216.70.106.26

Basic Information

Network
GO-DADDY-COM-LLC (US)
Routing
216.70.104.0/21 via AS7018 , AS1299 , AS26496 , AS398110
Protocols
80/HTTP, 3306/MYSQL, 993/IMAPS, 465/SMTP, 995/POP3S, 25/SMTP, 110/POP3, 21/FTP, 143/IMAP, 53/DNS, 443/HTTPS, 22/SSH, 4190/BANNER, 4643/BANNER, 7080/BANNER, 7081/BANNER, 8443/BANNER, 8880/BANNER
Tags
ftp http https database pop3s smtp imaps pop3 ssh dns mysql imap

80/HTTP


Details Go

GET /

Server
nginx
Status Line
200 OK
Page Title
The Baby Post
GET /
[view page]

443/HTTPS


Details Go

GET /

Server
nginx
Status Line
200 OK
Page Title
The Baby Post
GET /
[view page]

Chrome TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Heartbleed

Heartbleed
Heartbeat Disabled (OK)

Cryptographic Configuration

Export DHE
False
Export RSA
False
DHE Support
False

Certificate Chain

21c976ed7e763e42293dd590acdd23345b6d559a86ff219b5ab9fb5b72d745c8
CN=babypost.com
C=US, O=Let's Encrypt, CN=R3
67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd
C=US, O=Let's Encrypt, CN=R3
C=US, O=Internet Security Research Group, CN=ISRG Root X1
6d99fb265eb1c5b3744765fcbc648f3cd8e1bffafdc4c2f99b9d47cf7ff1c24f
C=US, O=Internet Security Research Group, CN=ISRG Root X1
O=Digital Signature Trust Co., CN=DST Root CA X3

21/FTP


Details

Banner Grab

Banner:
220 ProFTPD Server (ProFTPD) [216.70.106.26]

22/SSH


Details

SSHv2 Handshake

Server
OpenSSH 7.4
Banner
SSH-2.0-OpenSSH_7.4

Host Key

Algorithm
ecdsa-sha2-nistp256
Fingerprint
117d1ca2f44a55fa2ebb676744a3f52e5b7d7ab3b88b4f105546992049023f66

Negotiated Algorithm

Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] | aes128-ctr []
MAC
hmac-sha2-256 [] | hmac-sha2-256 []

25/SMTP


Details

Banner Grab and StartTLS Initiation

Server
Postfix
Banner
220 yyvh-d7hn.accessdomain.com ESMTP Postfix
EHLO
250-yyvh-d7hn.accessdomain.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
STARTTLS
220 2.0.0 Ready to start TLS

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

77c5187e22164cfcca9d30e6f14ffb36a136f63b98abd095ec6ff528116dbe20
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]

465/SMTP


Details

Banner Grab

Banner
220 yyvh-d7hn.accessdomain.com ESMTP Postfix

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

77c5187e22164cfcca9d30e6f14ffb36a136f63b98abd095ec6ff528116dbe20
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]

53/DNS


Details

Open Resolver Query

Open Resolver
False

110/POP3


Details

Banner Grab and StartTLS Initiation

Server
Dovecot
Banner
+OK Dovecot ready. <[email protected]com>
STARTTLS
+OK Begin TLS negotiation now.

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014)

Certificate Chain

77c5187e22164cfcca9d30e6f14ffb36a136f63b98abd095ec6ff528116dbe20
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]

143/IMAP


Details

Banner Grab and StartTLS Initiation

Server
Dovecot
Banner
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
STARTTLS
a001 OK Begin TLS negotiation now.

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014)

Certificate Chain

77c5187e22164cfcca9d30e6f14ffb36a136f63b98abd095ec6ff528116dbe20
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]

993/IMAPS


Details

Banner Grab

Banner
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014)

Certificate Chain

77c5187e22164cfcca9d30e6f14ffb36a136f63b98abd095ec6ff528116dbe20
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]

995/POP3S


Details

Banner Grab

Banner
+OK Dovecot ready. <[email protected]com>

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014)

Certificate Chain

77c5187e22164cfcca9d30e6f14ffb36a136f63b98abd095ec6ff528116dbe20
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]
C=CH, L=Schaffhausen, O=Plesk, CN=Plesk, [email protected]

3306/MySQL


Details

Banner Grab

Version
5.5.68-MariaDB
Protocol Version
10

4190/BANNER View Only


Details

Banner Info

Port
4190
Protocol
TCP
Decoded Banner
"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapflags notify"
"NOTIFY" "mailto"
"SASL" "PLAIN LOGIN DIGEST-MD5 CRAM-MD5"
"STARTTLS"
"VERSION" "1.0"
OK "Dovecot ready."

4643/BANNER View Only


Details

Banner Info

Port
4643
Protocol
TCP
Decoded Banner
HTTP/1.0 200 OK
Content-type: text/html

<html>
<head>
<script>
	var redirect = "https://" + window.location.host;
	function redirectPage() {
		window.location.href= redirect;
	}
</script>
<noscript>
	<META http-equiv='Refresh' content='0; URL=https://216.70.104.85:4643'>
</noscript>
</head>

<body onLoad="redirectPage();">
Redirecting to SSL secured connection.
<p>
If your browser does not automatically redirect you, click
<script>
	window.document.write("<a href=\"" + redirect + "\"> here </a>");
</script>
<noscript>
<a href="https://216.70.104.85:4643"> here </a>
</noscript>
</p>
</body>
</html>

7080/BANNER View Only


Details

Banner Info

Port
7080
Protocol
TCP
Decoded Banner
HTTP/1.1 301 Moved Permanently
Date: Sat, 09 Oct 2021 14:25:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
Location: https://216.70.106.26:7080/
Cache-Control: max-age=1209600
Expires: Sat, 23 Oct 2021 14:25:08 GMT
Content-Length: 235
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://216.70.106.26:7080/">here</a>.</p>
</body></html>

7081/BANNER View Only


Details

Banner Info

Port
7081
Protocol
TCP
Decoded Banner
HTTP/1.1 400 Bad Request
Date: Sat, 09 Oct 2021 14:25:08 GMT
Server: Apache
Last-Modified: Tue, 08 May 2012 04:09:58 GMT
ETag: "3f7-4bf7e8f4fd180"
Accept-Ranges: bytes
Content-Length: 1015
Connection: close
Content-Type: text/html

<HTML>
<HEAD>
<TITLE>400 Bad Request</TITLE>
</HEAD>
<BODY>
<H1>Bad Request</H1>
Your browser sent a request that this server could not understand.
<P>
Client sent malformed Host header
<P>
<HR>
<ADDRESS>
Web Server at @[email protected]
</ADDRESS>
</BODY>
</HTML>

<!--
   - Unfortunately, Microsoft has added a clever new
   - "feature" to Internet Explorer. If the text of
   - an error's message is "too small", specifically
   - less than 512 bytes, Internet Explorer returns
   - its own error message. You can turn that off,
   - but it's pretty tricky to find switch called
   - "smart error messages". That means, of course,
   - that short error messages are censored by default.
   - IIS always returns error messages that are long
   - enough to make Internet Explorer happy.

8443/BANNER View Only


Details

Banner Info

Port
8443
Protocol
TCP
Decoded Banner
HTTP/1.1 302 Moved Temporarily
Server: sw-cp-server
Date: Sat, 09 Oct 2021 14:25:08 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://216.70.106.26:8443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

8880/BANNER View Only


Details

Banner Info

Port
8880
Protocol
TCP
Decoded Banner
HTTP/1.1 303 See Other
Server: sw-cp-server
Date: Sat, 09 Oct 2021 14:25:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Sat, 09 Oct 2021 14:25:08 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Location: http://216.70.106.26:8880/login.php?success_redirect_url=%2F

0

Geographic Location

City
Ashburn
State
Virginia
Country
United States (US)
Lat/Long
39.0469, -77.4903
Timezone
America/New York