108.161.141.187

Basic Information

OS

Unix

Network

TEKTONIC (US)

Routing

108.161.140.0/23 via AS11164 , AS6461 , AS30496 , AS55045

Protocols

80/HTTP, 3306/MYSQL, 993/IMAPS, 465/SMTP, 995/POP3S, 25/SMTP, 110/POP3, 21/FTP, 143/IMAP, 53/DNS, 587/SMTP, 443/HTTPS, 22/SSH, 2030/BANNER, 2082/BANNER, 2083/BANNER, 2086/BANNER, 2087/BANNER, 2095/BANNER, 2096/BANNER, 4190/BANNER

Tags

ftp http https database pop3s smtp imaps pop3 ssh dns mysql imap

GET /

Server

Apache httpd 2.4.34

Status Line

200 OK

Page Title

HTTP Server Test Page powered by CentOS-WebPanel.com

GET /

[view page]

GET /

Server

Apache httpd 2.4.34

Status Line

200 OK

Page Title

HTTP Server Test Page powered by CentOS-WebPanel.com

GET /

[view page]

Chrome TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Heartbleed

Heartbleed

Heartbeat Enabled. Immune to Heartbleed.

Cryptographic Configuration

Export DHE

False

Export RSA

False

DHE Support

True

Certificate Chain

Banner Grab

Server

Pure-FTPd

Banner:

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 01:53. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.

SSHv2 Handshake

Server

OpenSSH 6.6.1

Banner

SSH-2.0-OpenSSH_6.6.1

Host Key

Algorithm

ecdsa-sha2-nistp256

Fingerprint

fdf795bc332c9f51c492954cfb5bd6c307629a0368877009d58ba566c63e8536

Negotiated Algorithm

Key Exchange

[email protected]

Symmetric Cipher

aes128-ctr [] | aes128-ctr []

MAC

hmac-sha2-256 [] | hmac-sha2-256 []

Banner Grab and StartTLS Initiation

Server

Postfix

Banner

220 svr.idatascope.net ESMTP Postfix

EHLO

250-svr.idatascope.net
250-PIPELINING
250-SIZE 204800000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

STARTTLS

220 2.0.0 Ready to start TLS

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

Banner Grab

Banner

220 svr.idatascope.net ESMTP Postfix

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

Banner Grab and StartTLS Initiation

Server

Postfix

Banner

220 svr.idatascope.net ESMTP Postfix

EHLO

250-svr.idatascope.net
250-PIPELINING
250-SIZE 204800000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

STARTTLS

220 2.0.0 Ready to start TLS

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

Open Resolver Query

Open Resolver

False

Banner Grab and StartTLS Initiation

Server

Dovecot

Banner

+OK Dovecot ready.

STARTTLS

+OK Begin TLS negotiation now.

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

Banner Grab and StartTLS Initiation

Server

Dovecot

Banner

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

STARTTLS

a001 OK Begin TLS negotiation now.

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

Banner Grab

Banner

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

Banner Grab

Banner

+OK Dovecot ready.

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

Banner Grab

Version

(Unknown)

Protocol Version

0

Error Code

1130

Error

ER_HOST_NOT_PRIVILEGED

Error Message

Host 'worker-01.sfj.censys-scanner.com' is not allowed to connect to this MariaDB server

Banner Info

Port

2030

Protocol

TCP

Decoded Banner

HTTP/1.1 301 Moved Permanently
Server: cwpsrv
Date: Fri, 09 Apr 2021 16:56:42 GMT
Content-Type: text/html
Content-Length: 163
Connection: keep-alive
Location: https://108.161.141.187:2031/

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cwpsrv</center>
</body>
</html>

Banner Info

Port

2082

Protocol

TCP

Decoded Banner

HTTP/1.1 301 Moved Permanently
Server: cwpsrv
Date: Fri, 09 Apr 2021 16:56:42 GMT
Content-Type: text/html
Content-Length: 163
Connection: keep-alive
Location: https://108.161.141.187:2083/

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cwpsrv</center>
</body>
</html>

Banner Info

Port

2083

Protocol

TCP

Decoded Banner

HTTP/1.1 302 Moved Temporarily
Server: cwpsrv
Date: Mon, 12 Apr 2021 18:22:56 GMT
Content-Type: text/html
Content-Length: 139
Connection: close
Location: https://108.161.141.187:2083/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>cwpsrv</center>
</body>
</html>

Banner Info

Port

2086

Protocol

TCP

Decoded Banner

HTTP/1.1 301 Moved Permanently
Server: cwpsrv
Date: Fri, 09 Apr 2021 16:56:42 GMT
Content-Type: text/html
Content-Length: 163
Connection: keep-alive
Location: https://108.161.141.187:2087/

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cwpsrv</center>
</body>
</html>

Banner Info

Port

2087

Protocol

TCP

Decoded Banner

HTTP/1.1 302 Moved Temporarily
Server: cwpsrv
Date: Sun, 11 Apr 2021 07:37:04 GMT
Content-Type: text/html
Content-Length: 139
Connection: close
Location: https://108.161.141.187:2087/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>cwpsrv</center>
</body>
</html>

Banner Info

Port

2095

Protocol

TCP

Decoded Banner

HTTP/1.1 200 OK
Server: cwpsrv
Date: Fri, 09 Apr 2021 16:56:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.30
Set-Cookie: roundcube_sessid=t0ches8650hs3qid7cjpdlrmd6; path=/; HttpOnly
Expires: Fri, 09 Apr 2021 16:56:42 GMT
Last-Modified: Fri, 09 Apr 2021 16:56:42 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-DNS-Prefetch-Control: off
X-Frame-Options: sameorigin
Content-Language: en

15c3
<!DOCTYPE html>
<html lang="en">
<head>
<title>Roundcube Webmail :: Welcome to Roundcube Webmail</title>
<meta name="viewport" content="" id="viewport" />
<link rel="shortcut icon" href="skins/larry/images/favicon.ico"/>
<link rel="stylesheet" type="text/css" href="skins/larry/styles.min.css?s=1540293135" />
<link rel="stylesheet" type="text/css" href="plugins/jqueryui/themes/larry/jquery-ui.css?s=1540293134">
<script type="text/javascript" src="skins/larry/ui.min.js?s=1540293

Banner Info

Port

2096

Protocol

TCP

Decoded Banner

HTTP/1.1 400 Bad Request
Server: cwpsrv
Date: Sun, 11 Apr 2021 13:07:26 GMT
Content-Type: text/html
Content-Length: 249
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>cwpsrv</center>
</body>
</html>

Banner Info

Port

4190

Protocol

TCP

Decoded Banner

"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext"
"NOTIFY" "mailto"
"SASL" "PLAIN LOGIN"
"STARTTLS"
"VERSION" "1.0"
OK "Dovecot ready."