94.131.96.55

As of: May 29, 2024 9:09pm UTC | Latest
{
  "ip": "94.131.96.55",
  "services": [
    {
      "_decoded": "rdp",
      "_encoding": {
        "certificate": "DISPLAY_HEX"
      },
      "certificate": "4f6326089c5e2285643be2450be886cffc030b4779ad8ecb20592b6363a51928",
      "discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
      "extended_service_name": "RDP",
      "labels": [
        "network-administration",
        "remote-access"
      ],
      "observed_at": "2024-05-29T21:09:31.690022521Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "port": 3389,
      "rdp": {
        "protocol_flags": {
          "extended_client_data_supported": true,
          "dynvc_graphics_pipeline": true,
          "neg_resp_reserved": true,
          "restricted_admin_mode": true,
          "restricted_auth_mode": true
        },
        "selected_security_protocol": {
          "rdstls": true,
          "raw_value": 4,
          "standard_rdp": false,
          "tls": false,
          "credssp": false,
          "credssp_early_auth": false,
          "error": false,
          "error_ssl_required": false,
          "error_ssl_forbidden": false,
          "error_ssl_cert_missing": false,
          "error_bad_flags": false,
          "error_hybrid_required": false,
          "error_ssl_user_auth_required": false,
          "error_unknown": false
        },
        "x224_cc_pdu_srcref": 13330
      },
      "service_name": "RDP",
      "source_ip": "167.94.146.52",
      "tls": {
        "version_selected": "TLSv1_2",
        "cipher_selected": "TLS_RSA_WITH_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "4f6326089c5e2285643be2450be886cffc030b4779ad8ecb20592b6363a51928",
          "leaf_data": {
            "subject_dn": "CN=DESKTOP-TCRDU4C",
            "issuer_dn": "CN=DESKTOP-TCRDU4C",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "dc7171092aeaad232bbbdea95b37849d6a5709f4a6c539b8316b58ab729af342",
            "fingerprint": "4f6326089c5e2285643be2450be886cffc030b4779ad8ecb20592b6363a51928",
            "issuer": {
              "common_name": [
                "DESKTOP-TCRDU4C"
              ]
            },
            "subject": {
              "common_name": [
                "DESKTOP-TCRDU4C"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "wiy9jrz+ix2WzVk4dKWRmW7InTLdCEPnQ8Yk7mWHM8TsDsc/jkTusYlEUXGxp6hX4CLORECRuEYD3zA/KXSbv4dhgNJZCtf1DlWewnlyIyq+U6JKB2eN0pBIVjfhXisojUCUApq6b99PTalsLVSlvhgA0jpQSK4xAhLCjGV3Itu+0QToK0PctKJQdNMHXgBJu2EB0p4nHYBJLoBXrb8nuFoX3v4RKnx0dBSFl+LQcSq62QpOXpfc6R6q7ZKuqJzahoVTnCa0Bdkvpu6inDl4sAuZbtmeM2Sxd2viZCmSpg9ZPCyylX8NFHfTW4nuSF9rgBezLtHOcWUMNcTuuUftxQ==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "6bdc408bc49620ee5e4e33fe1e5bb35006d1dbe91b931a48c7d20cf39e8d950b"
            },
            "signature": {
              "self_signed": true,
              "signature_algorithm": "SHA256-RSA"
            }
          }
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "f75082535b4a79c07b31bdd0e2b7eb87",
        "ja4s": "t120100_544c535f5253415f574954485f4145535f3235365f47434d5f534841333834_437cb43a3022",
        "versions": [
          {
            "tls_version": "TLSv1_2",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "f75082535b4a79c07b31bdd0e2b7eb87",
            "ja4s": "t120100_544c535f5253415f574954485f4145535f3235365f47434d5f534841333834_437cb43a3022"
          },
          {
            "tls_version": "TLSv1_1",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "9f2e2080c0409c26ea913d9273e88773",
            "ja4s": "t110100_544c535f5253415f574954485f4145535f3235365f4342435f534841_437cb43a3022"
          },
          {
            "tls_version": "TLSv1_0",
            "_encoding": {
              "ja3s": "DISPLAY_HEX"
            },
            "ja3s": "91589ea825a2ee41810c85fab06d2ef6",
            "ja4s": "t100100_544c535f5253415f574954485f4145535f3235365f4342435f534841_437cb43a3022"
          }
        ]
      },
      "transport_fingerprint": {
        "raw": "64000,128,true,MNWNNS,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Europe",
    "country": "Poland",
    "country_code": "PL",
    "city": "Warsaw",
    "postal_code": "00-002",
    "timezone": "Europe/Warsaw",
    "province": "Mazovia",
    "coordinates": {
      "latitude": 52.22977,
      "longitude": 21.01178
    }
  },
  "location_updated_at": "2024-05-17T10:24:42.057533034Z",
  "autonomous_system": {
    "asn": 44477,
    "description": "STARK-INDUSTRIES",
    "bgp_prefix": "94.131.96.0/24",
    "name": "STARK-INDUSTRIES",
    "country_code": "GB"
  },
  "autonomous_system_updated_at": "2024-05-17T10:24:42.057624181Z",
  "whois": {
    "network": {
      "handle": "STARK_INDUSTRIES",
      "name": "STARK INDUSTRIES SOLUTIONS LTD",
      "cidrs": [
        "94.131.96.0/24"
      ],
      "created": "2022-08-25T00:00:00Z",
      "updated": "2022-12-28T00:00:00Z"
    },
    "organization": {
      "handle": "ORG-SISL18-RIPE",
      "name": "STARK INDUSTRIES SOLUTIONS LTD.",
      "address": "71-75, Shelton Street\\nCovent Garden\\nLondon\\nWC2H 9JQ\\nUNITED KINGDOM",
      "abuse_contacts": [
        {
          "handle": "SICK1337-RIPE",
          "name": "Stark Industries Solutions NOC",
          "email": "[email protected]"
        }
      ]
    }
  },
  "dns": {
    "names": [
      "books.friendsofthefolsomlibrary.org",
      "life.judyfay.com"
    ],
    "records": {
      "books.friendsofthefolsomlibrary.org": {
        "record_type": "A",
        "resolved_at": "2024-05-12T01:08:12.286836951Z"
      },
      "life.judyfay.com": {
        "record_type": "A",
        "resolved_at": "2024-05-13T16:44:57.799679858Z"
      }
    },
    "reverse_dns": {
      "names": [
        "vm1540281.stark-industries.solutions"
      ],
      "resolved_at": "2024-05-14T22:23:50.604774799Z"
    }
  },
  "last_updated_at": "2024-05-29T21:09:38.758Z",
  "labels": [
    "network-administration",
    "remote-access"
  ]
}