108.161.141.187

Basic Information

OS
Unix
Network
TEKTONIC (US)
Routing
108.161.140.0/23 via AS11164 , AS6461 , AS30496 , AS55045
Protocols
80/HTTP, 3306/MYSQL, 993/IMAPS, 465/SMTP, 995/POP3S, 25/SMTP, 110/POP3, 21/FTP, 143/IMAP, 53/DNS, 587/SMTP, 443/HTTPS, 22/SSH, 2030/BANNER, 2082/BANNER, 2083/BANNER, 2086/BANNER, 2087/BANNER, 2095/BANNER, 2096/BANNER, 4190/BANNER
Tags
ftp http https database pop3s smtp imaps pop3 ssh dns mysql imap

80/HTTP


Details Go

GET /

Server
Apache httpd 2.4.34
Status Line
200 OK
Page Title
HTTP Server Test Page powered by CentOS-WebPanel.com
GET /
[view page]

443/HTTPS


Details Go

GET /

Server
Apache httpd 2.4.34
Status Line
200 OK
Page Title
HTTP Server Test Page powered by CentOS-WebPanel.com
GET /
[view page]

Chrome TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Heartbleed

Heartbleed
Heartbeat Enabled. Immune to Heartbleed.

Cryptographic Configuration

Export DHE
False
Export RSA
False
DHE Support
True

Certificate Chain

056c8b017304bfed1e4a349be1f37b0c1c1104da412cc7fba6a50d094e4f2289
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]

21/FTP


Details

Banner Grab

Server
Pure-FTPd
Banner:
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 01:53. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.

22/SSH


Details

SSHv2 Handshake

Server
OpenSSH 6.6.1
Banner
SSH-2.0-OpenSSH_6.6.1

Host Key

Algorithm
ecdsa-sha2-nistp256
Fingerprint
fdf795bc332c9f51c492954cfb5bd6c307629a0368877009d58ba566c63e8536

Negotiated Algorithm

Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] | aes128-ctr []
MAC
hmac-sha2-256 [] | hmac-sha2-256 []

25/SMTP


Details

Banner Grab and StartTLS Initiation

Server
Postfix
Banner
220 svr.idatascope.net ESMTP Postfix
EHLO
250-svr.idatascope.net
250-PIPELINING
250-SIZE 204800000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
STARTTLS
220 2.0.0 Ready to start TLS

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

056c8b017304bfed1e4a349be1f37b0c1c1104da412cc7fba6a50d094e4f2289
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]

465/SMTP


Details

Banner Grab

Banner
220 svr.idatascope.net ESMTP Postfix

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

056c8b017304bfed1e4a349be1f37b0c1c1104da412cc7fba6a50d094e4f2289
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]

587/SMTP


Details

Banner Grab and StartTLS Initiation

Server
Postfix
Banner
220 svr.idatascope.net ESMTP Postfix
EHLO
250-svr.idatascope.net
250-PIPELINING
250-SIZE 204800000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
STARTTLS
220 2.0.0 Ready to start TLS

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

056c8b017304bfed1e4a349be1f37b0c1c1104da412cc7fba6a50d094e4f2289
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]

53/DNS


Details

Open Resolver Query

Open Resolver
False

110/POP3


Details

Banner Grab and StartTLS Initiation

Server
Dovecot
Banner
+OK Dovecot ready.
STARTTLS
+OK Begin TLS negotiation now.

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

056c8b017304bfed1e4a349be1f37b0c1c1104da412cc7fba6a50d094e4f2289
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]

143/IMAP


Details

Banner Grab and StartTLS Initiation

Server
Dovecot
Banner
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
STARTTLS
a001 OK Begin TLS negotiation now.

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

056c8b017304bfed1e4a349be1f37b0c1c1104da412cc7fba6a50d094e4f2289
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]

993/IMAPS


Details

Banner Grab

Banner
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

056c8b017304bfed1e4a349be1f37b0c1c1104da412cc7fba6a50d094e4f2289
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]

995/POP3S


Details

Banner Grab

Banner
+OK Dovecot ready.

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

056c8b017304bfed1e4a349be1f37b0c1c1104da412cc7fba6a50d094e4f2289
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]
C=HR, ST=Zagreb, O=CentOS Web Panel, L=HR, CN=svr.idatascope.net, OU=CentOS Web Panel, [email protected]

3306/MySQL


Details

Banner Grab

Version
(Unknown)
Protocol Version
0
Error Code
1130
Error
ER_HOST_NOT_PRIVILEGED
Error Message
Host 'worker-01.sfj.censys-scanner.com' is not allowed to connect to this MariaDB server

2030/BANNER View Only


Details

Banner Info

Port
2030
Protocol
TCP
Decoded Banner
HTTP/1.1 301 Moved Permanently
Server: cwpsrv
Date: Fri, 09 Apr 2021 16:56:42 GMT
Content-Type: text/html
Content-Length: 163
Connection: keep-alive
Location: https://108.161.141.187:2031/

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cwpsrv</center>
</body>
</html>

2082/BANNER View Only


Details

Banner Info

Port
2082
Protocol
TCP
Decoded Banner
HTTP/1.1 301 Moved Permanently
Server: cwpsrv
Date: Fri, 09 Apr 2021 16:56:42 GMT
Content-Type: text/html
Content-Length: 163
Connection: keep-alive
Location: https://108.161.141.187:2083/

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cwpsrv</center>
</body>
</html>

2083/BANNER View Only


Details

Banner Info

Port
2083
Protocol
TCP
Decoded Banner
HTTP/1.1 302 Moved Temporarily
Server: cwpsrv
Date: Mon, 12 Apr 2021 18:22:56 GMT
Content-Type: text/html
Content-Length: 139
Connection: close
Location: https://108.161.141.187:2083/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>cwpsrv</center>
</body>
</html>

2086/BANNER View Only


Details

Banner Info

Port
2086
Protocol
TCP
Decoded Banner
HTTP/1.1 301 Moved Permanently
Server: cwpsrv
Date: Fri, 09 Apr 2021 16:56:42 GMT
Content-Type: text/html
Content-Length: 163
Connection: keep-alive
Location: https://108.161.141.187:2087/

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cwpsrv</center>
</body>
</html>

2087/BANNER View Only


Details

Banner Info

Port
2087
Protocol
TCP
Decoded Banner
HTTP/1.1 302 Moved Temporarily
Server: cwpsrv
Date: Sun, 11 Apr 2021 07:37:04 GMT
Content-Type: text/html
Content-Length: 139
Connection: close
Location: https://108.161.141.187:2087/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>cwpsrv</center>
</body>
</html>

2095/BANNER View Only


Details

Banner Info

Port
2095
Protocol
TCP
Decoded Banner
HTTP/1.1 200 OK
Server: cwpsrv
Date: Fri, 09 Apr 2021 16:56:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.30
Set-Cookie: roundcube_sessid=t0ches8650hs3qid7cjpdlrmd6; path=/; HttpOnly
Expires: Fri, 09 Apr 2021 16:56:42 GMT
Last-Modified: Fri, 09 Apr 2021 16:56:42 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-DNS-Prefetch-Control: off
X-Frame-Options: sameorigin
Content-Language: en

15c3
<!DOCTYPE html>
<html lang="en">
<head>
<title>Roundcube Webmail :: Welcome to Roundcube Webmail</title>
<meta name="viewport" content="" id="viewport" />
<link rel="shortcut icon" href="skins/larry/images/favicon.ico"/>
<link rel="stylesheet" type="text/css" href="skins/larry/styles.min.css?s=1540293135" />
<link rel="stylesheet" type="text/css" href="plugins/jqueryui/themes/larry/jquery-ui.css?s=1540293134">
<script type="text/javascript" src="skins/larry/ui.min.js?s=1540293

2096/BANNER View Only


Details

Banner Info

Port
2096
Protocol
TCP
Decoded Banner
HTTP/1.1 400 Bad Request
Server: cwpsrv
Date: Sun, 11 Apr 2021 13:07:26 GMT
Content-Type: text/html
Content-Length: 249
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>cwpsrv</center>
</body>
</html>

4190/BANNER View Only


Details

Banner Info

Port
4190
Protocol
TCP
Decoded Banner
"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext"
"NOTIFY" "mailto"
"SASL" "PLAIN LOGIN"
"STARTTLS"
"VERSION" "1.0"
OK "Dovecot ready."

Geographic Location

Country
United States (US)
Lat/Long
37.751, -97.822
Timezone
America/Chicago