAXNyT1oFEYR7hyM91YnyoyYArkIOnUp/JkHFAetnkeR4/AlTZppLbGH16FIy0Mi5Yq/wfTXCMTkeNdaSYJO9sf0Ah5BndbMSoQatUdug/CGYsPl0LYJ2R+uc6xVSPl6k0P4KWi3U7vTphD08Fi+s4KiG9HmEgFiY8s6L+vRNDUMky9nkX9yCGy4NmFvB+ClmKbv2e3owqADy0w/tS21Ef3fY2QhL+nQwuapXWDNVI5sYGw146Dbvugyhq9+pCE+Ofo1nkiAA/b21kBFZH/3/DTtCfZ9LLmkYNtAwvGIzB94ej17yUBPMakZCErJ/dh0S3k0cLFB4n6BH01KCy5hCI/MgM92JeeFXOkay/Kpio+vvtzpQYqA/UJ5JQTRAIExwIA6VpSdTdotCLphbE=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "ec2196b0a7090e694d1978b4a762803fc9c0e01cdb93128bd6a6105843392de9"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "smtp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 decimus.sui-inter.net ESMTP Postfix\r\n",
"banner_hashes": [
"sha256:7079be685ca42735304709507a2871a612493f6104ab19bf28d8af00a5503dd3"
],
"banner_hex": "32323020646563696d75732e7375692d696e7465722e6e65742045534d545020506f73746669780d0a",
"certificate": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
"extended_service_name": "SMTPS",
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "07d19d1ad21d21d07c07d19d07d21d23aeefb38b723c523befb314af6e95ac",
"cipher_and_version_fingerprint": "07d19d1ad21d21d07c07d19d07d21d",
"tls_extensions_sha256": "23aeefb38b723c523befb314af6e95ac",
"observed_at": "2023-12-06T06:32:14.538849925Z"
},
"labels": [
"email"
],
"observed_at": "2023-12-07T01:15:28.892693406Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 465,
"service_name": "SMTP",
"smtp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"ehlo": "DISPLAY_UTF8"
},
"banner": "220 decimus.sui-inter.net ESMTP Postfix\r\n",
"ehlo": "250-decimus.sui-inter.net\r\n250-PIPELINING\r\n250-SIZE 52428800\r\n250-ETRN\r\n250-AUTH CRAM-MD5 PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250 CHUNKING\r\n"
},
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Postfix",
"product": "Postfix",
"other": {
"family": "Postfix"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.50",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.sui-inter.net",
"sui-inter.net"
],
"subject_dn": "CN=*.sui-inter.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "c45d77ed1c3359e53b8f54d86d18ee2f00a2ba0147f908e91162265e6f0de153",
"fingerprint": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.sui-inter.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "2KrGH45QlaGxXDh8hsriblyj1kYgZ6ols/grtLFuwLDwNKvYIg52r6dpsKZsEM/8FR0Vy63b+9wqlTwhveRttU577DGLWFWbQ4lTeE5gxytcp8HiYwN68n6G+JO+RUJougRPaXxAInznERfa3+99TbfTsrl8APhbvtskSvMWY58WAzrVSSslm24JUF+IuAt1nPjFMLbNtHg5/9StPmxO6FJY8qvblqJulTHzdzunBD6CHeGftQjzqZFcWP5jS2tknglPFm6/rmUnwRGc/AtwWcNhuPAXNyT1oFEYR7hyM91YnyoyYArkIOnUp/JkHFAetnkeR4/AlTZppLbGH16FIy0Mi5Yq/wfTXCMTkeNdaSYJO9sf0Ah5BndbMSoQatUdug/CGYsPl0LYJ2R+uc6xVSPl6k0P4KWi3U7vTphD08Fi+s4KiG9HmEgFiY8s6L+vRNDUMky9nkX9yCGy4NmFvB+ClmKbv2e3owqADy0w/tS21Ef3fY2QhL+nQwuapXWDNVI5sYGw146Dbvugyhq9+pCE+Ofo1nkiAA/b21kBFZH/3/DTtCfZ9LLmkYNtAwvGIzB94ej17yUBPMakZCErJ/dh0S3k0cLFB4n6BH01KCy5hCI/MgM92JeeFXOkay/Kpio+vvtzpQYqA/UJ5JQTRAIExwIA6VpSdTdotCLphbE=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "ec2196b0a7090e694d1978b4a762803fc9c0e01cdb93128bd6a6105843392de9"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 29
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "d25619cb77d3219fc9fc14cb6b35eacc"
},
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "smtp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 decimus.sui-inter.net ESMTP Postfix\r\n",
"banner_hashes": [
"sha256:7079be685ca42735304709507a2871a612493f6104ab19bf28d8af00a5503dd3"
],
"banner_hex": "32323020646563696d75732e7375692d696e7465722e6e65742045534d545020506f73746669780d0a",
"certificate": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"extended_service_name": "SMTP-STARTTLS",
"labels": [
"email"
],
"observed_at": "2023-12-06T23:05:22.681628338Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 587,
"service_name": "SMTP",
"smtp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"ehlo": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "220 decimus.sui-inter.net ESMTP Postfix\r\n",
"ehlo": "250-decimus.sui-inter.net\r\n250-PIPELINING\r\n250-SIZE 52428800\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH CRAM-MD5 PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250 CHUNKING\r\n",
"start_tls": "220 2.0.0 Ready to start TLS\r\n"
},
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Postfix",
"product": "Postfix",
"other": {
"family": "Postfix"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.124",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.sui-inter.net",
"sui-inter.net"
],
"subject_dn": "CN=*.sui-inter.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "c45d77ed1c3359e53b8f54d86d18ee2f00a2ba0147f908e91162265e6f0de153",
"fingerprint": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.sui-inter.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "2KrGH45QlaGxXDh8hsriblyj1kYgZ6ols/grtLFuwLDwNKvYIg52r6dpsKZsEM/8FR0Vy63b+9wqlTwhveRttU577DGLWFWbQ4lTeE5gxytcp8HiYwN68n6G+JO+RUJougRPaXxAInznERfa3+99TbfTsrl8APhbvtskSvMWY58WAzrVSSslm24JUF+IuAt1nPjFMLbNtHg5/9StPmxO6FJY8qvblqJulTHzdzunBD6CHeGftQjzqZFcWP5jS2tknglPFm6/rmUnwRGc/AtwWcNhuPAXNyT1oFEYR7hyM91YnyoyYArkIOnUp/JkHFAetnkeR4/AlTZppLbGH16FIy0Mi5Yq/wfTXCMTkeNdaSYJO9sf0Ah5BndbMSoQatUdug/CGYsPl0LYJ2R+uc6xVSPl6k0P4KWi3U7vTphD08Fi+s4KiG9HmEgFiY8s6L+vRNDUMky9nkX9yCGy4NmFvB+ClmKbv2e3owqADy0w/tS21Ef3fY2QhL+nQwuapXWDNVI5sYGw146Dbvugyhq9+pCE+Ofo1nkiAA/b21kBFZH/3/DTtCfZ9LLmkYNtAwvGIzB94ej17yUBPMakZCErJ/dh0S3k0cLFB4n6BH01KCy5hCI/MgM92JeeFXOkay/Kpio+vvtzpQYqA/UJ5JQTRAIExwIA6VpSdTdotCLphbE=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "ec2196b0a7090e694d1978b4a762803fc9c0e01cdb93128bd6a6105843392de9"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 29
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "d25619cb77d3219fc9fc14cb6b35eacc"
},
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "imap",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.\r\n",
"banner_hashes": [
"sha256:5200893fa5fc0d7030ad2e4a151c50852c895346b68e6176baf4c5efdbae3c96"
],
"banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c45204c49544552414c2b20415554483d504c41494e20415554483d4c4f47494e20415554483d4449474553542d4d443520415554483d4352414d2d4d44355d20446f7665636f742072656164792e0d0a",
"certificate": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"extended_service_name": "IMAPS",
"imap": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.\r\n"
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "2ad2ad16d2ad2ad22c2ad2ad2ad2ad579b2ec9bfaf00aff9d6fe780b7932ae",
"cipher_and_version_fingerprint": "2ad2ad16d2ad2ad22c2ad2ad2ad2ad",
"tls_extensions_sha256": "579b2ec9bfaf00aff9d6fe780b7932ae",
"observed_at": "2023-11-23T21:38:07.836487235Z"
},
"labels": [
"email"
],
"observed_at": "2023-12-06T14:16:37.572097931Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 993,
"service_name": "IMAP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Dovecot",
"product": "Dovecot",
"other": {
"family": "Dovecot"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "162.142.125.10",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.sui-inter.net",
"sui-inter.net"
],
"subject_dn": "CN=*.sui-inter.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "c45d77ed1c3359e53b8f54d86d18ee2f00a2ba0147f908e91162265e6f0de153",
"fingerprint": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.sui-inter.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "2KrGH45QlaGxXDh8hsriblyj1kYgZ6ols/grtLFuwLDwNKvYIg52r6dpsKZsEM/8FR0Vy63b+9wqlTwhveRttU577DGLWFWbQ4lTeE5gxytcp8HiYwN68n6G+JO+RUJougRPaXxAInznERfa3+99TbfTsrl8APhbvtskSvMWY58WAzrVSSslm24JUF+IuAt1nPjFMLbNtHg5/9StPmxO6FJY8qvblqJulTHzdzunBD6CHeGftQjzqZFcWP5jS2tknglPFm6/rmUnwRGc/AtwWcNhuPAXNyT1oFEYR7hyM91YnyoyYArkIOnUp/JkHFAetnkeR4/AlTZppLbGH16FIy0Mi5Yq/wfTXCMTkeNdaSYJO9sf0Ah5BndbMSoQatUdug/CGYsPl0LYJ2R+uc6xVSPl6k0P4KWi3U7vTphD08Fi+s4KiG9HmEgFiY8s6L+vRNDUMky9nkX9yCGy4NmFvB+ClmKbv2e3owqADy0w/tS21Ef3fY2QhL+nQwuapXWDNVI5sYGw146Dbvugyhq9+pCE+Ofo1nkiAA/b21kBFZH/3/DTtCfZ9LLmkYNtAwvGIzB94ej17yUBPMakZCErJ/dh0S3k0cLFB4n6BH01KCy5hCI/MgM92JeeFXOkay/Kpio+vvtzpQYqA/UJ5JQTRAIExwIA6VpSdTdotCLphbE=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "ec2196b0a7090e694d1978b4a762803fc9c0e01cdb93128bd6a6105843392de9"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 23
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "0debd3853f330c574b05e0b6d882dc27"
},
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "pop3",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "+OK Dovecot ready. <[email protected]>\r\n",
"banner_hashes": [
"sha256:97293d1c797a9d581b890510348b5c0e6c33f721dfe19fda99e5500a81b4da6a"
],
"banner_hex": "2b4f4b20446f7665636f742072656164792e203c343233612e312e36353731616435362e644b576b4d704138644a387247317366776533564e773d3d40646563696d75732e7375692d696e7465722e6e65743e0d0a",
"certificate": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"discovery_method": "PREDICTIVE_METHOD_7",
"extended_service_name": "POP3S",
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "2ad2ad16d2ad2ad22c2ad2ad2ad2ad579b2ec9bfaf00aff9d6fe780b7932ae",
"cipher_and_version_fingerprint": "2ad2ad16d2ad2ad22c2ad2ad2ad2ad",
"tls_extensions_sha256": "579b2ec9bfaf00aff9d6fe780b7932ae",
"observed_at": "2023-12-04T03:01:15.937342992Z"
},
"labels": [
"email"
],
"observed_at": "2023-12-07T11:32:38.077077138Z",
"perspective_id": "PERSPECTIVE_TELIA",
"pop3": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "+OK Dovecot ready. <[email protected]>\r\n"
},
"port": 995,
"service_name": "POP3",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Dovecot",
"product": "Dovecot",
"other": {
"family": "Dovecot"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.146.59",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.sui-inter.net",
"sui-inter.net"
],
"subject_dn": "CN=*.sui-inter.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "c45d77ed1c3359e53b8f54d86d18ee2f00a2ba0147f908e91162265e6f0de153",
"fingerprint": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.sui-inter.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "2KrGH45QlaGxXDh8hsriblyj1kYgZ6ols/grtLFuwLDwNKvYIg52r6dpsKZsEM/8FR0Vy63b+9wqlTwhveRttU577DGLWFWbQ4lTeE5gxytcp8HiYwN68n6G+JO+RUJougRPaXxAInznERfa3+99TbfTsrl8APhbvtskSvMWY58WAzrVSSslm24JUF+IuAt1nPjFMLbNtHg5/9StPmxO6FJY8qvblqJulTHzdzunBD6CHeGftQjzqZFcWP5jS2tknglPFm6/rmUnwRGc/AtwWcNhuPAXNyT1oFEYR7hyM91YnyoyYArkIOnUp/JkHFAetnkeR4/AlTZppLbGH16FIy0Mi5Yq/wfTXCMTkeNdaSYJO9sf0Ah5BndbMSoQatUdug/CGYsPl0LYJ2R+uc6xVSPl6k0P4KWi3U7vTphD08Fi+s4KiG9HmEgFiY8s6L+vRNDUMky9nkX9yCGy4NmFvB+ClmKbv2e3owqADy0w/tS21Ef3fY2QhL+nQwuapXWDNVI5sYGw146Dbvugyhq9+pCE+Ofo1nkiAA/b21kBFZH/3/DTtCfZ9LLmkYNtAwvGIzB94ej17yUBPMakZCErJ/dh0S3k0cLFB4n6BH01KCy5hCI/MgM92JeeFXOkay/Kpio+vvtzpQYqA/UJ5JQTRAIExwIA6VpSdTdotCLphbE=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "ec2196b0a7090e694d1978b4a762803fc9c0e01cdb93128bd6a6105843392de9"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 23
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "0debd3853f330c574b05e0b6d882dc27"
},
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "ssh",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "SSH-2.0-OpenSSH_7.4",
"banner_hashes": [
"sha256:be0da7ee170f9a69bc13b9e61ecfc9110c27db40f3f2e4c0ffae6741f064af8a"
],
"banner_hex": "5353482d322e302d4f70656e5353485f372e34",
"extended_service_name": "SSH",
"labels": [
"remote-access"
],
"observed_at": "2023-12-05T18:22:27.257826839Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 2121,
"service_name": "SSH",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:openbsd:openssh:7.4:*:*:*:*:*:*:*",
"part": "a",
"vendor": "OpenBSD",
"product": "OpenSSH",
"version": "7.4",
"other": {
"family": "OpenSSH"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.248.133.51",
"ssh": {
"endpoint_id": {
"_encoding": {
"raw": "DISPLAY_UTF8"
},
"raw": "SSH-2.0-OpenSSH_7.4",
"protocol_version": "2.0",
"software_version": "OpenSSH_7.4"
},
"kex_init_message": {
"kex_algorithms": [
"curve25519-sha256",
"[email protected]",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group16-sha512",
"diffie-hellman-group18-sha512",
"diffie-hellman-group-exchange-sha1",
"diffie-hellman-group14-sha256",
"diffie-hellman-group14-sha1",
"diffie-hellman-group1-sha1"
],
"host_key_algorithms": [
"ssh-rsa",
"rsa-sha2-512",
"rsa-sha2-256",
"ecdsa-sha2-nistp256",
"ssh-ed25519"
],
"client_to_server_ciphers": [
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]",
"[email protected]"
],
"server_to_client_ciphers": [
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]",
"[email protected]"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"client_to_server_compression": [
"none",
"[email protected]"
],
"server_to_client_compression": [
"none",
"[email protected]"
],
"first_kex_follows": false
},
"algorithm_selection": {
"kex_algorithm": "[email protected]",
"host_key_algorithm": "ecdsa-sha2-nistp256",
"client_to_server_alg_group": {
"cipher": "aes128-ctr",
"mac": "hmac-sha2-256",
"compression": "none"
},
"server_to_client_alg_group": {
"cipher": "aes128-ctr",
"mac": "hmac-sha2-256",
"compression": "none"
}
},
"server_host_key": {
"fingerprint_sha256": "e49f0abc50209344d5e6d1c146eef48e1fb8ee99ca89fb28b785dd151b392cf0",
"ecdsa_public_key": {
"_encoding": {
"b": "DISPLAY_BASE64",
"gx": "DISPLAY_BASE64",
"gy": "DISPLAY_BASE64",
"n": "DISPLAY_BASE64",
"p": "DISPLAY_BASE64",
"x": "DISPLAY_BASE64",
"y": "DISPLAY_BASE64"
},
"b": "WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=",
"curve": "P-256",
"gx": "axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=",
"gy": "T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=",
"length": 256,
"n": "/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=",
"p": "/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=",
"x": "63jnsHozaPBunqrkT8KZtZXynxSi3HpiWTHVf8DiGf0=",
"y": "hLu2hzU0IX7mawfEOV6N4JOwCnMM35udJhDw6EfS8IM="
}
},
"hassh_fingerprint": "40f0ec8caf3da60fffc5f4e4da970132"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "mysql",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "5.5.5-10.6.15-MariaDB",
"banner_hashes": [
"sha256:3c28e3c256d949f76f814ac87eb2b0168ca399c97a39e44e68a9deb21e1d6d66"
],
"banner_hex": "352e352e352d31302e362e31352d4d617269614442",
"extended_service_name": "MYSQL",
"labels": [
"database"
],
"mysql": {
"protocol_version": 10,
"server_version": "5.5.5-10.6.15-MariaDB",
"connection_id": 136222776,
"_encoding": {
"auth_plugin_data": "DISPLAY_HEX"
},
"auth_plugin_data": "795b3e6358704a612841504e75234c36657e687000",
"character_set": 8,
"status_flags": {
"SERVER_STATUS_AUTOCOMMIT": true
},
"capability_flags": {
"CLIENT_PLUGIN_AUTH": true,
"CLIENT_INTERACTIVE": true,
"CLIENT_SECURE_CONNECTION": true,
"CLIENT_NO_SCHEMA": true,
"CLIENT_PS_MULTI_RESULTS": true,
"CLIENT_FOUND_ROWS": true,
"CLIENT_CONNECT_ATTRS": true,
"CLIENT_SESSION_TRACK": true,
"CLIENT_IGNORE_SIGPIPE": true,
"CLIENT_COMPRESS": true,
"CLIENT_PROTOCOL_41": true,
"CLIENT_CONNECT_WITH_DB": true,
"CLIENT_LOCAL_FILES": true,
"CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS": true,
"CLIENT_ODBC": true,
"CLIENT_DEPRECATED_EOF": true,
"CLIENT_MULTI_STATEMENTS": true,
"CLIENT_IGNORE_SPACE": true,
"CLIENT_TRANSACTIONS": true,
"CLIENT_PLUGIN_AUTH_LEN_ENC_CLIENT_DATA": true,
"CLIENT_MULTI_RESULTS": true,
"CLIENT_RESERVED": true,
"CLIENT_LONG_FLAG": true
},
"auth_plugin_name": "mysql_native_password",
"error_code": 0
},
"observed_at": "2023-12-06T19:25:52.815167281Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 3306,
"service_name": "MYSQL",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:mariadb:mariadb:10.6.15:*:*:*:*:*:*:*",
"part": "a",
"vendor": "MariaDB",
"product": "MariaDB",
"version": "10.6.15",
"other": {
"family": "MySQL"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.248.133.35",
"transport_fingerprint": {
"id": 72,
"os": "Ubuntu / Debian / CentOS",
"raw": "28960,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 200 OK\r\nServer: sw-cp-server\r\nDate: <REDACTED>\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Fri, 28 May 1999 00:00:00 GMT\r\nLast-Modified: Wed, 06 Dec 2023 17:16:15 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nCache-Control: post-check=0, pre-check=0\r\nPragma: no-cache\r\nP3P: CP=\"NON COR CURa ADMa OUR NOR UNI COM NAV STA\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\n",
"banner_hashes": [
"sha256:810c7c99f83ba11b8002fc8bda0be11452ec35af4e1aedb51c21da20fa0dbea2"
],
"banner_hex": "485454502f312e3120323030204f4b0d0a5365727665723a2073772d63702d7365727665720d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d7574662d380d0a5472616e736665722d456e636f64696e673a206368756e6b65640d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a457870697265733a204672692c203238204d617920313939392030303a30303a303020474d540d0a4c6173742d4d6f6469666965643a205765642c2030362044656320323032332031373a31363a313520474d540d0a43616368652d436f6e74726f6c3a206e6f2d73746f72652c206e6f2d63616368652c206d7573742d726576616c69646174650d0a43616368652d436f6e74726f6c3a20706f73742d636865636b3d302c207072652d636865636b3d300d0a507261676d613a206e6f2d63616368650d0a5033503a2043503d224e4f4e20434f5220435552612041444d61204f5552204e4f5220554e4920434f4d204e415620535441220d0a582d4672616d652d4f7074696f6e733a2053414d454f524947494e0d0a582d5853532d50726f74656374696f6e3a20313b206d6f64653d626c6f636b0d0a436f6e74656e742d456e636f64696e673a20677a69700d0a",
"certificate": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"extended_service_name": "HTTPS",
"http": {
"request": {
"method": "GET",
"uri": "https://80.74.142.130:8443/login_up.php",
"headers": {
"Accept": [
"*/*"
],
"_encoding": {
"Accept": "DISPLAY_UTF8",
"User_Agent": "DISPLAY_UTF8"
},
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 200,
"status_reason": "OK",
"headers": {
"Transfer_Encoding": [
"chunked"
],
"_encoding": {
"Transfer_Encoding": "DISPLAY_UTF8",
"Content_Encoding": "DISPLAY_UTF8",
"Last_Modified": "DISPLAY_UTF8",
"Cache_Control": "DISPLAY_UTF8",
"P3P": "DISPLAY_UTF8",
"Pragma": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8",
"Expires": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"X_Frame_Options": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8",
"X_XSS_Protection": "DISPLAY_UTF8"
},
"Content_Encoding": [
"gzip"
],
"Last_Modified": [
"Wed, 06 Dec 2023 17:16:15 GMT"
],
"Cache_Control": [
"no-store, no-cache, must-revalidate",
"post-check=0, pre-check=0"
],
"P3P": [
"CP=\"NON COR CURa ADMa OUR NOR UNI COM NAV STA\""
],
"Pragma": [
"no-cache"
],
"Connection": [
"keep-alive"
],
"Expires": [
"Fri, 28 May 1999 00:00:00 GMT"
],
"Server": [
"sw-cp-server"
],
"Content_Type": [
"text/html; charset=utf-8"
],
"X_Frame_Options": [
"SAMEORIGIN"
],
"Date": [
"<REDACTED>"
],
"X_XSS_Protection": [
"1; mode=block"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>Plesk Obsidian 18.0.56</title>",
"<meta charset=\"utf-8\">",
"<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\">",
"<meta name=\"SKYPE_TOOLBAR\" content=\"SKYPE_TOOLBAR_PARSER_COMPATIBLE\">",
"<meta name=\"format-detection\" content=\"telephone=no\">",
"<meta name=\"forgery_protection_token\" id=\"forgery_protection_token\" content=\"fa8420349eb899f07cac947e9752fe02\">",
"<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0\">",
"<meta name=\"plesk-build\" content=\"1800231106.15\">",
"<meta name=\"plesk-revision\" content=\"7f3265358b91416f035eddb5dfe564171fd100a4\">"
],
"body_size": 19336,
"body": "<!DOCTYPE html><html lang=\"de\" dir=\"ltr\" class=\"sid-plesk\" data-theme=\"default\">\n<head>\n <meta charset=\"utf-8\"> <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\">\n <meta name=\"SKYPE_TOOLBAR\" content=\"SKYPE_TOOLBAR_PARSER_COMPATIBLE\">\n <meta name=\"format-detection\" content=\"telephone=no\">\n <meta name=\"forgery_protection_token\" id=\"forgery_protection_token\" content=\"fa8420349eb899f07cac947e9752fe02\">\n <title>Plesk Obsidian 18.0.56</title> \n <link rel='icon' href='/favicon.ico?1699276904' sizes='any'>\n <link rel='icon' href='/images/favicon.svg?1699276904' type='image/svg+xml'>\n <link rel='apple-touch-icon' href='/images/apple-touch-icon.png?1699276904'>\n <link rel='manifest' href='/manifest.webmanifest?1699276904' /> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0\">\n <meta name=\"plesk-build\" content=\"1800231106.15\">\n <meta name=\"plesk-revision\" content=\"7f3265358b91416f035eddb5dfe564171fd100a4\">\n <link rel=\"stylesheet\" href=\"/ui-library/plesk-ui-library.css?1699276904\">\n<link rel=\"stylesheet\" href=\"/cp/theme/css/main.css?1699276904\">\n <link href=\"/modules/letsencrypt/global.css?1698826719\" media=\"screen\" rel=\"stylesheet\" type=\"text/css\" >\n<link href=\"/modules/metatools/global.css?1685645266\" media=\"screen\" rel=\"stylesheet\" type=\"text/css\" > <script type=\"text/javascript\" src=\"/cp/javascript/externals/prototype.js?1699276904\"></script>\n<script type=\"text/javascript\" src=\"/ui-library/plesk-ui-library.min.js?1699276904\"></script>\n<script type=\"text/javascript\" src=\"/cp/javascript/vendors.js?1699276904\"></script>\n<script type=\"text/javascript\" src=\"/cp/javascript/main.js?1699276904\"></script>\n<script type=\"text/javascript\" src=\"/cp/javascript/externals/require.js?1699276904\"></script>\n<script type=\"text/javascript\">\n //<!--\n require.config({\"waitSeconds\":0,\"baseUrl\":\"\\/cp\\/javascript\\/\",\"urlArgs\":\"18.0.56-4\",\"paths\":{\"modules\":\"\\/modules\"}});\ndefine('plesk-ui-library', window.PleskUiLibrary); //-->\n</script>\n<script type=\"text/javascript\" src=\"/modules/letsencrypt/global.js?1698826719\"></script>\n<script type=\"text/javascript\" src=\"/modules/metatools/global.js?1685645266\"></script>\n<script type=\"text/javascript\" src=\"/modules/notifier/global.js?1701135775\"></script> <script type=\"text/javascript\">\n//<![CDATA[\n Jsw.skinUrl = '/cp/theme/';\n//]]>\n</script>\n\n \n </head>\n<body>\n<div id=\"plesk-root\"></div>\n<script>\n//<![CDATA[\n Plesk.run({\"config\":{\"feedback\":{\"sentry\":{\"release\":\"18.0.56.4\",\"environment\":\"production\",\"tags\":{\"locale\":\"de-DE\",\"hwid\":\"7F1B.9797.54F4.48B5.8DFE.4F84.102D.4FF5\",\"revision\":\"7f3265358b91416f035eddb5dfe564171fd100a4\"},\"user\":{\"id\":\"7F1B.9797.54F4.48B5.8DFE.4F84.102D.4FF5-1024-0\"},\"dsn\":\"https:\\/\\/[email protected]\\/1327420\",\"sampleRate\":0.05}}},\"data\":{\"status\":[],\"isInitial\":true,\"values\":{\"login_name\":\"\",\"locale_id\":\"default\"}},\"graphqlQueries\":[{\"query\":\"query LoginPage { viewer { login resolvableHostname mobileApplicationPromotion { name icon url } } config { gdpr { cookieSettings { loginFormEntrypointEnabled } } login { howToLoginArticle } } locales { code name isRtl } serverInfo { cloudType isFirstLogin } loginContentInclude { headContent bodyContent } } \",\"variables\":null,\"data\":{\"viewer\":{\"login\":null,\"resolvableHostname\":null,\"mobileApplicationPromotion\":null,\"__typename\":\"User\"},\"config\":{\"gdpr\":{\"cookieSettings\":{\"loginFormEntrypointEnabled\":true,\"__typename\":\"ConfigSectionGdprCookieSettings\"},\"__typename\":\"ConfigSectionGdpr\"},\"login\":{\"howToLoginArticle\":\"\",\"__typename\":\"ConfigSectionLogin\"},\"__typename\":\"Config\"},\"locales\":[{\"code\":\"de-DE\",\"name\":\"Deutsch (Germany)\",\"isRtl\":false,\"__typename\":\"Locale\"},{\"code\":\"en-US\",\"name\":\"English (United States)\",\"isRtl\":false,\"__typename\":\"Locale\"},{\"code\":\"fr-FR\",\"name\":\"Fran\u00e7ais (France)\",\"isRtl\":false,\"__typename\":\"Locale\"}],\"serverInfo\":{\"cloudType\":\"\",\"isFirstLogin\":false,\"__typename\":\"ServerInfo\"},\"loginContentInclude\":{\"headContent\":\"<!-- extension include: heavy-metal-skin -->\\n\",\"bodyContent\":\"\",\"__typename\":\"LoginContentInclude\"},\"__typename\":\"Query\"}},{\"query\":\"query Branding { viewer { login customTitle logo { image imageAlt url edition } } } \",\"variables\":null,\"data\":{\"viewer\":{\"login\":null,\"customTitle\":\"Plesk Obsidian 18.0.56\",\"logo\":{\"image\":\"\\/cp\\/theme\\/images\\/logos\\/plesk\\/logo.svg\",\"imageAlt\":\"Plesk Obsidian 18.0.56\",\"url\":null,\"edition\":\"web host edition\",\"__typename\":\"UserLogo\"},\"__typename\":\"User\"},\"__typename\":\"Query\"}},{\"query\":\"query CookiePolicy { config { gdpr { cookieBox { enabled } cookies(type: [\\\"analytics\\\", \\\"marketing\\\"]) { name type } } } } \",\"variables\":null,\"data\":{\"config\":{\"gdpr\":{\"cookieBox\":{\"enabled\":false,\"__typename\":\"ConfigSectionGdprCookieBox\"},\"cookies\":[{\"name\":\"uat-aid\",\"type\":\"analytics\",\"__typename\":\"ConfigSectionGdprCookie\"},{\"name\":\"uat-iid\",\"type\":\"analytics\",\"__typename\":\"ConfigSectionGdprCookie\"},{\"name\":\"uat-sid\",\"type\":\"analytics\",\"__typename\":\"ConfigSectionGdprCookie\"},{\"name\":\"uat-data-source\",\"type\":\"analytics\",\"__typename\":\"ConfigSectionGdprCookie\"}],\"__typename\":\"ConfigSectionGdpr\"},\"__typename\":\"Config\"},\"__typename\":\"Query\"}},{\"query\":\"query TaskProgressBar { viewer { login type } config { webSocket { enabled } } } \",\"variables\":null,\"data\":{\"viewer\":{\"login\":null,\"type\":\"UNDEFINED\",\"__typename\":\"User\"},\"config\":{\"webSocket\":{\"enabled\":true,\"__typename\":\"ConfigSectionWebSocket\"},\"__typename\":\"Config\"},\"__typename\":\"Query\"}}],\"localeSections\":{\"components.buttons\":{\"save\":\"OK\",\"apply\":\"\u00dcbernehmen\",\"cancel\":\"Abbrechen\",\"yes\":\"Ja\",\"yesRemove\":\"Ja, entfernen\",\"no\":\"Nein\",\"ok\":\"OK\",\"remove\":\"Entfernen\",\"logout\":\"Abmelden\",\"next\":\"Weiter >\",\"start\":\"Start >>\",\"wait\":\"Bitte warten\",\"updateAndLock\":\"Aktualisieren & sperren\",\"applyAndLock\":\"\u00dcbernehmen & Sperren\",\"updateAndSync\":\"Aktualisieren & synchronisieren\",\"badgeNew\":\"Neu\",\"timeout\":\"Dieser Vorgang dauert zu lang. \u00dcberpr\u00fcfen Sie die Ergebnisse einigen Minuten.\",\"resetToDefault\":\"Auf Standard zur\u00fccksetzen\",\"defaultValue\":\"(Standard)\",\"nextWithoutArrow\":\"Weiter\",\"back\":\"Zur\u00fcck\",\"createWebspace\":\"Webspace erstellen.\",\"upgrade\":\"Upgraden\"},\"components.password.meter\":{\"title\":\"Passwortqualit\u00e4t\",\"description\":\"So verbessern Sie die Sicherheit Ihres Passworts:\",\"yourPasswordIsStrong\":\"Ihr Passwort ist komplex, aber Sie k\u00f6nnen es noch komplexer gestalten, indem Sie es l\u00e4nger machen.\",\"verdictVeryWeak\":\"Sehr schwach\",\"verdictWeak\":\"Schwach\",\"verdictMedium\":\"Mittel\",\"verdictStrong\":\"Stark\",\"verdictVeryStrong\":\"Sehr sicher\"},\"components.tasks.common\":{\"hideCompletedTasks\":\"Abgeschlossene ausblenden\",\"progressBarHide\":\"Ausblenden\",\"progressBarShow\":\"Einblenden\",\"close\":\"Schlie\u00dfen\",\"refresh\":\"Seite aktualisieren\",\"taskInProgress\":\"%%count%% Aufgaben werden bearbeitet...\",\"percentCompleted\":\"%%percent%%% abgeschlossen\",\"allTasksCompleted\":\"Alle Aufgaben (%%num%%) wurden erfolgreich fertiggestellt.\",\"minimize\":\"Minimieren\",\"statusDone\":\"Fertig\",\"statusError\":\"Fehlgeschlagen\",\"statusNotStarted\":\"In Warteschlange\",\"statusCanceled\":\"Abgebrochen\",\"progressDialogLink\":\"Details\"},\"components.status\":{\"error\":\"Fehler\",\"info\":\"Information\",\"warning\":\"Warnung\"},\"components.routes\":{\"home.title\":\"Start\",\"server.title\":\"Tools & Einstellungen\",\"server\\/about.title\":\"\u00dcber Plesk\",\"server\\/action-log.title\":\"Einstellungen f\u00fcr Aktionsprotokoll\",\"server\\/settings.title\":\"Servereinstellungen\"},\"components.cookie-policy.info\":{\"title\":\"Akzeptieren Sie Cookies?\",\"necessaryCookiesMessage\":\"Wenn Sie sich in Plesk anmelden, erlauben Sie uns die Nutzung der notwendigen Cookies.\",\"message\":\"%%cookieInformationLink%% \u00fcber Ihre Verwendung von Plesk. Dies hilft uns dabei, unseren Service weiter zu verbessern, damit Sie das Beste aus Plesk herausholen k\u00f6nnen.\",\"cookieInformationLink\":\"Cookies erfassen Informationen\",\"acceptButton\":\"Alle Cookies akzeptieren\",\"acceptNecessaryCookiesButton\":\"Notwendige Cookies akzeptieren\",\"preferencesButton\":\"Cookie-Einstellung festlegen\"},\"components.cookie-policy.preferences\":{\"title\":\"Cookies in Plesk\",\"description\":\"Cookies sind Dateien, die auf Ihrem Telefon, Tablet oder Computer gespeichert werden, wenn Sie Plesk besuchen. Wir verwenden Cookies, damit Plesk reibungslos funktioniert und um bestimmte Informationen zu erfassen.\",\"settingsTitle\":\"Cookie-Einstellungen\",\"settingsDescription\":\"Wir verwenden 3\u00a0Arten von Cookies. Aktivieren Sie die Cookies, die wir verwenden d\u00fcrfen.\",\"analyticsTitle\":\"Cookies zur Verbesserung unseres Produkts\",\"analyticsDescription\":\"Wir verwenden anonyme Tracking-Cookies, um Informationen zu Ihrer Nutzung von Plesk zu erfassen. Damit k\u00f6nnen wir Plesk noch weiter verbessern. \u00dcber Tracking-Cookies k\u00f6nnen Personen nicht identifiziert werden. Mit diesen Cookies erfassen wir anonymisierte Informationen \u00fcber die von Ihnen besuchten Plesk Seiten, die Zeit, die Sie auf ihnen verbracht haben, und die Seitenobjekte, auf die Sie geklickt haben. Wir geben diese erfassten Daten nicht an Drittanbieterservices weiter.\",\"marketingTitle\":\"Cookies f\u00fcr verbesserte Kommunikation und optimales Marketing\",\"marketingDescription\":\"Diese Cookies erfassen Informationen \u00fcber Ihre Plesk-Pr\u00e4ferenzen und helfen uns, Ihnen pers\u00f6nliche Empfehlungen zu geben.\",\"necessaryTitle\":\"Unbedingt notwendige Cookies\",\"necessaryDescription\":\"Diese Cookies erm\u00f6glichen Plesk-Kernfunktionen wie Sicherheit, Netzwerkverwaltung und Verf\u00fcgbarkeit. Diese Cookies m\u00fcssen immer aktiviert sein. Zu den notwendigen Cookies geh\u00f6ren auch funktionale Cookies, die f\u00fcr die Personalisierung und die Verbesserung der Benutzerfreundlichkeit zust\u00e4ndig sind (z.\u00a0B. Spracheinstellungen, Schriftgr\u00f6\u00dfe und vorausgef\u00fcllte Formulare). Sie k\u00f6nnen notwendige Cookies in den %%browserSettingsLink%% deaktivieren, dies kann jedoch Auswirkungen auf Plesk haben.\",\"browserSettingsLink\":\"Browsereinstellungen\",\"pleskCookiesLink\":\"Detaillierte Beschreibung der verwendeten Cookies anzeigen\",\"on\":\"An\",\"off\":\"Aus\",\"submitButton\":\"\u00c4nderungen speichern\",\"cancelButton\":\"Abbrechen\"},\"components.license-status\":{\"trialLicenseWarningAdmin\":\"Tage des Testzeitraums verbleibend\",\"buyLicenseButton\":\"Lizenz kaufen\",\"installLicenseButton\":\"Sie haben bereits eine Lizenz?\",\"testLicenseWarningAdmin\":\"Sie verwenden eine Lizenz f\u00fcr Plesk, die nicht f\u00fcr den Einsatz in einer Produktionsumgebung vorgesehen ist.\",\"testLicenseWarningClient\":\"F\u00fcr diese Plesk Installation wird eine Lizenz verwendet, die nicht f\u00fcr den Einsatz in einer Produktionsumgebung vorgesehen ist. Wenden Sie sich bitte an Ihren Serveradministrator, um dieses Problem zu beheben.\",\"trialOverTitle\":\"Der Testzeitraum ist beinahe zu Ende\",\"trialOverText\":\"Der Testzeitraum endet bald. Wenn Sie Plesk nach Ablauf des Testzeitraums weiter verwenden m\u00f6chten, kaufen Sie eine Lizenz.\",\"defaultLicenseWarningAdmin\":\"Um Plesk verwenden zu k\u00f6nnen, fordern Sie einen neuen Lizenzschl\u00fcssel f\u00fcr die Testversion an und installieren Sie ihn.\",\"expiredLicenseWarningAdmin\":\"Ihr Lizenzschl\u00fcssel ist abgelaufen. Um Plesk verwenden zu k\u00f6nnen, fordern Sie einen neuen, g\u00fcltigen Lizenzschl\u00fcssel an und installieren Sie ihn.\",\"demoLicenseWarningAdmin\":\"Hat Ihnen die Demoversion gefallen? Dann k\u00f6nnen Sie unser Produkt jetzt hier erwerben!\",\"demoLicenseTryPlesk\":\"Hier erfahren Sie, wie Sie %%link%%.\",\"demoLicenseTryPleskLink\":\"Plesk auf Ihrem eigenen Server oder einem Cloud-Server verwenden\",\"getTrialButton\":\"Testlizenz anfordern\"},\"components.search-bar\":{\"nothingFound\":\"Keine Ergebnisse gefunden.\",\"fieldStub\":\"Suchen...\",\"fieldStubHint\":\"Nach Domains, Erweiterungen und mehr suchen\u2026\",\"moreResultsFound\":\"Es wurden mehr als %%limit%%\u00a0Ergebnisse gefunden. Bitte verfeinern Sie Ihre Suche.\",\"recentSearch\":\"Letzte Suchergebnisse:\",\"recentSearchHint\":\"Die letzten Suchergebnisse werden hier angezeigt. So k\u00f6nnen Sie schneller auf die Seiten zugreifen, nach denen Sie vor Kurzem gesucht haben.\",\"removeFromRecent\":\"Aus letzten Ergebnissen entfernen\"},\"components.shortcuts\":{\"logIn\":\"Anmelden\",\"identityName\":\"Abonnent %%identity%%\",\"loggedInAs\":\"Angemeldet als\",\"impersonatedInAs\":\"Abonnent\",\"myProfile\":\"Profil bearbeiten\",\"logOut\":\"Abmelden\",\"backToAdmin\":\"Zur\u00fcck zum Administrator\",\"readManual\":\"Handbuch lesen\",\"sureToLogout\":\"M\u00f6chten Sie sich wirklich abmelden?\",\"impersonatedName\":\"Angemeldet als %%identity%%\",\"userFeedback\":\"Feature vorschlagen\",\"facebookJoinCommunity\":\"Fan auf Facebook werden\",\"twitterFollow\":\"Folgen Sie @Plesk\",\"provideRating\":\"Feedback geben\",\"linkToCookies\":\"Cookies\",\"darkThemeOn\":\"Auf dunkles Thema umschalten\",\"darkThemeOff\":\"Auf helles Thema umschalten\"},\"components.subscription-switcher\":{\"subscription\":\"Abonnement\",\"allSubscriptions\":\"Alle Abonnements\",\"allSubscriptionsLimitOverusedDescription\":\"Die Option zum Anzeigen aller Abonnements ist nicht verf\u00fcgbar, da die Anzahl an Abonnements in Ihrem Konto (%%value%%) gr\u00f6\u00dfer als %%limit%% ist.\"},\"components.notification-center\":{\"title\":\"Benachrichtigungen\",\"markAsRead\":\"Als gelesen markieren\",\"markAsUnread\":\"Als nicht gelesen markieren\",\"markAllAsRead\":\"Alle als gelesen markieren\",\"settings\":\"Einstellungen\",\"filterButton\":\"Filtern\",\"filterUnread\":\"Ungelesen\",\"filterCritical\":\"Kritisch\",\"filterFavorite\":\"Favoriten\",\"filterReset\":\"Filter l\u00f6schen\",\"searchPlaceholder\":\"Suchen...\",\"favoriteNotification\":\"Zu Favoriten hinzuf\u00fcgen\",\"unfavoriteNotification\":\"Aus Favoriten entfernen\",\"deleteNotification\":\"Benachrichtigung entfernen\",\"learnMore\":\"Mehr erfahren\",\"moreToasts\":\"Sie haben %%total%% weitere neue Benachrichtigungen\",\"dateFormat\":\"%%day%%. %%month%%\",\"timeFormat\":\"%%hours%%:%%minutes%%\",\"month0\":\"Jan.\",\"month1\":\"Febr.\",\"month2\":\"M\u00e4rz\",\"month3\":\"Apr.\",\"month4\":\"Mai\",\"month5\":\"Juni\",\"month6\":\"Juli\",\"month7\":\"Aug.\",\"month8\":\"Sept.\",\"month9\":\"Okt.\",\"month10\":\"Nov.\",\"month11\":\"Dez.\",\"categoryAlert\":\"Achtung\",\"categoryWarning\":\"Warnung\",\"listEmptyTitle\":\"Bleiben Sie in Bezug auf wichtige Serverereignisse auf dem Laufenden.\",\"listEmptyDescription\":\"Wir senden Ihnen Benachrichtigungen, wenn der Grenzwert f\u00fcr die Ressourcenauslastung erreicht wurde. Wichtige Updates werden au\u00dferdem ausgeliefert. Und vieles mehr!\",\"listFilteredTitle\":\"Kein Element entspricht den Filtereinstellungen\",\"listFilteredDescription\":\"Der Filter ist zu eingeschr\u00e4nkt. \u00c4ndern Sie die Filtereinstellungen.\"},\"components.view-switcher\":{\"title\":\"Ansicht \u00e4ndern\",\"serviceProviderView\":\"Service-Provider-Ansicht\",\"serviceProviderViewHint\":\"f\u00fcr Webhosting-Provider\",\"serviceProviderViewRecommended\":\"empfohlen f\u00fcr Webhosting-Provider\",\"powerUserView\":\"Power-User-Ansicht\",\"powerUserViewHint\":\"f\u00fcr Entwickler und Webagenturen\",\"powerUserViewRecommended\":\"empfohlen f\u00fcr Entwickler und Webagenturen\",\"currentViewMessage\":\"Sie befinden sich aktuell in der %%view%% (%%hint%%).\",\"actionMessage\":\"%%switchLink%% (%%recommended%%) oder %%helpLink%%.\",\"switchView\":\"Schalten Sie in die %%view%%\",\"learnMore\":\"erfahren Sie mehr \u00fcber die Darstellungsansichten\",\"powerUserViewWarning\":\"Wenn Kunden in der Dienstleister-Ansicht hinzugef\u00fcgt wurden, werden ihre Domains in der Hauptbenutzer-Ansicht nicht angezeigt. Nur die Domains des Administrators sind in dieser Ansicht verf\u00fcgbar.\",\"confirmationBoxText\":\"M\u00f6chten Sie das Men\u00fc zum \u00c4ndern der Ansicht wirklich ausblenden?\",\"confirmationBoxDescription\":\"Beachten Sie, dass durch das Ausblenden des Men\u00fcs dieses permanent entfernt wird. Sie k\u00f6nnen dennoch zwischen den Ansichten wechseln \u00fcber Tools & Einstellungen > Verwaltung der Oberfl\u00e4che.\",\"confirmationBoxButtonYes\":\"Ja\",\"confirmationBoxButtonNo\":\"Nein\"},\"components.pages.home\":{\"title\":\"Start\"},\"controllers.error.error\":{\"title\":\"Serverfehler\",\"repairKitDescription\":\"Dieses Problem l\u00e4sst sich m\u00f6glicherweise automatisch mithilfe des Repair Kit beheben.\",\"repairKitAdminDescription\":\"Wenn Sie ein Serveradministrator sind, verwenden Sie Repair Kit, unser Tool zur Fehlerbehebung.\",\"repairKitOpen\":\"Repair Kit \u00f6ffnen\",\"repairKitOpenNote\":\"Sie m\u00fcssen dabei das Plesk Administratorpasswort eingeben.\",\"repairKitUnavailable\":\"Repair Kit ist nicht verf\u00fcgbar. Um das Tool wiederherzustellen, melden Sie sich \u00fcber SSH im Server an, f\u00fchren Sie den Befehl 'systemctl restart plesk - repaird' aus und aktualisieren Sie diese Seite.\",\"reportErrorMessage\":\"Ben\u00f6tigen Sie Hilfe bei der Probleml\u00f6sung?\",\"visitHelpCenter\":\"Rufen Sie die Plesk Hilfe auf.\",\"networkError\":\"Netzwerkfehler\",\"networkErrorDescription\":\"Ihre Verbindung ist nicht stabil.\",\"helpActions\":\"Sie haben folgende Optionen:\",\"reloadPage\":\"Seite neu laden\",\"backToPreviousPage\":\"Zur\u00fcck zur vorherigen Seite\",\"homePage\":\"Startseite\",\"searchKbArticle\":\"Diesbez\u00fcgliche Artikel der Wissensdatenbank suchen\",\"invalidUrl\":\"Eine ung\u00fcltige URL wurde angefordert.\",\"reportProblem\":\"Problem melden\",\"documentation\":\"Dokumentation\",\"knowledgeBase\":\"Knowledge Base\",\"forum\":\"Forum\",\"youTube\":\"YouTube\",\"facebook\":\"Facebook\"},\"components.forms.login\":{\"loginLabel\":\"Benutzername\",\"passwdLabel\":\"Passwort\",\"localeLabel\":\"Sprache der Oberfl\u00e4che\",\"defaultLocale\":\"Standard\",\"loginButtonLabel\":\"Anmelden\",\"enterUsername\":\"Geben Sie Ihren Benutzernamen ein.\",\"enterPassword\":\"Geben Sie Ihr Passwort ein.\",\"whatUsernamePassword\":\"Welcher Benutzername und welches Passwort sind hier zu verwenden?\",\"forgotPasswordLabel\":\"Passwort vergessen?\",\"cookies\":\"Cookie-Richtlinie in Plesk\",\"avoidSSLWarningsMsg\":\"Um SSL-Warnmeldungen bei der Anmeldung in Plesk zu vermeiden, verwenden Sie %%link%%\",\"digitalOceanMsg\":\"Sie nutzen Plesk zum ersten Mal \u00fcber DigitalOcean? Verwenden Sie zur Anmeldung \\\"root\\\" und das Passwort, das Sie beim Erstellen dieses Droplets angegeben haben. %%link%%\",\"amazonLightsailMsg\":\"Sie nutzen Plesk zum ersten Mal \u00fcber Lightsail? Um sich in Plesk anzumelden, greifen Sie \u00fcber SSH auf den Server zu und verwenden Sie den Befehl \\\"plesk login\\\". %%link%%\",\"readGuide\":\"Das komplette Handbuch aufrufen.\",\"mobileApplicationMessage\":\"Um eine optimale Funktionalit\u00e4t zu erreichen, empfehlen wir, die Anwendung %%name%% zu installieren.\",\"mobileApplicationInstall\":\"Jetzt installieren\",\"mobileApplicationHide\":\"Nein danke\"},\"components.forms.get-password\":{\"label\":\"Passwort zur\u00fccksetzen\",\"text\":\"Geben Sie Ihre in Plesk registrierte E-Mail-Adresse oder Ihren Benutzernamen ein. Sie erhalten dann eine E-Mail zum Zur\u00fccksetzen des Passworts.\",\"emailLabel\":\"E-Mail-Adresse\",\"loginLabel\":\"Benutzername\",\"send\":\"Senden\",\"cancel\":\"Abbrechen\",\"errorInvalidEmail\":\"Die E-Mail-Adresse wurde nicht erkannt. Bitte \u00fcberpr\u00fcfen Sie die Angabe und versuchen Sie es erneut.\",\"messageSend\":\"Die E-Mail zum Zur\u00fccksetzen des Passworts wurde an die zugeh\u00f6rige E-Mail-Adresse gesendet.\\nWenn die E-Mail nicht ankommt, wenden Sie sich bitte an Ihren Plesk Administrator.\"},\"components.forms.restore-password\":{\"title\":\"Passwort \u00e4ndern\",\"passwordLabel\":\"Neues Passwort\",\"buttonRestore\":\"Speichern\",\"buttonCancel\":\"Abbrechen\",\"isEmpty\":\"Das erforderliche Feld ist leer. Sie m\u00fcssen einen Wert angeben.\",\"errorInvalidSecret\":\"Ung\u00fcltiger Geheimcode\",\"errorNotFoundSecret\":\"Fordern Sie bitte einen neuen Geheimcode an\",\"restoreSuccess\":\"Ihr Passwort wurde aktualisiert. Mit dem Passwort k\u00f6nnen Sie sich in Plesk oder in Ihrem E-Mail-Postfach anmelden.\"}}});\n//]]>\n</script> </body>\n</html>\n",
"favicons": [
{
"size": 4286,
"name": "https://80.74.142.130:8443/favicon.ico?1699276904",
"md5_hash": "650b28c6cf1b473aed15ba26bad1da92"
},
{
"size": 634,
"name": "https://80.74.142.130:8443/images/favicon.svg?1699276904",
"md5_hash": "3db793b2c015d7c858962cd0d8e6df16"
},
{
"size": 4528,
"name": "https://80.74.142.130:8443/images/apple-touch-icon.png?1699276904",
"md5_hash": "ebbd61fb584cc8ae62ffa726070c952f"
},
{
"size": 4286,
"name": "https://80.74.142.130:8443/favicon.ico",
"md5_hash": "650b28c6cf1b473aed15ba26bad1da92"
}
],
"body_hashes": [
"sha256:b024d1e6d7ff8640af3c2bc40ef89eb08557a878614acdc4e2391b817507ecc5",
"sha1:2e19bacc0fa7f4d1028b275a33184f3780d98b84"
],
"body_hash": "sha1:2e19bacc0fa7f4d1028b275a33184f3780d98b84",
"html_title": "Plesk Obsidian 18.0.56"
},
"supports_http2": false
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "29d29d15d29d29d21c29d29d29d29daff0af16bdb770d788bcc0af03e29f0d",
"cipher_and_version_fingerprint": "29d29d15d29d29d21c29d29d29d29d",
"tls_extensions_sha256": "aff0af16bdb770d788bcc0af03e29f0d",
"observed_at": "2023-11-26T18:44:11.814530366Z"
},
"labels": [
"prototype",
"requirejs",
"web.control-panel.hosting"
],
"observed_at": "2023-12-06T17:16:14.654203118Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 8443,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Parallels",
"product": "Parallels Plesk Panel",
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Parallels",
"product": "Plesk",
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.248.133.52",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.sui-inter.net",
"sui-inter.net"
],
"subject_dn": "CN=*.sui-inter.net",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "c45d77ed1c3359e53b8f54d86d18ee2f00a2ba0147f908e91162265e6f0de153",
"fingerprint": "2bed2877c7856f721d090a09289e5062c8da6a4ffb3323ab49537918b6383804",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.sui-inter.net"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "2KrGH45QlaGxXDh8hsriblyj1kYgZ6ols/grtLFuwLDwNKvYIg52r6dpsKZsEM/8FR0Vy63b+9wqlTwhveRttU577DGLWFWbQ4lTeE5gxytcp8HiYwN68n6G+JO+RUJougRPaXxAInznERfa3+99TbfTsrl8APhbvtskSvMWY58WAzrVSSslm24JUF+IuAt1nPjFMLbNtHg5/9StPmxO6FJY8qvblqJulTHzdzunBD6CHeGftQjzqZFcWP5jS2tknglPFm6/rmUnwRGc/AtwWcNhuPAXNyT1oFEYR7hyM91YnyoyYArkIOnUp/JkHFAetnkeR4/AlTZppLbGH16FIy0Mi5Yq/wfTXCMTkeNdaSYJO9sf0Ah5BndbMSoQatUdug/CGYsPl0LYJ2R+uc6xVSPl6k0P4KWi3U7vTphD08Fi+s4KiG9HmEgFiY8s6L+vRNDUMky9nkX9yCGy4NmFvB+ClmKbv2e3owqADy0w/tS21Ef3fY2QhL+nQwuapXWDNVI5sYGw146Dbvugyhq9+pCE+Ofo1nkiAA/b21kBFZH/3/DTtCfZ9LLmkYNtAwvGIzB94ej17yUBPMakZCErJ/dh0S3k0cLFB4n6BH01KCy5hCI/MgM92JeeFXOkay/Kpio+vvtzpQYqA/UJ5JQTRAIExwIA6VpSdTdotCLphbE=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "ec2196b0a7090e694d1978b4a762803fc9c0e01cdb93128bd6a6105843392de9"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 23
}
},
"session_ticket": {
"length": 176,
"lifetime_hint": 300
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "ccc514751b175866924439bdbb5bba34"
},
"transport_protocol": "TCP",
"truncated": false
}
],
"location": {
"continent": "Europe",
"country": "Switzerland",
"country_code": "CH",
"city": "Z\u00fcrich",
"postal_code": "8000",
"timezone": "Europe/Zurich",
"province": "Zurich",
"coordinates": {
"latitude": 47.36667,
"longitude": 8.55
}
},
"location_updated_at": "2023-11-25T03:10:56.544226Z",
"autonomous_system": {
"asn": 21069,
"description": "ASN-METANET Routingpeering issues: [email protected]",
"bgp_prefix": "80.74.128.0/20",
"name": "ASN-METANET Routingpeering issues: [email protected]",
"country_code": "CH"
},
"autonomous_system_updated_at": "2023-12-02T13:06:27.219342Z",
"operating_system": {
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
"dns": {
"names": [
"www.xn--haarstbli-v9a.ch",
"www.metallbau-christen.ch",
"webmail.herzog-bagger.ch",
"mail.finanzkompetenz-ch.ch",
"hausergubser.ch",
"alakmeh.ch",
"jetcoaviation.com",
"mail.mueckpetrovic.ch",
"webmail.yolds.ch",
"www.radiorinia.net",
"aidass.staging-flake.tk",
"www.swissmoneyweek.ch",
"www.museum35.ch",
"www.thepool.nobu.studio",
"www.kz-smarje.si",
"pension-krauss.de",
"finanzkompetenz-schweiz.ch",
"www.lab.lacreme.digital",
"mail.jenzer.cloud",
"textest.ch",
"pu.infinity-media.ch",
"mail.loqkat.com",
"yolds.ch",
"www.swiss-money-week.ch",
"www.ftvt.ch",
"mail.psychobikes.de",
"mail.pension-krauss.de",
"praxis-felsenstein.ch",
"webmail.pegeshop.ch",
"webmail.kebab-haus-steinfeld.de",
"freiwidnau.ch",
"mail.garage-haslimeier.ch",
"futureshaping.org",
"nickvostrikov.com",
"mail.asomm.de",
"v2.swizzard.org",
"www.baasklub.daniellinder.com",
"radiothalassa.gr",
"moinmarketing.webunique.ch",
"mail.freiwidnau.ch",
"mail.finanzkompetenz-schweiz.ch",
"finanzkompetenz-ch.ch",
"www.freiwidnau.ch",
"bulliadventure.ch",
"www.bistro-provence.ch",
"www.minghetti.ch",
"ftvt.ch",
"pegeshop.ch",
"webmail.freiwidnau.ch",
"www.test2.pokalshop.ch",
"staging.qds-now.ch",
"www.e-sear.ch",
"www.competencesfinancieres.ch",
"rhyhost.ch",
"mail.praxis-felsenstein.ch",
"filmklub.ch",
"shop.ambrofood.ch",
"www.yolds.ch",
"webmail.pension-krauss.de",
"personalsuche.wetterling-partner.com",
"sp-muhen.lacreme.digital",
"webmail.ftvt.ch",
"mail.dominiquezahnd.com",
"xn--haarstbli-v9a.ch",
"sabrinakaeser.ch",
"www.technologiesymposium.ch",
"besmart.menu",
"www.finanzkompetenz-schweiz.ch",
"competencesfinancieres.ch",
"www.praxis-felsenstein.ch",
"mail.ftvt.ch",
"ibparkett.brainsite.ch",
"mail.isear.ch",
"mail.brauereiaarau.ch",
"brauereiaarau.ch",
"minghetti.ch",
"www.pegeshop.ch",
"it-med-ag.ch",
"nccr.staging-flake.tk",
"www.hausergubser.ch",
"www.pension-krauss.de",
"www.jetcoaviation.com",
"siabeauty.nfwebdesign.ch",
"www.swizzard.org",
"www.kebab-haus-steinfeld.de",
"www.futureshaping.org",
"www.unterwegssein.lealeu.com",
"mail.kebab-haus-steinfeld.de",
"www.ofs.signage01.ch",
"www.finanzkompetenz.ch",
"www.textest.ch",
"mail.xn--haarstbli-v9a.ch",
"www.n60design.com",
"www.wetterling-home.infinity-media.ch",
"solveig-steinmeier.de",
"webmail.ayoro-agency.com",
"poptop-werbeartikel.ch",
"www.dominiquezahnd.com",
"www.it-med-ag.ch",
"www.bulliadventure.ch"
],
"records": {
"nccr.staging-flake.tk": {
"record_type": "A",
"resolved_at": "2022-10-09T17:25:08.816585476Z"
},
"webmail.pegeshop.ch": {
"record_type": "A",
"resolved_at": "2023-11-19T13:00:24.300660652Z"
},
"www.n60design.com": {
"record_type": "A",
"resolved_at": "2023-11-26T16:01:30.316133504Z"
},
"www.radiorinia.net": {
"record_type": "A",
"resolved_at": "2022-10-01T22:31:53.459967683Z"
},
"jetcoaviation.com": {
"record_type": "A",
"resolved_at": "2023-12-02T15:46:17.831584134Z"
},
"www.futureshaping.org": {
"record_type": "A",
"resolved_at": "2023-11-11T22:23:53.902784633Z"
},
"webmail.herzog-bagger.ch": {
"record_type": "A",
"resolved_at": "2023-11-28T13:07:54.668491585Z"
},
"mail.ftvt.ch": {
"record_type": "A",
"resolved_at": "2023-11-10T13:10:10.354728838Z"
},
"www.wetterling-home.infinity-media.ch": {
"record_type": "A",
"resolved_at": "2023-06-20T12:54:38.317838784Z"
},
"solveig-steinmeier.de": {
"record_type": "A",
"resolved_at": "2023-11-17T17:40:07.065624898Z"
},
"sabrinakaeser.ch": {
"record_type": "A",
"resolved_at": "2023-10-22T12:59:45.132128066Z"
},
"mail.dominiquezahnd.com": {
"record_type": "A",
"resolved_at": "2023-12-02T15:04:14.287939459Z"
},
"www.dominiquezahnd.com": {
"record_type": "A",
"resolved_at": "2023-11-27T15:13:24.059268363Z"
},
"minghetti.ch": {
"record_type": "A",
"resolved_at": "2023-11-19T13:00:22.531904472Z"
},
"www.ftvt.ch": {
"record_type": "A",
"resolved_at": "2023-11-30T13:10:05.143474352Z"
},
"competencesfinancieres.ch": {
"record_type": "A",
"resolved_at": "2023-11-15T13:16:28.619222637Z"
},
"www.swiss-money-week.ch": {
"record_type": "A",
"resolved_at": "2023-08-23T03:00:21.389932352Z"
},
"www.e-sear.ch": {
"record_type": "A",
"resolved_at": "2023-11-29T13:01:33.452924648Z"
},
"webmail.ayoro-agency.com": {
"record_type": "A",
"resolved_at": "2023-02-12T13:02:18.999911265Z"
},
"freiwidnau.ch": {
"record_type": "A",
"resolved_at": "2023-11-25T13:11:52.563551607Z"
},
"mail.psychobikes.de": {
"record_type": "A",
"resolved_at": "2022-10-06T14:32:42.116206834Z"
},
"finanzkompetenz-schweiz.ch": {
"record_type": "A",
"resolved_at": "2023-12-07T13:05:29.018393106Z"
},
"www.test2.pokalshop.ch": {
"record_type": "A",
"resolved_at": "2023-03-17T12:42:23.615493128Z"
},
"www.baasklub.daniellinder.com": {
"record_type": "A",
"resolved_at": "2023-12-02T15:00:25.015692432Z"
},
"www.lab.lacreme.digital": {
"record_type": "A",
"resolved_at": "2023-12-06T18:46:08.852622341Z"
},
"webmail.pension-krauss.de": {
"record_type": "A",
"resolved_at": "2023-12-04T17:23:50.376407538Z"
},
"pegeshop.ch": {
"record_type": "A",
"resolved_at": "2023-11-28T13:10:36.386729236Z"
},
"radiothalassa.gr": {
"record_type": "A",
"resolved_at": "2023-11-15T19:39:34.380161469Z"
},
"mail.mueckpetrovic.ch": {
"record_type": "A",
"resolved_at": "2023-11-30T13:10:24.208226695Z"
},
"webmail.kebab-haus-steinfeld.de": {
"record_type": "A",
"resolved_at": "2023-12-03T17:55:20.665718999Z"
},
"mail.finanzkompetenz-schweiz.ch": {
"record_type": "A",
"resolved_at": "2023-11-06T13:05:33.275294850Z"
},
"yolds.ch": {
"record_type": "A",
"resolved_at": "2023-10-16T13:11:07.793396176Z"
},
"www.hausergubser.ch": {
"record_type": "A",
"resolved_at": "2023-11-08T13:03:20.197029892Z"
},
"sp-muhen.lacreme.digital": {
"record_type": "A",
"resolved_at": "2023-11-18T17:38:57.685295668Z"
},
"mail.praxis-felsenstein.ch": {
"record_type": "A",
"resolved_at": "2023-11-01T13:10:19.387133739Z"
},
"webmail.freiwidnau.ch": {
"record_type": "A",
"resolved_at": "2023-10-06T13:09:59.924963875Z"
},
"www.bistro-provence.ch": {
"record_type": "A",
"resolved_at": "2023-12-05T13:00:53.157613459Z"
},
"alakmeh.ch": {
"record_type": "A",
"resolved_at": "2023-11-27T13:03:09.455175900Z"
},
"www.ofs.signage01.ch": {
"record_type": "A",
"resolved_at": "2023-07-29T01:35:01.254371119Z"
},
"shop.ambrofood.ch": {
"record_type": "A",
"resolved_at": "2023-02-01T12:27:04.980441637Z"
},
"rhyhost.ch": {
"record_type": "A",
"resolved_at": "2023-09-03T13:10:11.498554993Z"
},
"www.praxis-felsenstein.ch": {
"record_type": "A",
"resolved_at": "2023-09-12T13:20:08.068580073Z"
},
"besmart.menu": {
"record_type": "A",
"resolved_at": "2023-12-02T19:13:37.784043122Z"
},
"textest.ch": {
"record_type": "A",
"resolved_at": "2023-10-22T13:00:21.362432844Z"
},
"www.yolds.ch": {
"record_type": "A",
"resolved_at": "2023-10-18T13:10:43.847407689Z"
},
"www.jetcoaviation.com": {
"record_type": "A",
"resolved_at": "2023-11-19T15:31:56.702927186Z"
},
"mail.garage-haslimeier.ch": {
"record_type": "A",
"resolved_at": "2023-11-28T13:07:57.334745148Z"
},
"www.competencesfinancieres.ch": {
"record_type": "A",
"resolved_at": "2023-11-13T13:22:54.866458037Z"
},
"www.kebab-haus-steinfeld.de": {
"record_type": "A",
"resolved_at": "2023-11-26T17:28:18.396056421Z"
},
"personalsuche.wetterling-partner.com": {
"record_type": "A",
"resolved_at": "2023-11-23T17:18:00.613153586Z"
},
"www.swizzard.org": {
"record_type": "A",
"resolved_at": "2023-12-02T21:26:27.449014735Z"
},
"brauereiaarau.ch": {
"record_type": "A",
"resolved_at": "2023-12-03T13:07:25.598948265Z"
},
"filmklub.ch": {
"record_type": "A",
"resolved_at": "2023-11-29T13:01:32.668072038Z"
},
"www.it-med-ag.ch": {
"record_type": "A",
"resolved_at": "2023-09-08T12:58:23.400910660Z"
},
"www.pegeshop.ch": {
"record_type": "A",
"resolved_at": "2023-08-07T13:29:16.671423272Z"
},
"mail.pension-krauss.de": {
"record_type": "A",
"resolved_at": "2023-12-02T17:25:55.541656398Z"
},
"futureshaping.org": {
"record_type": "A",
"resolved_at": "2023-12-03T22:56:40.193942392Z"
},
"poptop-werbeartikel.ch": {
"record_type": "A",
"resolved_at": "2023-02-13T12:29:41.710847752Z"
},
"www.xn--haarstbli-v9a.ch": {
"record_type": "A",
"resolved_at": "2023-08-14T13:20:33.210791735Z"
},
"pu.infinity-media.ch": {
"record_type": "A",
"resolved_at": "2023-09-29T13:00:20.327233914Z"
},
"www.minghetti.ch": {
"record_type": "A",
"resolved_at": "2023-03-21T23:52:25.167710201Z"
},
"www.pension-krauss.de": {
"record_type": "A",
"resolved_at": "2023-12-01T17:40:54.475999292Z"
},
"mail.freiwidnau.ch": {
"record_type": "A",
"resolved_at": "2023-10-30T13:13:18.374395393Z"
},
"www.finanzkompetenz.ch": {
"record_type": "A",
"resolved_at": "2023-12-01T13:03:30.235625646Z"
},
"webmail.yolds.ch": {
"record_type": "A",
"resolved_at": "2023-10-18T13:10:43.396910228Z"
},
"mail.asomm.de": {
"record_type": "A",
"resolved_at": "2023-11-12T17:29:16.846962557Z"
},
"www.finanzkompetenz-schweiz.ch": {
"record_type": "A",
"resolved_at": "2023-11-23T13:05:40.618200821Z"
},
"moinmarketing.webunique.ch": {
"record_type": "A",
"resolved_at": "2023-10-22T13:00:58.120970342Z"
},
"hausergubser.ch": {
"record_type": "A",
"resolved_at": "2023-11-07T13:12:54.170857513Z"
},
"mail.brauereiaarau.ch": {
"record_type": "A",
"resolved_at": "2023-11-29T13:01:25.852851298Z"
},
"v2.swizzard.org": {
"record_type": "A",
"resolved_at": "2023-12-01T22:54:24.915179356Z"
},
"www.metallbau-christen.ch": {
"record_type": "A",
"resolved_at": "2023-11-23T04:55:25.246685003Z"
},
"www.freiwidnau.ch": {
"record_type": "A",
"resolved_at": "2023-11-16T13:03:41.745583095Z"
},
"www.thepool.nobu.studio": {
"record_type": "A",
"resolved_at": "2023-12-07T00:38:43.769396473Z"
},
"www.technologiesymposium.ch": {
"record_type": "A",
"resolved_at": "2023-11-01T13:10:33.154797586Z"
},
"www.museum35.ch": {
"record_type": "A",
"resolved_at": "2023-09-17T13:10:09.280758076Z"
},
"mail.isear.ch": {
"record_type": "A",
"resolved_at": "2023-11-30T13:10:04.733018014Z"
},
"webmail.ftvt.ch": {
"record_type": "A",
"resolved_at": "2023-11-08T13:03:13.431974072Z"
},
"www.swissmoneyweek.ch": {
"record_type": "A",
"resolved_at": "2023-07-30T14:05:44.047360464Z"
},
"aidass.staging-flake.tk": {
"record_type": "A",
"resolved_at": "2022-11-20T17:03:32.771689270Z"
},
"nickvostrikov.com": {
"record_type": "A",
"resolved_at": "2023-01-08T13:38:59.176918590Z"
},
"xn--haarstbli-v9a.ch": {
"record_type": "A",
"resolved_at": "2023-09-13T13:00:06.727221398Z"
},
"mail.loqkat.com": {
"record_type": "A",
"resolved_at": "2023-11-26T15:45:23.938715814Z"
},
"bulliadventure.ch": {
"record_type": "A",
"resolved_at": "2023-12-07T13:05:14.263037819Z"
},
"ftvt.ch": {
"record_type": "A",
"resolved_at": "2023-09-15T13:06:33.819984718Z"
},
"staging.qds-now.ch": {
"record_type": "A",
"resolved_at": "2023-09-06T13:00:10.016570764Z"
},
"www.kz-smarje.si": {
"record_type": "A",
"resolved_at": "2023-12-01T23:25:54.032910574Z"
},
"mail.xn--haarstbli-v9a.ch": {
"record_type": "A",
"resolved_at": "2023-09-08T13:00:12.046532257Z"
},
"it-med-ag.ch": {
"record_type": "A",
"resolved_at": "2023-10-16T13:09:59.126634902Z"
},
"www.unterwegssein.lealeu.com": {
"record_type": "A",
"resolved_at": "2023-11-28T16:11:18.184612671Z"
},
"mail.jenzer.cloud": {
"record_type": "A",
"resolved_at": "2023-11-17T13:12:03.975154193Z"
},
"www.textest.ch": {
"record_type": "A",
"resolved_at": "2023-09-04T13:10:22.495501300Z"
},
"mail.finanzkompetenz-ch.ch": {
"record_type": "A",
"resolved_at": "2023-12-01T13:03:29.784851013Z"
},
"praxis-felsenstein.ch": {
"record_type": "A",
"resolved_at": "2023-04-30T18:09:22.409544182Z"
},
"ibparkett.brainsite.ch": {
"record_type": "A",
"resolved_at": "2023-12-06T13:00:14.074598493Z"
},
"pension-krauss.de": {
"record_type": "A",
"resolved_at": "2023-12-04T17:23:49.846690210Z"
},
"siabeauty.nfwebdesign.ch": {
"record_type": "A",
"resolved_at": "2023-10-12T13:00:13.175353763Z"
},
"finanzkompetenz-ch.ch": {
"record_type": "A",
"resolved_at": "2023-11-09T13:01:52.325360378Z"
},
"www.bulliadventure.ch": {
"record_type": "A",
"resolved_at": "2023-12-06T13:00:18.767540945Z"
},
"mail.kebab-haus-steinfeld.de": {
"record_type": "A",
"resolved_at": "2023-11-29T17:32:39.941158672Z"
}
},
"reverse_dns": {
"names": [
"decimus.sui-inter.net"
],
"resolved_at": "2023-12-04T14:18:20.762361064Z"
}
},
"last_updated_at": "2023-12-07T16:40:18.675Z",
"labels": [
"database",
"email",
"file-sharing",
"prototype",
"remote-access",
"requirejs",
"web.control-panel.hosting"
]
}