148.72.212.154

Basic Information

OS
Windows
Network
AS-26496-GO-DADDY-COM-LLC (US)
Routing
148.72.208.0/21 via AS7018 , AS6453 , AS26496
Protocols
80/HTTP, 445/SMB, 3306/MYSQL, 465/SMTP, 995/POP3S, 993/IMAPS, 110/POP3, 143/IMAP, 53/DNS, 443/HTTPS, 3389/RDP, 21/BANNER, 8880/BANNER
Tags
https http rdp database pop3s mysql imaps smb pop3 dns remote_display imap

80/HTTP


Details Go

GET /

Server
Microsoft IIS 10.0
Status Line
200 OK
Page Title
Web Server's Default Page
GET /
[view page]

443/HTTPS


Details Go

GET /

Server
Microsoft IIS 10.0
Status Line
200 OK
Page Title
Plesk Obsidian 18.0.30
GET /
[view page]

Chrome TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Heartbleed

Heartbleed
Heartbeat Disabled (OK)

Cryptographic Configuration

Export DHE
False
Export RSA
False
DHE Support
True

Certificate Chain

7c28f9bcf5087ecb160c85582dae6949f0272e18dbd7d9f3877acffd944c724e
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]

445/SMB


Details

SMB Server

Version
SMB 2.1
SMBv1
False

Capability Flags

Distributed File System
True
Leasing
True
Multi-credit Operations
True
Multi-channel Sessions
false
Persistent Handles
false
Directory Leasing
false
Encryption
false

Negotiation Log

Security Mode
1
Authentication Types
1.3.6.1.4.1.311.2.2.30
1.3.6.1.4.1.311.2.2.10

Session

Target Name
S148-72-212-154

465/SMTP


Details

Banner Grab

Banner
220 S148-72-212-154.home ESMTP MailEnable Service, Version: 10.27-- ready at 10/26/20 15:27:16

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

7c28f9bcf5087ecb160c85582dae6949f0272e18dbd7d9f3877acffd944c724e
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]

53/DNS


Details

Open Resolver Query

Open Resolver
False

110/POP3


Details

Banner Grab and StartTLS Initiation

Server
MailEnable
Banner
+OK Welcome to MailEnable POP3 Server
STARTTLS
-ERR Unknown command

143/IMAP


Details

Banner Grab and StartTLS Initiation

Banner
* OK IMAP4rev1 server ready at 10/24/20 21:48:23
STARTTLS
a001 OK Ready to start TLS.

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

7c28f9bcf5087ecb160c85582dae6949f0272e18dbd7d9f3877acffd944c724e
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]

993/IMAPS


Details

Banner Grab

Banner
* OK IMAP4rev1 server ready at 10/27/20 23:28:39

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

7c28f9bcf5087ecb160c85582dae6949f0272e18dbd7d9f3877acffd944c724e
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]

995/POP3S


Details

Banner Grab

Banner
+OK Welcome to MailEnable POP3 Server

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

7c28f9bcf5087ecb160c85582dae6949f0272e18dbd7d9f3877acffd944c724e
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, emailAd[email protected]

3306/MySQL


Details

Banner Grab

Version
(Unknown)
Protocol Version
0
Error Code
1130
Error
ER_HOST_NOT_PRIVILEGED
Error Message
Host 'worker-10.sfj.censys-scanner.com' is not allowed to connect to this MariaDB server

3389/RDP


Details

Banner Grab

Server
Remote Desktop 10.2
Major/Minor Version
10 / 2
Security Protocol
TLS (1)

Support

dynvc_graphics_pipeline
True
neg_resp_reserved
True
restricted_admin_mode
True
extended_client_data_supported
True

21/BANNER View Only


Details

Banner Info

Port
21
Protocol
TCP
Decoded Banner
220 Microsoft FTP Service

8880/BANNER View Only


Details

Banner Info

Port
8880
Protocol
TCP
Decoded Banner
HTTP/1.1 303 See Other
Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Tue, 13 Oct 2020 16:51:28 GMT
Location: http://148.72.212.154:8880/login.php?success_redirect_url=http%3A%2F%2F148.72.212.154%3A8880%2F
Server: Microsoft-IIS/10.0
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Powered-By: ASP.NET
Date: Tue, 13 Oct 2020 16:51:28 GMT
Content-Length: 0

Geographic Location

City
Singapore
Country
Singapore (SG)
Lat/Long
1.2929, 103.8547
Timezone
Asia/Singapore