83.169.33.56

Basic Information

OS

Ubuntu

Network

GODADDY (DE)

Routing

83.169.32.0/20 via AS7018 , AS1299 , AS20773

Protocols

80/HTTP, 993/IMAPS, 465/SMTP, 995/POP3S, 25/SMTP, 110/POP3, 21/FTP, 143/IMAP, 53/DNS, 587/SMTP, 443/HTTPS, 22/SSH, 4190/BANNER, 4643/BANNER, 7080/BANNER, 7081/BANNER, 8443/BANNER, 8880/BANNER

Tags

pop3 ftp dns http ssh https pop3s smtp imap imaps

GET /

Server

nginx

Status Line

200 OK

GET /

[view page]

GET /

Server

nginx

Status Line

200 OK

GET /

[view page]

Chrome TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA8)

Browser Trusted

True

Heartbleed

Heartbleed

Heartbeat Disabled (OK)

Cryptographic Configuration

Export DHE

False

Export RSA

False

DHE Support

False

Certificate Chain

Banner Grab

Banner:

220 ProFTPD Server (ProFTPD) [83.169.33.56]

SSHv2 Handshake

Server

OpenSSH 7.2p2

Banner

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

Host Key

Algorithm

ecdsa-sha2-nistp256

Fingerprint

f1e517eb54b23dad4f24a795e46169d389a12484502e53e497351016efd2a7aa

Negotiated Algorithm

Key Exchange

[email protected]

Symmetric Cipher

aes128-ctr [] | aes128-ctr []

MAC

hmac-sha2-256 [] | hmac-sha2-256 []

Banner Grab and StartTLS Initiation

Server

Postfix

Banner

220 simo24.de ESMTP Postfix (Ubuntu)

EHLO

250-simo24.de
250-PIPELINING
250-SIZE 102400000
250-ETRN
250-STARTTLS
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING

STARTTLS

220 2.0.0 Ready to start TLS

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Browser Trusted

True

Certificate Chain

Banner Grab

Banner

220 simo24.de ESMTP Postfix (Ubuntu)

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Browser Trusted

True

Certificate Chain

Banner Grab and StartTLS Initiation

Server

Postfix

Banner

220 simo24.de ESMTP Postfix (Ubuntu)

EHLO

250-simo24.de
250-PIPELINING
250-SIZE 102400000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING

STARTTLS

220 2.0.0 Ready to start TLS

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Browser Trusted

True

Certificate Chain

Open Resolver Query

Open Resolver

False

Banner Grab and StartTLS Initiation

Server

Dovecot

Banner

+OK Dovecot ready. <[email protected]>

STARTTLS

+OK Begin TLS negotiation now.

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Browser Trusted

True

Certificate Chain

Banner Grab and StartTLS Initiation

Server

Dovecot

Banner

* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.

STARTTLS

a001 OK Begin TLS negotiation now.

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Browser Trusted

True

Certificate Chain

Banner Grab

Banner

* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Browser Trusted

True

Certificate Chain

Banner Grab

Banner

+OK Dovecot ready. <[email protected]>

TLS Handshake

Version

TLSv1.2

Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Browser Trusted

True

Certificate Chain

Banner Info

Port

4190

Protocol

TCP

Decoded Banner

"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapflags notify"
"NOTIFY" "mailto"
"SASL" "PLAIN LOGIN DIGEST-MD5 CRAM-MD5"
"STARTTLS"
"VERSION" "1.0"
OK "Dovecot ready."

Banner Info

Port

4643

Protocol

TCP

Decoded Banner

HTTP/1.0 200 OK
Content-type: text/html

<html>
<head>
<script>
	var redirect = "https://" + window.location.host;
	function redirectPage() {
		window.location.href= redirect;
	}
</script>
<noscript>
	<META http-equiv='Refresh' content='0; URL=https://46.163.72.28:4643'>
</noscript>
</head>

<body onLoad="redirectPage();">
Redirecting to SSL secured connection.
<p>
If your browser does not automatically redirect you, click
<script>
	window.document.write("<a href=\"" + redirect + "\"> here </a>");
</script>
<noscript>
<a href="https://46.163.72.28:4643"> here </a>
</noscript>
</p>
</body>
</html>

Banner Info

Port

7080

Protocol

TCP

Decoded Banner

HTTP/1.1 200 OK
Date: Fri, 26 Feb 2021 20:05:34 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Content-Length: 16
Content-Type: text/html; charset=UTF-8

Say what again!

Banner Info

Port

7081

Protocol

TCP

Decoded Banner

HTTP/1.1 400 Bad Request
Date: Fri, 26 Feb 2021 20:05:34 GMT
Server: Apache
Last-Modified: Sun, 19 Jan 2014 07:44:13 GMT
ETag: "3f3-4f04df0fb6d40"
Accept-Ranges: bytes
Content-Length: 1011
Connection: close
Content-Type: text/html

<HTML>
<HEAD>
<TITLE>400 Bad Request</TITLE>
</HEAD>
<BODY>
<H1>Bad Request</H1>
Your browser sent a request that this server could not understand.
<P>
Client sent malformed Host header
<P>
<HR>
<ADDRESS>
Web Server at simo24.de
</ADDRESS>
</BODY>
</HTML>

<!--
   - Unfortunately, Microsoft has added a clever new
   - "feature" to Internet Explorer. If the text of
   - an error's message is "too small", specifically
   - less than 512 bytes, Internet Explorer returns
   - its own error message. You can turn that off,
   - but it's pretty tricky to find switch called
   - "smart error messages". That means, of course,
   - that short error messages are censored by default.
   - IIS always returns error messages that are long
   - enough to make Internet Explorer happy. The

Banner Info

Port

8443

Protocol

TCP

Decoded Banner

HTTP/1.1 302 Moved Temporarily
Server: sw-cp-server
Date: Fri, 26 Feb 2021 20:05:34 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://83.169.33.56:8443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

Banner Info

Port

8880

Protocol

TCP

Decoded Banner

HTTP/1.1 303 See Other
Server: sw-cp-server
Date: Sat, 27 Feb 2021 22:22:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Sat, 27 Feb 2021 22:22:34 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Location: http://83.169.33.56:8880/login.php?success_redirect_url=%2F

0