94.131.96.55
As of: Oct 03, 2023 3:45pm UTC |
Latest
{
"ip": "94.131.96.55",
"services": [
{
"_decoded": "rdp",
"_encoding": {
"certificate": "DISPLAY_HEX"
},
"certificate": "ad2db9153df4739ddb5dce578264b9fded25f32030e096f1277bccfd6433d7ec",
"discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
"extended_service_name": "RDP",
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "14d14d16d14d14d08c14d14d14d14dfd9c9d14e4f4f67f94f0359f8b28f532",
"cipher_and_version_fingerprint": "14d14d16d14d14d08c14d14d14d14d",
"tls_extensions_sha256": "fd9c9d14e4f4f67f94f0359f8b28f532",
"observed_at": "2023-09-11T20:32:11.879788759Z"
},
"labels": [
"network-administration",
"remote-access"
],
"observed_at": "2023-10-02T22:58:10.829036979Z",
"perspective_id": "PERSPECTIVE_TELIA",
"port": 3389,
"rdp": {
"protocol_flags": {
"extended_client_data_supported": true,
"dynvc_graphics_pipeline": true,
"neg_resp_reserved": true,
"restricted_admin_mode": true,
"restricted_auth_mode": true
},
"selected_security_protocol": {
"rdstls": true,
"raw_value": 4,
"standard_rdp": false,
"tls": false,
"credssp": false,
"credssp_early_auth": false,
"error": false,
"error_ssl_required": false,
"error_ssl_forbidden": false,
"error_ssl_cert_missing": false,
"error_bad_flags": false,
"error_hybrid_required": false,
"error_ssl_user_auth_required": false,
"error_unknown": false
},
"x224_cc_pdu_srcref": 13330
},
"service_name": "RDP",
"source_ip": "167.94.146.53",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_RSA_WITH_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "ad2db9153df4739ddb5dce578264b9fded25f32030e096f1277bccfd6433d7ec",
"leaf_data": {
"subject_dn": "CN=DESKTOP-TCRDU4C",
"issuer_dn": "CN=DESKTOP-TCRDU4C",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "1400823c8b4f1d4e7f36994317e2cc72f2aee89ec744850dd145106c7c3d46e9",
"fingerprint": "ad2db9153df4739ddb5dce578264b9fded25f32030e096f1277bccfd6433d7ec",
"issuer": {
"common_name": [
"DESKTOP-TCRDU4C"
]
},
"subject": {
"common_name": [
"DESKTOP-TCRDU4C"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wO2XFl/JGoV5pCrfcRmezpolBOoSZbgjme8wk2WaPPrXeyFrdp1sLFsMFFdQ8kYX88BOU+FUkKZQD3d5zMfS0O7HCKIYeFTT5jq9tZyU7HWFJKApRZJTu8NIvEk063e6WYNQqErecX/Sq+snAkQHd1t73HHtkBEF0Hj5vnolEwViSsgIzb63nnEsLnk6O/IAfuR1o42nIVnM78x7Q1w5qNXIgOs2YOkGmV3t9N9O0Tid/fXOVHo/Y5zmfCcSJWYa71pLs/Ug1Lqvwo+qGD1ctGQPkIO1hrpkM0mmIb8S95jCNeAn5yD3oNKFhy34/aIqb0XfbWLF7YbQeil2A7J04Q==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "52a5e0e3d141291959f689e1e973b1da51ba376a27f93b4dc80c43747d1f06a4"
},
"signature": {
"self_signed": true,
"signature_algorithm": "SHA256-RSA"
}
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "f75082535b4a79c07b31bdd0e2b7eb87"
},
"transport_fingerprint": {
"raw": "64000,128,true,MNWNNS,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
}
],
"location": {
"continent": "Europe",
"country": "Poland",
"country_code": "PL",
"city": "Warsaw",
"postal_code": "00-002",
"timezone": "Europe/Warsaw",
"province": "Mazovia",
"coordinates": {
"latitude": 52.22977,
"longitude": 21.01178
}
},
"location_updated_at": "2023-09-18T16:07:51.676014Z",
"autonomous_system": {
"asn": 44477,
"description": "STARK-INDUSTRIES",
"bgp_prefix": "94.131.96.0/24",
"name": "STARK-INDUSTRIES",
"country_code": "GB"
},
"autonomous_system_updated_at": "2023-09-18T16:07:51.676031Z",
"dns": {
"names": [
"life.judyfay.com",
"books.friendsofthefolsomlibrary.org"
],
"records": {
"life.judyfay.com": {
"record_type": "A",
"resolved_at": "2023-10-03T15:45:58.446343273Z"
},
"books.friendsofthefolsomlibrary.org": {
"record_type": "A",
"resolved_at": "2023-09-09T23:31:06.052672705Z"
}
},
"reverse_dns": {
"names": [
"vm1540281.stark-industries.solutions"
],
"resolved_at": "2023-09-15T06:17:11.436385507Z"
}
},
"last_updated_at": "2023-10-03T15:45:58.694Z",
"labels": [
"network-administration",
"remote-access"
]
}