116.202.91.164

As of: Dec 08, 2022 7:06am UTC | Latest

Basic Information

Reverse DNS
lx10.hoststar.hosting
OS
Ubuntu Linux
Network
HETZNER-AS (DE)
Routing
116.202.0.0/16  via  AS24940
Protocols
25/SMTP , 80/HTTP , 110/POP3 , 143/IMAP , 443/HTTP , 465/SMTP , 587/SMTP , 993/IMAP , 995/POP3 , 2525/SMTP , 3306/MYSQL , 5544/SSH

25/SMTP TCP
Observed Dec 07, 2022 at 5:52pm UTC


View All Data

Software

exim

Details

Banner
220 lx10.hoststar.hosting ESMTP Exim
EHLO
250-lx10.hoststar.hosting Hello scanner-07.ch1.censys-scanner.com [167.94.138.63]
250-SIZE 52428800
250-8BITMIME
250-DSN
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Fingerprint
JA3S
d75f9129bb5d05492a65ff78e081bcb2
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Leaf Certificate
6c8308cf0c50b3d190ceab50ca207d625867fd4f9379e5814b4400d4836d1854
CN=*.hoststar.hosting
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

80/HTTP TCP
Observed Dec 07, 2022 at 1:06pm UTC


View All Data Go

Software

nginx

Details

http://116.202.91.164
Request
GET /
Protocol
HTTP/1.1
Status Code
510
Status Reason
Not Extended
Body Hash
sha1:f4508f7aea77a0cc7106fe1cda80d5816367dc0b
HTML Title
Access denied by security policy
Response Body
# Access denied by security policy

Your request is blocked by a security policy rule.  
Please contact the support team and inform them of the time the error
occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

* * *

Please provide the following information to our support team:

116.202.91.164 | 167.248.133.61 | 07.12.2022 14:06:48

[deactivate](https://lx10.hoststar.hosting

/modsec/?domain=116.202.91.164&ip=167.248.133.61&path=/home/admin/web/lx10.hoststar.hosting/public_html)

110/POP3 TCP
Observed Dec 07, 2022 at 11:18pm UTC


View All Data

Software

Dovecot
Ubuntu Linux

Details

Banner
+OK Dovecot (Ubuntu) ready.
Start TLS
+OK Begin TLS negotiation now.

TLS

Fingerprint
JA3S
15af977ce25de452b96affa2addb1036
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Leaf Certificate
6c8308cf0c50b3d190ceab50ca207d625867fd4f9379e5814b4400d4836d1854
CN=*.hoststar.hosting
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

143/IMAP TCP
Observed Dec 07, 2022 at 4:12am UTC


View All Data

Details

Banner
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot (Ubuntu) ready.
Start TLS
a001 OK Begin TLS negotiation now.

TLS

Fingerprint
JA3S
15af977ce25de452b96affa2addb1036
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Leaf Certificate
6c8308cf0c50b3d190ceab50ca207d625867fd4f9379e5814b4400d4836d1854
CN=*.hoststar.hosting
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

443/HTTP TCP
Observed Dec 08, 2022 at 3:08am UTC


View All Data Go

Software

nginx

Details

https://116.202.91.164
Request
GET /
Protocol
HTTP/1.1
Status Code
510
Status Reason
Not Extended
Body Hash
sha1:0ded8565c486d4d8ec7231c501fe9b4e1f2a199d
HTML Title
Access denied by security policy
Response Body
# Access denied by security policy

Your request is blocked by a security policy rule.  
Please contact the support team and inform them of the time the error
occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

* * *

Please provide the following information to our support team:

116.202.91.164 | 167.94.138.117 | 08.12.2022 04:08:35

[deactivate](https://lx10.hoststar.hosting

/modsec/?domain=116.202.91.164&ip=167.94.138.117&path=/home/admin/web/lx10.hoststar.hosting/public_html)

TLS

Fingerprint
JARM
29d29d15d29d29d00042d42d000000df133019600a83abfb096ff3e86cd79d
JA3S
15af977ce25de452b96affa2addb1036
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Leaf Certificate
6c8308cf0c50b3d190ceab50ca207d625867fd4f9379e5814b4400d4836d1854
CN=*.hoststar.hosting
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

465/SMTP TCP
Observed Dec 08, 2022 at 2:01am UTC


View All Data

Software

exim

Details

Banner
220 lx10.hoststar.hosting ESMTP Exim
EHLO
250-lx10.hoststar.hosting Hello www.censys.io [167.94.146.59]
250-SIZE 52428800
250-8BITMIME
250-DSN
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250 HELP

TLS

Fingerprint
JA3S
d75f9129bb5d05492a65ff78e081bcb2
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Leaf Certificate
6c8308cf0c50b3d190ceab50ca207d625867fd4f9379e5814b4400d4836d1854
CN=*.hoststar.hosting
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

587/SMTP TCP
Observed Dec 07, 2022 at 10:26pm UTC


View All Data

Software

exim

Details

Banner
220 lx10.hoststar.hosting ESMTP Exim
EHLO
250-lx10.hoststar.hosting Hello scanner-09.ch1.censys-scanner.com [167.248.133.62]
250-SIZE 52428800
250-8BITMIME
250-DSN
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Fingerprint
JA3S
d75f9129bb5d05492a65ff78e081bcb2
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Leaf Certificate
6c8308cf0c50b3d190ceab50ca207d625867fd4f9379e5814b4400d4836d1854
CN=*.hoststar.hosting
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

993/IMAP TCP
Observed Dec 07, 2022 at 2:16pm UTC


View All Data

Details

Banner
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Ubuntu) ready.

TLS

Fingerprint
JARM
29d29d15d29d29d00042d42d000000a5308aa908d3edc2392a602b7adac57a
JA3S
15af977ce25de452b96affa2addb1036
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Leaf Certificate
6c8308cf0c50b3d190ceab50ca207d625867fd4f9379e5814b4400d4836d1854
CN=*.hoststar.hosting
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

995/POP3 TCP
Observed Dec 08, 2022 at 7:06am UTC


View All Data

Software

Dovecot
Ubuntu Linux

Details

Banner
+OK Dovecot (Ubuntu) ready.

TLS

Fingerprint
JA3S
15af977ce25de452b96affa2addb1036
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Leaf Certificate
6c8308cf0c50b3d190ceab50ca207d625867fd4f9379e5814b4400d4836d1854
CN=*.hoststar.hosting
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

2525/SMTP TCP
Observed Dec 06, 2022 at 5:35pm UTC


View All Data

Software

exim

Details

Banner
220 lx10.hoststar.hosting ESMTP Exim
EHLO
250-lx10.hoststar.hosting Hello scanner-08.ch1.censys-scanner.com [167.248.133.44]
250-SIZE 52428800
250-8BITMIME
250-DSN
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Fingerprint
JA3S
d75f9129bb5d05492a65ff78e081bcb2
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Leaf Certificate
6c8308cf0c50b3d190ceab50ca207d625867fd4f9379e5814b4400d4836d1854
CN=*.hoststar.hosting
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

3306/MYSQL TCP
Observed Dec 07, 2022 at 9:19am UTC


View All Data

Software

Oracle MySQL 5.7.39
Ubuntu Linux 18.04

Details

Protocol Version
10
Character Set
224

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
1902ebea80a1e70fd9933787275bc8420abfa34cfa8e5230046245f13f84cdaa
CN=MySQL_Server_5.7.29_Auto_Generated_Server_Certificate
CN=MySQL_Server_5.7.29_Auto_Generated_CA_Certificate
Issuer Chain

5544/SSH TCP
Observed Dec 07, 2022 at 2:16pm UTC


View All Data

Details

Host Key
Algorithm
ssh-rsa
Fingerprint
dec73d972b6b35acbb614dd763adc3ce9acede28324b8da8e99b7857921ee205
Negotiated
Key Exchange
ecdh-sha2-nistp256
Symmetric Cipher
aes128-ctr [] aes128-ctr []
MAC
hmac-sha2-256 [] hmac-sha2-256 []

Geographic Location

Country
Germany (DE)
Coordinates
51.2993, 9.491
Timezone
Europe/Berlin