116.202.91.164

As of: May 29, 2024 7:53am UTC | Latest

Basic Information

Reverse DNS
lx10.hoststar.hosting
Forward DNS
www.marlonfischer.com, www.matihas.tv, pakpepper.ch, www.multifant-gmbh.ch, www.massage-lotzwil.ch, ...
Routing
116.202.0.0/16  via HETZNER-AS, DE (AS24940)
OS
Ubuntu Linux
Services (12)
25/SMTP, 80/HTTP, 110/POP3, 143/IMAP, 443/HTTP, 465/SMTP, 587/SMTP, 993/IMAP, 995/POP3, 2525/SMTP, 3306/MYSQL, 5544/SSH
Labels
Database Email Remote Access

SMTP 25/TCP
05/29/2024 01:50 UTC

Email

Software

exim

Details

Banner
220 lx10.hoststar.hosting ESMTP Exim
EHLO
250-lx10.hoststar.hosting Hello www.censys.io [199.45.154.72]
250-SIZE 52428800
250-8BITMIME
250-DSN
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Certificate
Fingerprint
683b6e31a83981c1559e9e6fe1aee92366101be7e43142f79e00d1d32a6ce4ca
Subject
CN=*.hoststar.hosting
Issuer
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Names
*.hoststar.hosting, hoststar.hosting
Fingerprint
JA3S
d75f9129bb5d05492a65ff78e081bcb2
JA4S
t120200_544c535f43484143484132305f504f4c59313330355f534841323536_01ee62603618

HTTP 80/TCP
05/27/2024 20:40 UTC


Software

nginx

Details

http://116.202.91.164/
Status
510  Not Extended
Body Hash
sha1:bc8d43bfeb467d51b3c3f93e227d8169c811c163
HTML Title
Access denied by security policy
Response Body
      # Access denied by security policy

Your request is blocked by a security policy rule.  
Please contact the support team and inform them of the time the error
occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

* * *

Please provide the following information to our support team:

116.202.91.164 | 167.94.146.49 | 27.05.2024 22:40:25

[deactivate](https://lx10.hoststar.hosting

/modsec/?domain=116.202.91.164&ip=167.94.146.49&path=/home/admin/web/lx10.hoststar.hosting/public_html)
    

POP3 110/TCP
05/27/2024 16:45 UTC

Email

Software

Dovecot
Ubuntu Linux

Details

Banner
+OK Dovecot (Ubuntu) ready.
Start TLS
+OK Begin TLS negotiation now.

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
683b6e31a83981c1559e9e6fe1aee92366101be7e43142f79e00d1d32a6ce4ca
Subject
CN=*.hoststar.hosting
Issuer
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Names
*.hoststar.hosting, hoststar.hosting
Fingerprint
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t120200_544c535f4145535f3235365f47434d5f534841333834_9f090db0cf15

IMAP 143/TCP
05/27/2024 04:16 UTC

Email

Software

Dovecot
Ubuntu Linux

Details

Banner
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot (Ubuntu) ready.
Start TLS
a001 OK Begin TLS negotiation now.

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
683b6e31a83981c1559e9e6fe1aee92366101be7e43142f79e00d1d32a6ce4ca
Subject
CN=*.hoststar.hosting
Issuer
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Names
*.hoststar.hosting, hoststar.hosting
Fingerprint
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t120200_544c535f4145535f3235365f47434d5f534841333834_9f090db0cf15

HTTP 443/TCP
05/29/2024 07:53 UTC


Software

nginx

Details

https://116.202.91.164/
Status
403  Forbidden
Body Hash
sha1:4d7b3cb41e90618358d0ee066c45c76227a13747
HTML Title
403 Forbidden
Response Body
      # 403 Forbidden

* * *

nginx
    

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
683b6e31a83981c1559e9e6fe1aee92366101be7e43142f79e00d1d32a6ce4ca
Subject
CN=*.hoststar.hosting
Issuer
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Names
*.hoststar.hosting, hoststar.hosting
Fingerprint
JARM
29d29d15d29d29d00042d42d000000df133019600a83abfb096ff3e86cd79d
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t120200_544c535f4145535f3235365f47434d5f534841333834_9f090db0cf15

SMTP 465/TCP
05/29/2024 06:30 UTC

Email

Software

exim

Details

Banner
220 lx10.hoststar.hosting ESMTP Exim
EHLO
250-lx10.hoststar.hosting Hello www.censys.io [167.94.138.35]
250-SIZE 52428800
250-8BITMIME
250-DSN
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250 HELP

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Certificate
Fingerprint
683b6e31a83981c1559e9e6fe1aee92366101be7e43142f79e00d1d32a6ce4ca
Subject
CN=*.hoststar.hosting
Issuer
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Names
*.hoststar.hosting, hoststar.hosting
Fingerprint
JARM
2ad14d0002ad2ad00042d43d00042ddae87855c179abc2cc62b296c5d295e3
JA3S
d75f9129bb5d05492a65ff78e081bcb2
JA4S
t120200_544c535f43484143484132305f504f4c59313330355f534841323536_01ee62603618

SMTP 587/TCP
05/28/2024 11:36 UTC

Email

Software

exim

Details

Banner
220 lx10.hoststar.hosting ESMTP Exim
EHLO
250-lx10.hoststar.hosting Hello www.censys.io [167.94.145.99]
250-SIZE 52428800
250-8BITMIME
250-DSN
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Certificate
Fingerprint
683b6e31a83981c1559e9e6fe1aee92366101be7e43142f79e00d1d32a6ce4ca
Subject
CN=*.hoststar.hosting
Issuer
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Names
*.hoststar.hosting, hoststar.hosting
Fingerprint
JA3S
d75f9129bb5d05492a65ff78e081bcb2
JA4S
t120200_544c535f43484143484132305f504f4c59313330355f534841323536_01ee62603618

IMAP 993/TCP
05/28/2024 07:13 UTC

Email

Software

Dovecot
Ubuntu Linux

Details

Banner
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Ubuntu) ready.

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
683b6e31a83981c1559e9e6fe1aee92366101be7e43142f79e00d1d32a6ce4ca
Subject
CN=*.hoststar.hosting
Issuer
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Names
*.hoststar.hosting, hoststar.hosting
Fingerprint
JARM
29d29d15d29d29d00042d42d000000a5308aa908d3edc2392a602b7adac57a
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t120200_544c535f4145535f3235365f47434d5f534841333834_9f090db0cf15

POP3 995/TCP
05/27/2024 14:40 UTC

Email

Software

Dovecot
Ubuntu Linux

Details

Banner
+OK Dovecot (Ubuntu) ready.

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
683b6e31a83981c1559e9e6fe1aee92366101be7e43142f79e00d1d32a6ce4ca
Subject
CN=*.hoststar.hosting
Issuer
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Names
*.hoststar.hosting, hoststar.hosting
Fingerprint
JARM
29d29d15d29d29d00042d42d000000a5308aa908d3edc2392a602b7adac57a
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t120200_544c535f4145535f3235365f47434d5f534841333834_9f090db0cf15

SMTP 2525/TCP
05/26/2024 17:30 UTC

Email

Software

exim

Details

Banner
220 lx10.hoststar.hosting ESMTP Exim
EHLO
250-lx10.hoststar.hosting Hello www.censys.io [167.248.133.182]
250-SIZE 52428800
250-8BITMIME
250-DSN
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Certificate
Fingerprint
683b6e31a83981c1559e9e6fe1aee92366101be7e43142f79e00d1d32a6ce4ca
Subject
CN=*.hoststar.hosting
Issuer
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Names
*.hoststar.hosting, hoststar.hosting
Fingerprint
JA3S
d75f9129bb5d05492a65ff78e081bcb2
JA4S
t120200_544c535f43484143484132305f504f4c59313330355f534841323536_01ee62603618

MYSQL 3306/TCP
05/29/2024 03:35 UTC

Database

Software

Oracle MySQL 8.0.36
Ubuntu Linux 20.04

Details

Protocol Version
10
Character Set
224

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Certificate
Fingerprint
1902ebea80a1e70fd9933787275bc8420abfa34cfa8e5230046245f13f84cdaa
Subject
CN=MySQL_Server_5.7.29_Auto_Generated_Server_Certificate
Issuer
CN=MySQL_Server_5.7.29_Auto_Generated_CA_Certificate
Fingerprint
JA3S
475c9302dc42b2751db9edcac3b74891
JA4S
t120200_544c535f43484143484132305f504f4c59313330355f534841323536_9f090db0cf15

SSH 5544/TCP
05/26/2024 18:53 UTC

Remote Access

Details

Host Key
Algorithm
ssh-rsa
Fingerprint
dec73d972b6b35acbb614dd763adc3ce9acede28324b8da8e99b7857921ee205
Negotiated
Key Exchange
ecdh-sha2-nistp256
Symmetric Cipher
aes128-ctr [] aes128-ctr []
MAC
hmac-sha2-256 [] hmac-sha2-256 []

Geographic Location

City
Nürnberg
State
Bavaria
Country
Germany (DE)
Coordinates
49.45421, 11.07752
Timezone
Europe/Berlin