95.217.14.58

As of: Dec 07, 2022 10:59pm UTC | Latest
{
  "ip": "95.217.14.58",
  "services": [
    {
      "_decoded": "ssh",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.5",
      "banner_hashes": [
        "sha256:ea3f187bdc48507dfc9d4e94c5afc1da4dbaf7c1aa3bdc576668aa55e1295903"
      ],
      "banner_hex": "5353482d322e302d4f70656e5353485f372e367031205562756e74752d347562756e7475302e35",
      "extended_service_name": "SSH",
      "observed_at": "2022-12-07T15:18:08.341449830Z",
      "perspective_id": "PERSPECTIVE_ORANGE",
      "port": 22,
      "service_name": "SSH",
      "software": [
        {
          "product": "openssh",
          "other": {
            "comment": "Ubuntu-4ubuntu0.5"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Ubuntu",
          "product": "Linux",
          "version": "18.04",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:openbsd:openssh:7.6:p1:*:*:*:*:*:*",
          "part": "a",
          "vendor": "OpenBSD",
          "product": "OpenSSH",
          "version": "7.6",
          "update": "p1",
          "other": {
            "family": "OpenSSH"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.145.60",
      "ssh": {
        "endpoint_id": {
          "_encoding": {
            "raw": "DISPLAY_UTF8"
          },
          "raw": "SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.5",
          "protocol_version": "2.0",
          "software_version": "OpenSSH_7.6p1",
          "comment": "Ubuntu-4ubuntu0.5"
        },
        "kex_init_message": {
          "kex_algorithms": [
            "curve25519-sha256",
            "[email protected]",
            "ecdh-sha2-nistp256",
            "ecdh-sha2-nistp384",
            "ecdh-sha2-nistp521",
            "diffie-hellman-group-exchange-sha256",
            "diffie-hellman-group16-sha512",
            "diffie-hellman-group18-sha512",
            "diffie-hellman-group14-sha256",
            "diffie-hellman-group14-sha1"
          ],
          "host_key_algorithms": [
            "ssh-rsa",
            "rsa-sha2-512",
            "rsa-sha2-256",
            "ecdsa-sha2-nistp256",
            "ssh-ed25519"
          ],
          "client_to_server_ciphers": [
            "[email protected]",
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "[email protected]",
            "[email protected]"
          ],
          "server_to_client_ciphers": [
            "[email protected]",
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "[email protected]",
            "[email protected]"
          ],
          "client_to_server_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "server_to_client_macs": [
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "[email protected]",
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
          ],
          "client_to_server_compression": [
            "none",
            "[email protected]"
          ],
          "server_to_client_compression": [
            "none",
            "[email protected]"
          ],
          "first_kex_follows": false
        },
        "algorithm_selection": {
          "kex_algorithm": "[email protected]",
          "host_key_algorithm": "ecdsa-sha2-nistp256",
          "client_to_server_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          },
          "server_to_client_alg_group": {
            "cipher": "aes128-ctr",
            "mac": "hmac-sha2-256",
            "compression": "none"
          }
        },
        "server_host_key": {
          "fingerprint_sha256": "13e36ae8cabfab7a0aef453f51c5e3eebda7f5fcf5bf35c3816db46d9c913ba5",
          "ecdsa_public_key": {
            "_encoding": {
              "b": "DISPLAY_BASE64",
              "gx": "DISPLAY_BASE64",
              "gy": "DISPLAY_BASE64",
              "n": "DISPLAY_BASE64",
              "p": "DISPLAY_BASE64",
              "x": "DISPLAY_BASE64",
              "y": "DISPLAY_BASE64"
            },
            "b": "WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=",
            "curve": "P-256",
            "gx": "axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=",
            "gy": "T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=",
            "length": 256,
            "n": "/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=",
            "p": "/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=",
            "x": "7eG9SN6Yp0ty0/2W9srgZ5nUS0GtFqkB2ezKUi9hMY8=",
            "y": "Ven84hNfJIqb8JTAowwMJVTz4HaD9IkQkv53H09Nv8o="
          }
        },
        "hassh_fingerprint": "b12d2871a1189eff20364cf5333619ee"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 mail.maurits.tv ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)\r\n",
      "banner_hashes": [
        "sha256:292934db81306663fae463ec770ca41e2fad9cf8bcb32ac10119e61703444a33"
      ],
      "banner_hex": "323230206d61696c2e6d6175726974732e74762045534d54502048692c2049276d2061204d61696c2d696e2d612d426f7820285562756e74752f506f73746669783b207365652068747470733a2f2f6d61696c696e61626f782e656d61696c2f290d0a",
      "certificate": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
      "extended_service_name": "SMTP-STARTTLS",
      "observed_at": "2022-12-07T00:03:29.214500282Z",
      "perspective_id": "PERSPECTIVE_NTT",
      "port": 25,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8",
          "start_tls": "DISPLAY_UTF8"
        },
        "banner": "220 mail.maurits.tv ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)\r\n",
        "ehlo": "250-mail.maurits.tv\r\n250-PIPELINING\r\n250-SIZE 134217728\r\n250-VRFY\r\n250-ETRN\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 DSN\r\n",
        "start_tls": "220 2.0.0 Ready to start TLS\r\n"
      },
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Postfix",
          "product": "Postfix",
          "other": {
            "family": "Postfix"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Ubuntu",
          "product": "Linux",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.248.133.47",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "mail.maurits.tv"
            ],
            "subject_dn": "CN=mail.maurits.tv",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "3c9aaf9fdcb6d559f189de8e07315994850ed824d04c0d49d37c96249db9b38d",
            "fingerprint": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "mail.maurits.tv"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "sopdzpFbOfA/Ckmb+Z1bch5Dm6WzxlGfwrDba3kuYoOrmFILfjZUY5r9GjR83rjVcHFXqULeT4vkL4Nh5QAbx35WB110LcK1oeBaqIiPd2tesHz1Kko72e+n5d522ptMClD81E/xpc3YTtpw2med72qzU+mlizkUr/987YggBJk9mqOtTwnHRJSKUQw0IiJb1xRNNul2EeWrDN3MHMzueC3HchQCU3+ZvJxmCc/t088t+on2Da0dRaq3IGkIIRmYArho6x+H4A4aM8NbBJMotLaaCcp2ufGbDOrgE1MWU4shXfPR2dVkoorEPcI1Z9IVj8FL6HpZUYC9ZosWd5qrKw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "e8a928389e6d8d4894700b2eff1bbbb2c236d5feea4486efe67cff33bcf081ef"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "dns",
      "dns": {
        "server_type": "AUTHORITATIVE",
        "r_code": "REFUSED",
        "resolves_correctly": false
      },
      "extended_service_name": "DNS",
      "observed_at": "2022-12-07T22:58:20.328043457Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 53,
      "service_name": "DNS",
      "source_ip": "167.94.138.47",
      "transport_protocol": "UDP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate:  <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 178\r\nConnection: keep-alive\r\nLocation: https://mail.maurits.tv/\r\n",
      "banner_hashes": [
        "sha256:835e734bd44269517b0a508f032d8db67ce0905d2f7dea69b455b3202ef8a0dd"
      ],
      "banner_hex": "485454502f312e3120333031204d6f766564205065726d616e656e746c790d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203137380d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a4c6f636174696f6e3a2068747470733a2f2f6d61696c2e6d6175726974732e74762f0d0a",
      "extended_service_name": "HTTP",
      "http": {
        "request": {
          "method": "GET",
          "uri": "http://95.217.14.58/",
          "headers": {
            "Accept": [
              "*/*"
            ],
            "_encoding": {
              "Accept": "DISPLAY_UTF8",
              "User_Agent": "DISPLAY_UTF8"
            },
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 301,
          "status_reason": "Moved Permanently",
          "headers": {
            "Date": [
              "<REDACTED>"
            ],
            "_encoding": {
              "Date": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Location": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Content_Length": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8"
            },
            "Content_Type": [
              "text/html"
            ],
            "Location": [
              "https://mail.maurits.tv/"
            ],
            "Server": [
              "nginx"
            ],
            "Content_Length": [
              "178"
            ],
            "Connection": [
              "keep-alive"
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>301 Moved Permanently</title>"
          ],
          "body_size": 178,
          "body": "<html>\r\n<head><title>301 Moved Permanently</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>301 Moved Permanently</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
          "body_hashes": [
            "sha256:bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d",
            "sha1:81ffbd1712afe8cdf138b570c0fc9934742c33c1"
          ],
          "body_hash": "sha1:81ffbd1712afe8cdf138b570c0fc9934742c33c1",
          "html_title": "301 Moved Permanently"
        },
        "supports_http2": false
      },
      "observed_at": "2022-12-06T20:38:14.505896738Z",
      "perspective_id": "PERSPECTIVE_ORANGE",
      "port": 80,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:nginx:nginx:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "nginx",
          "product": "nginx",
          "other": {
            "family": "nginx"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.145.60",
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "http",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate:  <REDACTED>\r\nContent-Type: text/html\r\nLast-Modified: Tue, 16 Jun 2020 18:15:57 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"5ee90c5d-e6\"\r\nStrict-Transport-Security: max-age=15768000\r\nContent-Encoding: gzip\r\n",
      "banner_hashes": [
        "sha256:0088ef79c0c65c158df9e05a2574166c10e569491fc934409d3ab86363b33feb"
      ],
      "banner_hex": "485454502f312e3120323030204f4b0d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a4c6173742d4d6f6469666965643a205475652c203136204a756e20323032302031383a31353a353720474d540d0a5472616e736665722d456e636f64696e673a206368756e6b65640d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a455461673a20572f2235656539306335642d6536220d0a5374726963742d5472616e73706f72742d53656375726974793a206d61782d6167653d31353736383030300d0a436f6e74656e742d456e636f64696e673a20677a69700d0a",
      "certificate": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
      "extended_service_name": "HTTPS",
      "http": {
        "request": {
          "method": "GET",
          "uri": "https://95.217.14.58/",
          "headers": {
            "Accept": [
              "*/*"
            ],
            "_encoding": {
              "Accept": "DISPLAY_UTF8",
              "User_Agent": "DISPLAY_UTF8"
            },
            "User_Agent": [
              "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
            ]
          }
        },
        "response": {
          "protocol": "HTTP/1.1",
          "status_code": 200,
          "status_reason": "OK",
          "headers": {
            "Last_Modified": [
              "Tue, 16 Jun 2020 18:15:57 GMT"
            ],
            "_encoding": {
              "Last_Modified": "DISPLAY_UTF8",
              "Connection": "DISPLAY_UTF8",
              "Date": "DISPLAY_UTF8",
              "Content_Type": "DISPLAY_UTF8",
              "Server": "DISPLAY_UTF8",
              "Strict_Transport_Security": "DISPLAY_UTF8",
              "Etag": "DISPLAY_UTF8"
            },
            "Connection": [
              "keep-alive"
            ],
            "Date": [
              "<REDACTED>"
            ],
            "Content_Type": [
              "text/html"
            ],
            "Server": [
              "nginx"
            ],
            "Strict_Transport_Security": [
              "max-age=15768000"
            ],
            "Etag": [
              "W/\"5ee90c5d-e6\""
            ]
          },
          "_encoding": {
            "html_tags": "DISPLAY_UTF8",
            "body": "DISPLAY_UTF8",
            "body_hash": "DISPLAY_UTF8",
            "html_title": "DISPLAY_UTF8"
          },
          "html_tags": [
            "<title>this is a mail-in-a-box</title>"
          ],
          "body_size": 230,
          "body": "<html>\n\t<head>\n\t\t<title>this is a mail-in-a-box</title>\n\t</head>\n\t<body>\n\t\t<h1>this is a mail-in-a-box</h1>\n\t\t<p>take control of your email at <a href=\"https://mailinabox.email/\">https://mailinabox.email/</a></p>\n\t</body>\n</html>\n",
          "body_hashes": [
            "sha256:8dde6981d3337afc96c4acf5d40cf5ec1e2c5d2f2ff652d88bcc74623ee916d9",
            "sha1:142f005ea26391ab9b5ffb9851661e01b7fa0026"
          ],
          "body_hash": "sha1:142f005ea26391ab9b5ffb9851661e01b7fa0026",
          "html_title": "this is a mail-in-a-box"
        },
        "supports_http2": true
      },
      "observed_at": "2022-12-07T21:39:25.750514632Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 443,
      "service_name": "HTTP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:nginx:nginx:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "nginx",
          "product": "nginx",
          "other": {
            "family": "nginx"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.138.117",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_AES_256_GCM_SHA384",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "mail.maurits.tv"
            ],
            "subject_dn": "CN=mail.maurits.tv",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "3c9aaf9fdcb6d559f189de8e07315994850ed824d04c0d49d37c96249db9b38d",
            "fingerprint": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "mail.maurits.tv"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "sopdzpFbOfA/Ckmb+Z1bch5Dm6WzxlGfwrDba3kuYoOrmFILfjZUY5r9GjR83rjVcHFXqULeT4vkL4Nh5QAbx35WB110LcK1oeBaqIiPd2tesHz1Kko72e+n5d522ptMClD81E/xpc3YTtpw2med72qzU+mlizkUr/987YggBJk9mqOtTwnHRJSKUQw0IiJb1xRNNul2EeWrDN3MHMzueC3HchQCU3+ZvJxmCc/t088t+on2Da0dRaq3IGkIIRmYArho6x+H4A4aM8NbBJMotLaaCcp2ufGbDOrgE1MWU4shXfPR2dVkoorEPcI1Z9IVj8FL6HpZUYC9ZosWd5qrKw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "e8a928389e6d8d4894700b2eff1bbbb2c236d5feea4486efe67cff33bcf081ef"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "15af977ce25de452b96affa2addb1036"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 mail.maurits.tv ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)\r\n",
      "banner_hashes": [
        "sha256:292934db81306663fae463ec770ca41e2fad9cf8bcb32ac10119e61703444a33"
      ],
      "banner_hex": "323230206d61696c2e6d6175726974732e74762045534d54502048692c2049276d2061204d61696c2d696e2d612d426f7820285562756e74752f506f73746669783b207365652068747470733a2f2f6d61696c696e61626f782e656d61696c2f290d0a",
      "certificate": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
      "extended_service_name": "SMTPS",
      "observed_at": "2022-12-07T07:31:29.321786113Z",
      "perspective_id": "PERSPECTIVE_TELIA",
      "port": 465,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8"
        },
        "banner": "220 mail.maurits.tv ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)\r\n",
        "ehlo": "250-mail.maurits.tv\r\n250-PIPELINING\r\n250-SIZE 134217728\r\n250-VRFY\r\n250-ETRN\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 DSN\r\n"
      },
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Postfix",
          "product": "Postfix",
          "other": {
            "family": "Postfix"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Ubuntu",
          "product": "Linux",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.146.57",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "mail.maurits.tv"
            ],
            "subject_dn": "CN=mail.maurits.tv",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "3c9aaf9fdcb6d559f189de8e07315994850ed824d04c0d49d37c96249db9b38d",
            "fingerprint": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "mail.maurits.tv"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "sopdzpFbOfA/Ckmb+Z1bch5Dm6WzxlGfwrDba3kuYoOrmFILfjZUY5r9GjR83rjVcHFXqULeT4vkL4Nh5QAbx35WB110LcK1oeBaqIiPd2tesHz1Kko72e+n5d522ptMClD81E/xpc3YTtpw2med72qzU+mlizkUr/987YggBJk9mqOtTwnHRJSKUQw0IiJb1xRNNul2EeWrDN3MHMzueC3HchQCU3+ZvJxmCc/t088t+on2Da0dRaq3IGkIIRmYArho6x+H4A4aM8NbBJMotLaaCcp2ufGbDOrgE1MWU4shXfPR2dVkoorEPcI1Z9IVj8FL6HpZUYC9ZosWd5qrKw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "e8a928389e6d8d4894700b2eff1bbbb2c236d5feea4486efe67cff33bcf081ef"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "smtp",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "220 mail.maurits.tv ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)\r\n",
      "banner_hashes": [
        "sha256:292934db81306663fae463ec770ca41e2fad9cf8bcb32ac10119e61703444a33"
      ],
      "banner_hex": "323230206d61696c2e6d6175726974732e74762045534d54502048692c2049276d2061204d61696c2d696e2d612d426f7820285562756e74752f506f73746669783b207365652068747470733a2f2f6d61696c696e61626f782e656d61696c2f290d0a",
      "certificate": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
      "extended_service_name": "SMTP-STARTTLS",
      "observed_at": "2022-12-07T22:58:44.766942487Z",
      "perspective_id": "PERSPECTIVE_TATA",
      "port": 587,
      "service_name": "SMTP",
      "smtp": {
        "_encoding": {
          "banner": "DISPLAY_UTF8",
          "ehlo": "DISPLAY_UTF8",
          "start_tls": "DISPLAY_UTF8"
        },
        "banner": "220 mail.maurits.tv ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)\r\n",
        "ehlo": "250-mail.maurits.tv\r\n250-PIPELINING\r\n250-SIZE 134217728\r\n250-VRFY\r\n250-ETRN\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 DSN\r\n",
        "start_tls": "220 2.0.0 Ready to start TLS\r\n"
      },
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
          "part": "a",
          "vendor": "Postfix",
          "product": "Postfix",
          "other": {
            "family": "Postfix"
          },
          "source": "OSI_APPLICATION_LAYER"
        },
        {
          "uniform_resource_identifier": "cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "vendor": "Ubuntu",
          "product": "Linux",
          "other": {
            "family": "Linux"
          },
          "source": "OSI_APPLICATION_LAYER"
        }
      ],
      "source_ip": "167.94.138.118",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "mail.maurits.tv"
            ],
            "subject_dn": "CN=mail.maurits.tv",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "3c9aaf9fdcb6d559f189de8e07315994850ed824d04c0d49d37c96249db9b38d",
            "fingerprint": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "mail.maurits.tv"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "sopdzpFbOfA/Ckmb+Z1bch5Dm6WzxlGfwrDba3kuYoOrmFILfjZUY5r9GjR83rjVcHFXqULeT4vkL4Nh5QAbx35WB110LcK1oeBaqIiPd2tesHz1Kko72e+n5d522ptMClD81E/xpc3YTtpw2med72qzU+mlizkUr/987YggBJk9mqOtTwnHRJSKUQw0IiJb1xRNNul2EeWrDN3MHMzueC3HchQCU3+ZvJxmCc/t088t+on2Da0dRaq3IGkIIRmYArho6x+H4A4aM8NbBJMotLaaCcp2ufGbDOrgE1MWU4shXfPR2dVkoorEPcI1Z9IVj8FL6HpZUYC9ZosWd5qrKw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "e8a928389e6d8d4894700b2eff1bbbb2c236d5feea4486efe67cff33bcf081ef"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "imap",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "certificate": "DISPLAY_HEX",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot (Ubuntu) ready.\r\n",
      "banner_hashes": [
        "sha256:f4e79828be4f5e4d5f16617f03e2e92725e78ec0afda189f6c45aa455daff14c"
      ],
      "banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631204c49544552414c2b205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c4520415554483d504c41494e20415554483d4c4f47494e5d20446f7665636f7420285562756e7475292072656164792e0d0a",
      "certificate": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
      "extended_service_name": "IMAPS",
      "imap": {
        "_encoding": {
          "banner": "DISPLAY_UTF8"
        },
        "banner": "* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot (Ubuntu) ready.\r\n"
      },
      "observed_at": "2022-12-07T13:50:27.766890636Z",
      "perspective_id": "PERSPECTIVE_ORANGE",
      "port": 993,
      "service_name": "IMAP",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "167.94.145.57",
      "tls": {
        "version_selected": "TLSv1_3",
        "cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
        "certificates": {
          "_encoding": {
            "leaf_fp_sha_256": "DISPLAY_HEX",
            "chain_fps_sha_256": "DISPLAY_HEX"
          },
          "leaf_fp_sha_256": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
          "chain_fps_sha_256": [
            "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
            "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f"
          ],
          "leaf_data": {
            "names": [
              "mail.maurits.tv"
            ],
            "subject_dn": "CN=mail.maurits.tv",
            "issuer_dn": "C=US, O=Let's Encrypt, CN=R3",
            "pubkey_bit_size": 2048,
            "pubkey_algorithm": "RSA",
            "tbs_fingerprint": "3c9aaf9fdcb6d559f189de8e07315994850ed824d04c0d49d37c96249db9b38d",
            "fingerprint": "bde4e5a384b996c05f533cba0e0e865ebaf07aa549ced1c886cd5836b8ea3e33",
            "issuer": {
              "common_name": [
                "R3"
              ],
              "organization": [
                "Let's Encrypt"
              ],
              "country": [
                "US"
              ]
            },
            "subject": {
              "common_name": [
                "mail.maurits.tv"
              ]
            },
            "public_key": {
              "key_algorithm": "RSA",
              "rsa": {
                "_encoding": {
                  "modulus": "DISPLAY_BASE64",
                  "exponent": "DISPLAY_BASE64"
                },
                "modulus": "sopdzpFbOfA/Ckmb+Z1bch5Dm6WzxlGfwrDba3kuYoOrmFILfjZUY5r9GjR83rjVcHFXqULeT4vkL4Nh5QAbx35WB110LcK1oeBaqIiPd2tesHz1Kko72e+n5d522ptMClD81E/xpc3YTtpw2med72qzU+mlizkUr/987YggBJk9mqOtTwnHRJSKUQw0IiJb1xRNNul2EeWrDN3MHMzueC3HchQCU3+ZvJxmCc/t088t+on2Da0dRaq3IGkIIRmYArho6x+H4A4aM8NbBJMotLaaCcp2ufGbDOrgE1MWU4shXfPR2dVkoorEPcI1Z9IVj8FL6HpZUYC9ZosWd5qrKw==",
                "exponent": "AAEAAQ==",
                "length": 256
              },
              "fingerprint": "e8a928389e6d8d4894700b2eff1bbbb2c236d5feea4486efe67cff33bcf081ef"
            },
            "signature": {
              "signature_algorithm": "SHA256-RSA",
              "self_signed": false
            }
          },
          "chain": [
            {
              "fingerprint": "67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd",
              "subject_dn": "C=US, O=Let's Encrypt, CN=R3",
              "issuer_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
            },
            {
              "fingerprint": "6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f",
              "subject_dn": "C=US, O=Internet Security Research Group, CN=ISRG Root X1",
              "issuer_dn": "O=Digital Signature Trust Co., CN=DST Root CA X3"
            }
          ]
        },
        "_encoding": {
          "ja3s": "DISPLAY_HEX"
        },
        "ja3s": "475c9302dc42b2751db9edcac3b74891"
      },
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    },
    {
      "_decoded": "banner_grab",
      "_encoding": {
        "banner": "DISPLAY_UTF8",
        "banner_hex": "DISPLAY_HEX"
      },
      "banner": "\"IMPLEMENTATION\" \"Dovecot (Ubuntu) Pigeonhole\"\r\n\"SIEVE\" \"fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational re",
      "banner_grab": {
        "_encoding": {
          "banner": "DISPLAY_BASE64"
        },
        "banner": "IklNUExFTUVOVEFUSU9OIiAiRG92ZWNvdCAoVWJ1bnR1KSBQaWdlb25ob2xlIg0KIlNJRVZFIiAiZmlsZWludG8gcmVqZWN0IGVudmVsb3BlIGVuY29kZWQtY2hhcmFjdGVyIHZhY2F0aW9uIHN1YmFkZHJlc3MgY29tcGFyYXRvci1pO2FzY2lpLW51bWVyaWMgcmVsYXRpb25hbCByZQ==",
        "transport": "TCP"
      },
      "banner_hashes": [
        "sha256:f3d60b65abbc77525aa704f213120cad477464763dce16042a98eadabee175e9"
      ],
      "banner_hex": "22494d504c454d454e544154494f4e222022446f7665636f7420285562756e74752920506967656f6e686f6c65220d0a22534945564522202266696c65696e746f2072656a65637420656e76656c6f706520656e636f6465642d636861726163746572207661636174696f6e207375626164647265737320636f6d70617261746f722d693b61736369692d6e756d657269632072656c6174696f6e616c207265",
      "extended_service_name": "PIGEONHOLE",
      "observed_at": "2022-12-07T12:16:22.224016075Z",
      "perspective_id": "PERSPECTIVE_HE",
      "port": 4190,
      "service_name": "PIGEONHOLE",
      "software": [
        {
          "uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
          "part": "o",
          "product": "linux",
          "source": "OSI_TRANSPORT_LAYER"
        }
      ],
      "source_ip": "162.142.125.9",
      "transport_fingerprint": {
        "id": 262,
        "os": "CentOS",
        "raw": "65160,64,true,MSTNW,1460,false,false"
      },
      "transport_protocol": "TCP",
      "truncated": false
    }
  ],
  "location": {
    "continent": "Europe",
    "country": "Finland",
    "country_code": "FI",
    "city": "Helsinki",
    "postal_code": "00100",
    "timezone": "Europe/Helsinki",
    "province": "Uusimaa",
    "coordinates": {
      "latitude": 60.1719,
      "longitude": 24.9347
    },
    "registered_country": "Germany",
    "registered_country_code": "DE"
  },
  "location_updated_at": "2022-11-30T05:01:00.583744Z",
  "autonomous_system": {
    "asn": 24940,
    "description": "HETZNER-AS",
    "bgp_prefix": "95.217.0.0/16",
    "name": "HETZNER-AS",
    "country_code": "DE"
  },
  "autonomous_system_updated_at": "2022-11-25T16:37:22.699074Z",
  "operating_system": {
    "uniform_resource_identifier": "cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*",
    "part": "o",
    "vendor": "Ubuntu",
    "product": "Linux",
    "other": {
      "family": "Linux"
    }
  },
  "dns": {
    "names": [
      "mail.maurits.tv"
    ],
    "records": {
      "mail.maurits.tv": {
        "record_type": "A",
        "resolved_at": "2022-11-30T17:08:32.117226724Z"
      }
    },
    "reverse_dns": {
      "names": [
        "mail.maurits.tv"
      ],
      "resolved_at": "2022-11-30T05:40:28.698343918Z"
    }
  },
  "last_updated_at": "2022-12-07T22:59:33.787Z"
}