129.121.4.107

As of: Sep 27, 2022 12:57pm UTC | Latest

Basic Information

Reverse DNS
ip-129-121-4-107.local
OS
microsoft windows
Network
ASMALLORANGE1 (US)
Routing
129.121.0.0/19  via  AS62729
Protocols
25/SMTP , 26/SMTP , 53/DNS , 80/HTTP , 110/POP3 , 143/IMAP , 465/SMTP , 587/SMTP , 993/IMAP , 995/POP3 , 1167/UNKNOWN , 1433/MSSQL , 3306/MYSQL , 8443/HTTP , 8880/HTTP , 9998/HTTP , 9999/HTTP

25/SMTP TCP
Observed Sep 26, 2022 at 6:17am UTC


View All Data

Details

Banner
220 ws258.win.arvixe.com
EHLO
250-ws258.win.arvixe.com Hello [162.142.125.221]
250-SIZE 31457280
250-AUTH LOGIN CRAM-MD5
250-STARTTLS
250-8BITMIME
250 OK
Start TLS
220 Start TLS negotiation

TLS

Fingerprint
JA3S
1d9c3e8c45ab7a2112263449a3ad9ece
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Leaf Certificate
c835ee58bb37f8b3e3f3b4bb39c755d7ccc61f8a27087951018658bc298dddd7
CN=*.win.arvixe.com
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

26/SMTP TCP
Observed Sep 26, 2022 at 4:02pm UTC


View All Data

Details

Banner
220 ws258.win.arvixe.com
EHLO
250-ws258.win.arvixe.com Hello [162.142.125.210]
250-SIZE 31457280
250-AUTH LOGIN CRAM-MD5
250-STARTTLS
250-8BITMIME
250 OK
Start TLS
220 Start TLS negotiation

TLS

Fingerprint
JA3S
1d9c3e8c45ab7a2112263449a3ad9ece
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Leaf Certificate
c835ee58bb37f8b3e3f3b4bb39c755d7ccc61f8a27087951018658bc298dddd7
CN=*.win.arvixe.com
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

53/DNS UDP
Observed Sep 27, 2022 at 8:41am UTC


View All Data

Details

R Code
SERVER_FAILURE
Server Type
UNKNOWN

80/HTTP TCP
Observed Sep 27, 2022 at 1:35am UTC


View All Data Go

Software

Microsoft IIS 10.0
Microsoft ASP.NET

Details

http://129.121.4.107
Request
GET /
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:a8ba8325ca0045bd57ad198eeef3c8b307d267ac
HTML Title
Web Server's Default Page
Response Body
You see this page because there is no Web site at this address.

110/POP3 TCP
Observed Sep 27, 2022 at 1:43am UTC


View All Data

Details

Banner
+OK POP3 server ready <[email protected]>
Start TLS
+OK Start TLS negotiation

TLS

Fingerprint
JA3S
1d9c3e8c45ab7a2112263449a3ad9ece
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Leaf Certificate
c835ee58bb37f8b3e3f3b4bb39c755d7ccc61f8a27087951018658bc298dddd7
CN=*.win.arvixe.com
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

143/IMAP TCP
Observed Sep 26, 2022 at 11:34pm UTC


View All Data

Details

Banner
* OK IMAP4rev1 SmarterMail
Start TLS
a001 OK Start TLS negotiation

TLS

Fingerprint
JA3S
1d9c3e8c45ab7a2112263449a3ad9ece
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Leaf Certificate
c835ee58bb37f8b3e3f3b4bb39c755d7ccc61f8a27087951018658bc298dddd7
CN=*.win.arvixe.com
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

465/SMTP TCP
Observed Sep 27, 2022 at 10:32am UTC


View All Data

Details

Banner
220 ws258.win.arvixe.com
EHLO
250-ws258.win.arvixe.com Hello [162.142.125.219]
250-SIZE 31457280
250-AUTH LOGIN CRAM-MD5
250-8BITMIME
250 OK

TLS

Fingerprint
JA3S
1d9c3e8c45ab7a2112263449a3ad9ece
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Leaf Certificate
c835ee58bb37f8b3e3f3b4bb39c755d7ccc61f8a27087951018658bc298dddd7
CN=*.win.arvixe.com
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

587/SMTP TCP
Observed Sep 26, 2022 at 4:48pm UTC


View All Data

Details

Banner
220 ws258.win.arvixe.com
EHLO
250-ws258.win.arvixe.com Hello [162.142.125.221]
250-SIZE 31457280
250-AUTH LOGIN CRAM-MD5
250-8BITMIME
250 OK

TLS

Fingerprint
JA3S
1d9c3e8c45ab7a2112263449a3ad9ece
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Leaf Certificate
c835ee58bb37f8b3e3f3b4bb39c755d7ccc61f8a27087951018658bc298dddd7
CN=*.win.arvixe.com
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

993/IMAP TCP
Observed Sep 26, 2022 at 2:22pm UTC


View All Data

Details

Banner
* OK IMAP4rev1 SmarterMail

TLS

Fingerprint
JARM
2ad2ad0002ad2ad22c2ad2ad2ad2add3b67dd3674d9af9dd91c1955a35d0e9
JA3S
1d9c3e8c45ab7a2112263449a3ad9ece
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Leaf Certificate
c835ee58bb37f8b3e3f3b4bb39c755d7ccc61f8a27087951018658bc298dddd7
CN=*.win.arvixe.com
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

995/POP3 TCP
Observed Sep 26, 2022 at 11:21pm UTC


View All Data

Details

Banner
+OK POP3 server ready <[email protected]>

TLS

Fingerprint
JA3S
1d9c3e8c45ab7a2112263449a3ad9ece
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Leaf Certificate
c835ee58bb37f8b3e3f3b4bb39c755d7ccc61f8a27087951018658bc298dddd7
CN=*.win.arvixe.com
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

1167/UNKNOWN TCP
Observed Sep 26, 2022 at 4:41pm UTC


View All Data

Details

Banner (Hex)
  
00000000
00000010
00000020
00000030
00000040
00000050
00000060
00000070
00000080
00000090
000000A0
000000B0
000000C0
000000D0
000000E0
000000F0
00000100
00000110
00000120
00000130
00 00 01 32 52 af 02 0a 18 08 a3 80 04 10 02 18
00 20 01 2a 0c 4d 69 63 72 6f 73 6f 66 74 20 48
76 10 00 1a 90 02 2d 2d 2d 2d 2d 42 45 47 49 4e
20 50 55 42 4c 49 43 20 4b 45 59 2d 2d 2d 2d 2d
0a 4d 49 47 66 4d 41 30 47 43 53 71 47 53 49 62
33 44 51 45 42 41 51 55 41 41 34 47 4e 41 44 43
42 69 51 4b 42 67 51 43 39 5a 52 38 52 4f 6b 6b
71 52 56 49 4a 4c 56 48 74 44 48 56 4f 30 73 45
78 0a 52 33 64 7a 6c 78 5a 6b 52 59 4a 33 45 41
30 37 66 4a 4b 4b 2f 77 43 6f 68 56 77 59 61 57
56 5a 62 38 4f 6a 42 46 38 45 2f 61 6a 69 6e 44
35 71 33 71 59 41 49 31 2f 4c 69 62 32 45 2f 73
59 2f 0a 6d 6b 41 69 49 57 45 2b 6c 52 2b 79 41
6f 34 55 42 33 2b 41 72 71 56 6e 61 52 76 5a 50
70 55 69 4e 59 63 73 74 48 73 44 6b 6a 59 70 77
66 34 42 4c 2b 2b 6b 35 41 61 38 72 6a 37 32 6d
43 4f 61 0a 4c 57 7a 32 5a 79 4c 32 69 47 79 52
4c 47 78 73 50 77 49 44 41 51 41 42 0a 2d 2d 2d
2d 2d 45 4e 44 20 50 55 42 4c 49 43 20 4b 45 59
2d 2d 2d 2d 2d 0a
...2R...........
. .*.Microsoft H
v.....-----BEGIN
PUBLIC KEY-----
.MIGfMA0GCSqGSIb
3DQEBAQUAA4GNADC
BiQKBgQC9ZR8ROkk
qRVIJLVHtDHVO0sE
x.R3dzlxZkRYJ3EA
07fJKK/wCohVwYaW
VZb8OjBF8E/ajinD
5q3qYAI1/Lib2E/s
Y/.mkAiIWE+lR+yA
o4UB3+ArqVnaRvZP
pUiNYcstHsDkjYpw
f4BL++k5Aa8rj72m
COa.LWz2ZyL2iGyR
LGxsPwIDAQAB.---
--END PUBLIC KEY
-----.

1433/MSSQL TCP
Observed Sep 27, 2022 at 9:31am UTC


View All Data

Software

Microsoft SQL Server 15.0.2095
microsoft windows

Details

Version
15.0.2095
Encrypt Mode
ENCRYPT_ON

3306/MYSQL TCP
Observed Sep 26, 2022 at 7:34pm UTC


View All Data

Software

microsoft windows
MariaDB 10.3.22

Details

Protocol Version
10
Character Set
8

8443/HTTP TCP
Observed Sep 27, 2022 at 12:43pm UTC


View All Data Go

Software

Microsoft IIS 10.0
Microsoft ASP.NET

Details

https://129.121.4.107:8443
Request
GET /login_up.php
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:5e41dc68918d12d589805ecb266d613c31c5c506
HTML Title
Plesk Obsidian 18.0.27
Response Body

TLS

Fingerprint
JARM
2ad2ad00000000022c2ad2ad2ad2ad89cb1e4a786a3a377716a803180489d2
JA3S
1d9c3e8c45ab7a2112263449a3ad9ece
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Leaf Certificate
c835ee58bb37f8b3e3f3b4bb39c755d7ccc61f8a27087951018658bc298dddd7
CN=*.win.arvixe.com
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Issuer Chain

8880/HTTP TCP
Observed Sep 26, 2022 at 6:40pm UTC


View All Data Go

Software

Microsoft IIS 10.0
Microsoft ASP.NET

Details

http://129.121.4.107:8880
Request
GET /login_up.php
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:7d6efe3356d2a4695c94b96661cbc6687c41c8b8
HTML Title
Plesk Obsidian 18.0.27
Response Body

9998/HTTP TCP
Observed Sep 26, 2022 at 4:02pm UTC


View All Data Go

Software

Microsoft IIS 10.0
Microsoft ASP.NET

Details

http://129.121.4.107:9998
Request
GET /Login.aspx
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:75151d0b9dde6a2354e427ef5a75af5483a356ea
HTML Title
	SmarterMail
Response Body
  

#  Login to SmarterMail

##  Email Address  (e.g., [email protected])

##  Password

Remember me

Use Browser Language English

[Login](javascript:__doPostBack\('ctl00$BPH$btnLogin',''\))

Switch to the [mobile interface](/Mobile)

By logging in, you're accepting cookies for this site.

[Help](http://help.smartertools.com/SmarterMail/v15/Default.aspx?p=_USR&v=15.7.6970&lang=en-
US&page=LoginUser) | [SmarterMail Enterprise
15.7](https://www.smartertools.com/smartermail/business-email-server) |
[Windows Mail Server](https://www.smartertools.com/smartermail/business-email-
server) | (C) 2022 [SmarterTools Inc.](http://www.smartertools.com/)

9999/HTTP TCP
Observed Sep 26, 2022 at 4:02pm UTC


View All Data Go

Software

Microsoft IIS 10.0
Microsoft ASP.NET

Details

http://129.121.4.107:9999
Request
GET /GettingStarted.htm
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:38e3ed29dd03c1d10944fa7635406e0aa04dfacc
Response Body
�/�� ��V�n۸}/���
�l�nRl��^�Iz�"�kw�>�4�S�JRq܋~�>�'�/�P� [qӬ�9 �9���{��������3x;y
?��8?����� 秓�j�(��9?��K��_p�\\.��ad�O�����Vh'�4Z�(� =~4S�/��~��A�^@p�ů��
��=jߝ�rdW_C��Ɨ�_B� ��?M�t��+/���gT����q&�G;�»'^���J��gC6^H�Oq&
���x����K=�u��ͫe�#:�� /]�˵�>-��R]�AD�&=�8ـ�hn��mջ�� �={ ����
��v(�A{��q{�P��g6�{�:u�fl�灾��n
����K�����Pꫦ�T��6����w�]���^(����~�=gP�K�d�r��X����rV(Er��7U��Ρ�e�?z���N�
K� Y�@/

Geographic Location

Country
United States (US)
Coordinates
37.751, -97.822
Timezone
America/Chicago