185.30.32.2
As of: Jan 23, 2025 5:56am UTC |
Latest
{
"ip": "185.30.32.2",
"services": [
{
"_decoded": "ftp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 webgo STRINGTOREPLACE FTP Server ready.\r\n",
"banner_hashes": [
"sha256:9e74df2f57fee49f33cf8475c57c83ac26a52116530b334f7053af6982949cbb"
],
"banner_hex": "32323020776562676f20535452494e47544f5245504c41434520465450205365727665722072656164792e0d0a",
"certificate": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"extended_service_name": "FTPes",
"ftp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"auth_tls_response": "DISPLAY_UTF8"
},
"banner": "220 webgo STRINGTOREPLACE FTP Server ready.\r\n",
"auth_tls_response": "234 AUTH TLS successful\r\n",
"status_code": 220,
"status_meaning": "Service ready for new user.",
"implicit_tls": false
},
"labels": [
"file-sharing"
],
"observed_at": "2025-01-22T08:21:52.716651200Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 21,
"service_name": "FTP",
"source_ip": "167.94.146.56",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "3c8b8ced0f40619280a5ee6f46db78fdb77e7e7e3fd5ca53e8f13de4869e2768",
"fingerprint": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "oAiUZ7x7udIYPj1BxpF4pE377Z6lgPx0LCrMrIIZCVCOugThtLz9HfL5OP/3Auc3AdgvRsNqNNe1vryqCA4wbiXxOPhcy4fAysvlXcjqud/7ApWoZE5uPxQwtBUwmJIQqXWo63VQI4ZI3j3juvlZTbovqVuxgPiRBq/vRG5qLARIRC2YP92fQ+8E2sqMf9NEqUmfUPgJExoUZur8QhzbPcfrsjMCVWlE9IfZw5BsBju4OdHM6gHVfLHhUwy0QW+KA2m++cJFbjAh2eyV4OpYYl+59mamSGPUMAPAOHnoC7zZFnfBuqT2yQNw9HMbFOv1HQESDuLbxmIUKMM7OMs9pw==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "d150ddb154113c3934b2e58b40d9a51e34caaa48e6aa24154cc96c8b45e5b24c"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
},
{
"fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 29
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "d25619cb77d3219fc9fc14cb6b35eacc",
"ja4s": "t120200_cca8_344b4dce5a52"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "ssh",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3",
"banner_hashes": [
"sha256:8a0b4c67ffffbda9b94fe19108bb520fe4af53027553bc4b6724f3ed7bbb8df3"
],
"banner_hex": "5353482d322e302d4f70656e5353485f382e3470312044656269616e2d352b64656231317533",
"extended_service_name": "SSH",
"labels": [
"remote-access"
],
"observed_at": "2025-01-22T16:04:01.792573058Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 22,
"service_name": "SSH",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
}
],
"source_ip": "162.142.125.115",
"ssh": {
"endpoint_id": {
"_encoding": {
"raw": "DISPLAY_UTF8"
},
"raw": "SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3",
"protocol_version": "2.0",
"software_version": "OpenSSH_8.4p1",
"comment": "Debian-5+deb11u3"
},
"kex_init_message": {
"kex_algorithms": [
"curve25519-sha256",
"[email protected]",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group16-sha512",
"diffie-hellman-group18-sha512",
"diffie-hellman-group14-sha256",
"[email protected]"
],
"host_key_algorithms": [
"rsa-sha2-512",
"rsa-sha2-256",
"ssh-rsa"
],
"client_to_server_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]"
],
"server_to_client_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"client_to_server_compression": [
"none",
"[email protected]"
],
"server_to_client_compression": [
"none",
"[email protected]"
],
"first_kex_follows": false
},
"algorithm_selection": {
"kex_algorithm": "[email protected]",
"host_key_algorithm": "ssh-rsa",
"client_to_server_alg_group": {
"cipher": "aes128-ctr",
"mac": "hmac-sha2-256",
"compression": "none"
},
"server_to_client_alg_group": {
"cipher": "aes128-ctr",
"mac": "hmac-sha2-256",
"compression": "none"
}
},
"server_host_key": {
"fingerprint_sha256": "69b6f0e46ac5e9cb7c1f9c49bb1dc702ee61b0face503d38557ea50bfcb42855",
"rsa_public_key": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "vCEbtK7VUlN0H6u2C6aCiEjqgoV9ITsAvLw0020uGSrsfUs9E4SY64a2Ph86QkTqrmFwJ67cJh8Fp5YJkgf2bLBfSrPmqLU5d048lXLp4RGxoY2VDjnBA6nLn9NjCP9lCX/IFWbbRuK6obUQlNi+SMXyjs+VWfX+urEbr56YnIY3dM/KeTtB4crswaAVL/vcmd5cE7tgE4EGPQv1pAcGTj6qMV+U/j+1D2jzahlqFIOww3mbiZ78OmagnIdmrFE1dC+puqDQgcyF59Ix2yZB+KVEKVpe47nOcre8Hhnvtq4rw9iocfI3sCyNZh5rTPhcRAYy9iU6ZCB6AswNkuVaUw==",
"exponent": "AAEAAQ==",
"length": 2048
}
},
"hassh_fingerprint": "779664e66160bf75999f091fce5edb5a"
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "smtp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220-webgo MAILSERVER - checking mail...\r\n220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"banner_hashes": [
"sha256:e0774d25eea42114d591d6f4243e210273622cc9a15870552af5bf46b3d99c65"
],
"banner_hex": "3232302d776562676f204d41494c534552564552202d20636865636b696e67206d61696c2e2e2e0d0a32323020736572766572322e776562676f32342e64652045534d545020506f7374666978202844656269616e2f474e55290d0a",
"certificate": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"extended_service_name": "SMTP-STARTTLS",
"labels": [
"email"
],
"observed_at": "2025-01-22T04:09:38.732478622Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 25,
"service_name": "SMTP",
"smtp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"ehlo": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "220-webgo MAILSERVER - checking mail...\r\n220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"ehlo": "250-server2.webgo24.de\r\n250-PIPELINING\r\n250-SIZE 1073741824\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 CHUNKING\r\n",
"start_tls": "220 2.0.0 Ready to start TLS\r\n"
},
"source_ip": "167.94.145.107",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "3c8b8ced0f40619280a5ee6f46db78fdb77e7e7e3fd5ca53e8f13de4869e2768",
"fingerprint": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "oAiUZ7x7udIYPj1BxpF4pE377Z6lgPx0LCrMrIIZCVCOugThtLz9HfL5OP/3Auc3AdgvRsNqNNe1vryqCA4wbiXxOPhcy4fAysvlXcjqud/7ApWoZE5uPxQwtBUwmJIQqXWo63VQI4ZI3j3juvlZTbovqVuxgPiRBq/vRG5qLARIRC2YP92fQ+8E2sqMf9NEqUmfUPgJExoUZur8QhzbPcfrsjMCVWlE9IfZw5BsBju4OdHM6gHVfLHhUwy0QW+KA2m++cJFbjAh2eyV4OpYYl+59mamSGPUMAPAOHnoC7zZFnfBuqT2yQNw9HMbFOv1HQESDuLbxmIUKMM7OMs9pw==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "d150ddb154113c3934b2e58b40d9a51e34caaa48e6aa24154cc96c8b45e5b24c"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
},
{
"fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036",
"ja4s": "t130200_1302_a56c5b993250"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: keep-alive\r\nLocation: http://server2.webgo24.de\r\n",
"banner_hashes": [
"sha256:5f54c8b121e00b89ae22abfa2dec560e4fbad4f9f4fd3492d527596956a0de18"
],
"banner_hex": "485454502f312e3120333031204d6f766564205065726d616e656e746c790d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203136320d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a4c6f636174696f6e3a20687474703a2f2f736572766572322e776562676f32342e64650d0a",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://185.30.32.2/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 301,
"status_reason": "Moved Permanently",
"headers": {
"Date": [
"<REDACTED>"
],
"_encoding": {
"Date": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Location": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8"
},
"Server": [
"nginx"
],
"Content_Length": [
"162"
],
"Content_Type": [
"text/html"
],
"Location": [
"http://server2.webgo24.de"
],
"Connection": [
"keep-alive"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>301 Moved Permanently</title>"
],
"body_size": 162,
"body": "<html>\r\n<head><title>301 Moved Permanently</title></head>\r\n<body>\r\n<center><h1>301 Moved Permanently</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
"body_hashes": [
"sha256:9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a",
"sha1:3adb1f02d5b6054de0046e367c1d687b6cdf7aff"
],
"body_hash": "sha1:3adb1f02d5b6054de0046e367c1d687b6cdf7aff",
"html_title": "301 Moved Permanently"
},
"supports_http2": false
},
"observed_at": "2025-01-23T05:08:19.718063082Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 80,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "nginx",
"product": "nginx",
"other": {
"family": "nginx"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.146.62",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "pop3",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "+OK Dovecot (Debian) ready.\r\n",
"banner_hashes": [
"sha256:d23f942eab9de1c939a3dcab0aefadf6c86ebc2b99ba56b2b364c14c7c2b8dad"
],
"banner_hex": "2b4f4b20446f7665636f74202844656269616e292072656164792e0d0a",
"certificate": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"extended_service_name": "POP3S",
"labels": [
"email"
],
"observed_at": "2025-01-22T07:49:46.373924091Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"pop3": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "+OK Dovecot (Debian) ready.\r\n",
"start_tls": "+OK Begin TLS negotiation now.\r\n"
},
"port": 110,
"service_name": "POP3",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Dovecot",
"product": "Dovecot",
"other": {
"family": "Dovecot"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.45",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "3c8b8ced0f40619280a5ee6f46db78fdb77e7e7e3fd5ca53e8f13de4869e2768",
"fingerprint": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "oAiUZ7x7udIYPj1BxpF4pE377Z6lgPx0LCrMrIIZCVCOugThtLz9HfL5OP/3Auc3AdgvRsNqNNe1vryqCA4wbiXxOPhcy4fAysvlXcjqud/7ApWoZE5uPxQwtBUwmJIQqXWo63VQI4ZI3j3juvlZTbovqVuxgPiRBq/vRG5qLARIRC2YP92fQ+8E2sqMf9NEqUmfUPgJExoUZur8QhzbPcfrsjMCVWlE9IfZw5BsBju4OdHM6gHVfLHhUwy0QW+KA2m++cJFbjAh2eyV4OpYYl+59mamSGPUMAPAOHnoC7zZFnfBuqT2yQNw9HMbFOv1HQESDuLbxmIUKMM7OMs9pw==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "d150ddb154113c3934b2e58b40d9a51e34caaa48e6aa24154cc96c8b45e5b24c"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
},
{
"fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891",
"ja4s": "t130200_1303_a56c5b993250"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "ntp",
"extended_service_name": "NTP",
"ntp": {
"get_time_header": {
"version": 3,
"mode": 4,
"stratum": 3,
"poll": 3,
"precision": -23,
"_encoding": {
"reference_id": "DISPLAY_UTF8"
},
"reference_id": "\u056cij",
"leap_indicator": 0
}
},
"observed_at": "2025-01-22T05:27:47.519084083Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 123,
"service_name": "NTP",
"source_ip": "199.45.154.148",
"transport_protocol": "UDP",
"truncated": false
},
{
"_decoded": "imap",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN] Dovecot (Debian) ready.\r\n",
"banner_hashes": [
"sha256:30da5d31a6902099f19ddc50a2f3de9fceaa1081ac7b6fed7c48384108795c93"
],
"banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c45204c49544552414c2b205354415254544c5320415554483d504c41494e5d20446f7665636f74202844656269616e292072656164792e0d0a",
"certificate": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"extended_service_name": "IMAPS",
"imap": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN] Dovecot (Debian) ready.\r\n",
"start_tls": "a001 OK Begin TLS negotiation now.\r\n"
},
"labels": [
"email"
],
"observed_at": "2025-01-23T03:02:17.693113415Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 143,
"service_name": "IMAP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Dovecot",
"product": "Dovecot",
"other": {
"family": "Dovecot"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.63",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "3c8b8ced0f40619280a5ee6f46db78fdb77e7e7e3fd5ca53e8f13de4869e2768",
"fingerprint": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "oAiUZ7x7udIYPj1BxpF4pE377Z6lgPx0LCrMrIIZCVCOugThtLz9HfL5OP/3Auc3AdgvRsNqNNe1vryqCA4wbiXxOPhcy4fAysvlXcjqud/7ApWoZE5uPxQwtBUwmJIQqXWo63VQI4ZI3j3juvlZTbovqVuxgPiRBq/vRG5qLARIRC2YP92fQ+8E2sqMf9NEqUmfUPgJExoUZur8QhzbPcfrsjMCVWlE9IfZw5BsBju4OdHM6gHVfLHhUwy0QW+KA2m++cJFbjAh2eyV4OpYYl+59mamSGPUMAPAOHnoC7zZFnfBuqT2yQNw9HMbFOv1HQESDuLbxmIUKMM7OMs9pw==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "d150ddb154113c3934b2e58b40d9a51e34caaa48e6aa24154cc96c8b45e5b24c"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
},
{
"fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891",
"ja4s": "t130200_1303_a56c5b993250",
"versions": [
{
"tls_version": "TLSv1_3",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891",
"ja4s": "t130200_1303_a56c5b993250"
}
]
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: <REDACTED>\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=9a77cb4316d9a57de63d11ece0dd228c; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n",
"banner_hashes": [
"sha256:db2b4760fbfc53811604f30b9aed657cdf1a2401f0112fc5150336b7c33f3973"
],
"banner_hex": "485454502f312e3120323030204f4b0d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d5554462d380d0a5472616e736665722d456e636f64696e673a206368756e6b65640d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a566172793a204163636570742d456e636f64696e670d0a5365742d436f6f6b69653a205048505345535349443d39613737636234333136643961353764653633643131656365306464323238633b20706174683d2f0d0a457870697265733a205468752c203139204e6f7620313938312030383a35323a303020474d540d0a43616368652d436f6e74726f6c3a206e6f2d73746f72652c206e6f2d63616368652c206d7573742d726576616c69646174650d0a507261676d613a206e6f2d63616368650d0a436f6e74656e742d456e636f64696e673a20677a69700d0a",
"certificate": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"extended_service_name": "HTTPS",
"http": {
"request": {
"method": "GET",
"uri": "https://185.30.32.2/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 200,
"status_reason": "OK",
"headers": {
"Vary": [
"Accept-Encoding"
],
"_encoding": {
"Vary": "DISPLAY_UTF8",
"Cache_Control": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"Transfer_Encoding": "DISPLAY_UTF8",
"Expires": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8",
"Pragma": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8",
"Content_Encoding": "DISPLAY_UTF8",
"Set_Cookie": "DISPLAY_UTF8"
},
"Cache_Control": [
"no-store, no-cache, must-revalidate"
],
"Server": [
"nginx"
],
"Transfer_Encoding": [
"chunked"
],
"Expires": [
"Thu, 19 Nov 1981 08:52:00 GMT"
],
"Content_Type": [
"text/html; charset=UTF-8"
],
"Connection": [
"keep-alive"
],
"Pragma": [
"no-cache"
],
"Date": [
"<REDACTED>"
],
"Content_Encoding": [
"gzip"
],
"Set_Cookie": [
"PHPSESSID=9a77cb4316d9a57de63d11ece0dd228c; path=/"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>webgo Webspace-Admin</title>",
"<meta charset=\"UTF-8\">",
"<meta name=\"viewport\" content=\"width=device-width, initial-scale=1, shrink-to-fit=no\">",
"<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">",
"<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">",
"<meta name=\"description\" content=\"webgo Webspace-Admin\">",
"<meta name=\"keywords\" content=\"Mesos, webgo Webspace-Admin, Linux, Server, Verwaltung, Postfix, Dovecot, Nginx, Apache, Mariadb\">"
],
"body_size": 3271,
"body": "<!DOCTYPE html>\n<html lang=\"de\">\n\n<head>\n\t <style>\n :root {\n --set-dynamic-backgorund-color: #d32c30;\n --set-dynamic-border-color: #d32c30;\n --set-dynamic-text-color: #d32c30;\n --set-dynamic-without-login-text-color: #646464;\n --set-dynamic-without-login-backgound-color: rgb(249, 248, 248);\n --set-dynamic-without-login-button-backgound-color: #d32c30;\n --set-dynamic-without-login-button-text-color: #ffffff;\n --set-dynamic-sidebar-menu-text-color: #d32c30;\n --set-dynamic-login-form-border-color: #a9a9a9;\n } \n </style>\t<meta charset=\"UTF-8\">\n\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1, shrink-to-fit=no\">\n\t<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\t<meta name=\"description\" content=\"webgo Webspace-Admin\">\n\t<meta name=\"keywords\" content=\"Mesos, webgo Webspace-Admin, Linux, Server, Verwaltung, Postfix, Dovecot, Nginx, Apache, Mariadb\">\n\n\t<title>webgo Webspace-Admin</title>\n\t<link rel=\"icon\" href=\"https://www.webgo.de/assets/images/favicon.ico\">\t<!-- Bootstrap-CSS -->\n\t<link href=\"templates/default_v4/css/bootstrap.min.css\" rel=\"stylesheet\">\n\t<!-- Bootstrap-Theme -->\n\t<link href=\"templates/default_v4/css/bootstrap-theme.min.css\" rel=\"stylesheet\">\n\t<!-- Fonts Awesome von http://fontawesome.io/ -->\n\t<link href=\"templates/default_v4/css/font-awesome.min.css\" rel=\"stylesheet\">\n\t<!-- Optional fuer Live Search in selects -->\n\t<link href=\"templates/default_v4/css/bootstrap-select.min.css\" rel=\"stylesheet\">\n\t<!-- Optional ende -->\n\n\t<!-- Eigen-CSS -->\n\t<link href=\"templates/default_v4/css/mesosadmin.css?v=2024092601\" rel=\"stylesheet\">\n\t<link href=\"templates/default_v4/css/login.css?v=20240924\" rel=\"stylesheet\">\n</head>\n\n<body class=\"text-center\">\n\t<div class=\"mesos-login\">\n\t\t\t<div class=\"mesos-login-head\">\n\t\t\t<img src=\"/images/logo.svg\" class=\"logosses\" style=\"width: 130px;\n\t\t\theight: 86px;\">\n\t\t</div>\n\t\t\t<form method=\"POST\" action=\"index.php\" class=\"mesos-form-login\">\n\t\t\t<h1 class=\"h3 mb-3 font-weight-normal\">Bitte einloggen</h1>\n\t\t\t<label for=\"Login\" class=\"sr-only\">Benutzername</label>\n\t\t\t<input type=\"text\" name=\"Login\" id=\"Login\" class=\"form-control form-control-sm\" placeholder=\"Benutzername\" required autofocus>\n\t\t\t<label for=\"Password\" class=\"sr-only\">Passwort</label>\n\t\t\t<input type=\"password\" name=\"Password\" id=\"Password\" class=\"form-control form-control-sm mt-3\" placeholder=\"Passwort\" required>\n\t\t\t\t\t\t<input type=\"hidden\" name=\"do_login\" value=\"1\">\n\t\t\t<button class=\"btn btn-sm btn-light pl-5 pr-5\" type=\"submit\">Login</button>\n\t\t\t<p class=\"mt-1 mb-1 text-muted\"><a href=\"index.php?forgotten=1\">Passwort vergessen</a></p>\n\t\t\t\t\t</form>\n\t</div>\n<!-- <script src=\"https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js\"></script> -->\n<script src=\"templates/default_v4/js/jquery.min.js\"></script>\n<script src=\"templates/default_v4/js/bootstrap.min.js\"></script>\n<!-- <script src=\"templates/default_v4/js/docs.min.js\"></script> -->\n<!-- IE10-Anzeigefenster-Hack fuer Fehler auf Surface und Desktop-Windows-8 -->\n<script src=\"templates/default_v4/js/ie10-viewport-bug-workaround.js\"></script>\n</body>\n</html>\n",
"body_hashes": [
"sha256:5342508f0c3f2334e46040a6a5b4b16c846fa07ba434dd295c329248d5925f01",
"sha1:8c96f113fe9322866d48556b8dbfbd304f0862b5"
],
"body_hash": "sha1:8c96f113fe9322866d48556b8dbfbd304f0862b5",
"html_title": "webgo Webspace-Admin"
},
"supports_http2": true
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "29d29d38d29d29d00042d42d0000005fd00fabd213a5ac89229012f70afd5c",
"cipher_and_version_fingerprint": "29d29d38d29d29d00042d42d000000",
"tls_extensions_sha256": "5fd00fabd213a5ac89229012f70afd5c",
"observed_at": "2025-01-18T14:14:20.102710333Z"
},
"labels": [
"bootstrap",
"jquery",
"login-page"
],
"observed_at": "2025-01-22T22:31:00.238484185Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 443,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "PHP",
"product": "PHP",
"other": {
"family": "PHP"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "nginx",
"product": "nginx",
"other": {
"family": "nginx"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "199.45.154.147",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "3c8b8ced0f40619280a5ee6f46db78fdb77e7e7e3fd5ca53e8f13de4869e2768",
"fingerprint": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "oAiUZ7x7udIYPj1BxpF4pE377Z6lgPx0LCrMrIIZCVCOugThtLz9HfL5OP/3Auc3AdgvRsNqNNe1vryqCA4wbiXxOPhcy4fAysvlXcjqud/7ApWoZE5uPxQwtBUwmJIQqXWo63VQI4ZI3j3juvlZTbovqVuxgPiRBq/vRG5qLARIRC2YP92fQ+8E2sqMf9NEqUmfUPgJExoUZur8QhzbPcfrsjMCVWlE9IfZw5BsBju4OdHM6gHVfLHhUwy0QW+KA2m++cJFbjAh2eyV4OpYYl+59mamSGPUMAPAOHnoC7zZFnfBuqT2yQNw9HMbFOv1HQESDuLbxmIUKMM7OMs9pw==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "d150ddb154113c3934b2e58b40d9a51e34caaa48e6aa24154cc96c8b45e5b24c"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
},
{
"fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036",
"ja4s": "t130200_1302_a56c5b993250",
"versions": [
{
"tls_version": "TLSv1_3",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036",
"ja4s": "t130200_1302_a56c5b993250"
},
{
"tls_version": "TLSv1_2",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "303951d4c50efb2e991652225a6f02b1",
"ja4s": "t120200_c02f_344b4dce5a52"
}
]
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "smtp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"banner_hashes": [
"sha256:7c04ea0d77354c4686bb3b67e3e6be0b2b12c4f5b0474fad34e25a7f17a973b4"
],
"banner_hex": "32323020736572766572322e776562676f32342e64652045534d545020506f7374666978202844656269616e2f474e55290d0a",
"certificate": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
"extended_service_name": "SMTPS",
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "3fd3fd1ad3fd3fd22c42d42d00000071072875005eb3aede396e09e29e9524",
"cipher_and_version_fingerprint": "3fd3fd1ad3fd3fd22c42d42d000000",
"tls_extensions_sha256": "71072875005eb3aede396e09e29e9524",
"observed_at": "2025-01-14T22:34:16.085061509Z"
},
"labels": [
"email"
],
"observed_at": "2025-01-21T20:53:13.392297733Z",
"pending_removal_since": "2025-01-23T03:00:34.411319551Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 465,
"service_name": "SMTP",
"smtp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"ehlo": "DISPLAY_UTF8"
},
"banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"ehlo": "250-server2.webgo24.de\r\n250-PIPELINING\r\n250-SIZE 1073741824\r\n250-ETRN\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 CHUNKING\r\n"
},
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Postfix",
"product": "Postfix",
"other": {
"family": "Postfix"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.181",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "3c8b8ced0f40619280a5ee6f46db78fdb77e7e7e3fd5ca53e8f13de4869e2768",
"fingerprint": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "oAiUZ7x7udIYPj1BxpF4pE377Z6lgPx0LCrMrIIZCVCOugThtLz9HfL5OP/3Auc3AdgvRsNqNNe1vryqCA4wbiXxOPhcy4fAysvlXcjqud/7ApWoZE5uPxQwtBUwmJIQqXWo63VQI4ZI3j3juvlZTbovqVuxgPiRBq/vRG5qLARIRC2YP92fQ+8E2sqMf9NEqUmfUPgJExoUZur8QhzbPcfrsjMCVWlE9IfZw5BsBju4OdHM6gHVfLHhUwy0QW+KA2m++cJFbjAh2eyV4OpYYl+59mamSGPUMAPAOHnoC7zZFnfBuqT2yQNw9HMbFOv1HQESDuLbxmIUKMM7OMs9pw==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "d150ddb154113c3934b2e58b40d9a51e34caaa48e6aa24154cc96c8b45e5b24c"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
},
{
"fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036",
"ja4s": "t130200_1302_a56c5b993250",
"versions": [
{
"tls_version": "TLSv1_3",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036",
"ja4s": "t130200_1302_a56c5b993250"
},
{
"tls_version": "TLSv1_2",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "d25619cb77d3219fc9fc14cb6b35eacc",
"ja4s": "t120200_cca8_344b4dce5a52"
},
{
"tls_version": "TLSv1_1",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "ce815ab6e37127ab1cb9fe33d3ba250d",
"ja4s": "t110200_c014_344b4dce5a52"
},
{
"tls_version": "TLSv1_0",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "623de93db17d313345d7ea481e7443cf",
"ja4s": "t100200_c014_344b4dce5a52"
}
]
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "smtp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"banner_hashes": [
"sha256:7c04ea0d77354c4686bb3b67e3e6be0b2b12c4f5b0474fad34e25a7f17a973b4"
],
"banner_hex": "32323020736572766572322e776562676f32342e64652045534d545020506f7374666978202844656269616e2f474e55290d0a",
"certificate": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"extended_service_name": "SMTP-STARTTLS",
"labels": [
"email"
],
"observed_at": "2025-01-22T19:06:10.793164023Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 587,
"service_name": "SMTP",
"smtp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"ehlo": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"ehlo": "250-server2.webgo24.de\r\n250-PIPELINING\r\n250-SIZE 1073741824\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 CHUNKING\r\n",
"start_tls": "220 2.0.0 Ready to start TLS\r\n"
},
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Postfix",
"product": "Postfix",
"other": {
"family": "Postfix"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.198",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "3c8b8ced0f40619280a5ee6f46db78fdb77e7e7e3fd5ca53e8f13de4869e2768",
"fingerprint": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "oAiUZ7x7udIYPj1BxpF4pE377Z6lgPx0LCrMrIIZCVCOugThtLz9HfL5OP/3Auc3AdgvRsNqNNe1vryqCA4wbiXxOPhcy4fAysvlXcjqud/7ApWoZE5uPxQwtBUwmJIQqXWo63VQI4ZI3j3juvlZTbovqVuxgPiRBq/vRG5qLARIRC2YP92fQ+8E2sqMf9NEqUmfUPgJExoUZur8QhzbPcfrsjMCVWlE9IfZw5BsBju4OdHM6gHVfLHhUwy0QW+KA2m++cJFbjAh2eyV4OpYYl+59mamSGPUMAPAOHnoC7zZFnfBuqT2yQNw9HMbFOv1HQESDuLbxmIUKMM7OMs9pw==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "d150ddb154113c3934b2e58b40d9a51e34caaa48e6aa24154cc96c8b45e5b24c"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
},
{
"fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036",
"ja4s": "t130200_1302_a56c5b993250"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "imap",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot (Debian) ready.\r\n",
"banner_hashes": [
"sha256:c6da3659113355d5304fa51a7cf8a22204b433dac37072359c696b6c8b3b9f30"
],
"banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c45204c49544552414c2b20415554483d504c41494e5d20446f7665636f74202844656269616e292072656164792e0d0a",
"certificate": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"extended_service_name": "IMAPS",
"imap": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot (Debian) ready.\r\n"
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "07d3fd12d21d21d07c42d43d0000008435c4f14f7a2c9375dab1adaee145f3",
"cipher_and_version_fingerprint": "07d3fd12d21d21d07c42d43d000000",
"tls_extensions_sha256": "8435c4f14f7a2c9375dab1adaee145f3",
"observed_at": "2025-01-13T21:16:35.374223782Z"
},
"labels": [
"email"
],
"observed_at": "2025-01-22T18:32:04.619333917Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 993,
"service_name": "IMAP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Dovecot",
"product": "Dovecot",
"other": {
"family": "Dovecot"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "206.168.34.80",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "3c8b8ced0f40619280a5ee6f46db78fdb77e7e7e3fd5ca53e8f13de4869e2768",
"fingerprint": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "oAiUZ7x7udIYPj1BxpF4pE377Z6lgPx0LCrMrIIZCVCOugThtLz9HfL5OP/3Auc3AdgvRsNqNNe1vryqCA4wbiXxOPhcy4fAysvlXcjqud/7ApWoZE5uPxQwtBUwmJIQqXWo63VQI4ZI3j3juvlZTbovqVuxgPiRBq/vRG5qLARIRC2YP92fQ+8E2sqMf9NEqUmfUPgJExoUZur8QhzbPcfrsjMCVWlE9IfZw5BsBju4OdHM6gHVfLHhUwy0QW+KA2m++cJFbjAh2eyV4OpYYl+59mamSGPUMAPAOHnoC7zZFnfBuqT2yQNw9HMbFOv1HQESDuLbxmIUKMM7OMs9pw==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "d150ddb154113c3934b2e58b40d9a51e34caaa48e6aa24154cc96c8b45e5b24c"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
},
{
"fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891",
"ja4s": "t130200_1303_a56c5b993250",
"versions": [
{
"tls_version": "TLSv1_3",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891",
"ja4s": "t130200_1303_a56c5b993250"
},
{
"tls_version": "TLSv1_2",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "d25619cb77d3219fc9fc14cb6b35eacc",
"ja4s": "t120200_cca8_344b4dce5a52"
},
{
"tls_version": "TLSv1_1",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "b8d8f22562475aebf44ad54175c1d9c7",
"ja4s": "t110200_c013_344b4dce5a52"
},
{
"tls_version": "TLSv1_0",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "184d532a16876b78846ae6a03f654890",
"ja4s": "t100200_c013_344b4dce5a52"
}
]
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "pop3",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "+OK Dovecot (Debian) ready.\r\n",
"banner_hashes": [
"sha256:d23f942eab9de1c939a3dcab0aefadf6c86ebc2b99ba56b2b364c14c7c2b8dad"
],
"banner_hex": "2b4f4b20446f7665636f74202844656269616e292072656164792e0d0a",
"certificate": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"discovery_method": "IPV4_WALK_FULL_PRIORITY_1",
"extended_service_name": "POP3S",
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "07d3fd12d21d21d07c42d43d0000008435c4f14f7a2c9375dab1adaee145f3",
"cipher_and_version_fingerprint": "07d3fd12d21d21d07c42d43d000000",
"tls_extensions_sha256": "8435c4f14f7a2c9375dab1adaee145f3",
"observed_at": "2025-01-17T09:47:54.962584250Z"
},
"labels": [
"email"
],
"observed_at": "2025-01-23T05:55:51.154493019Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"pop3": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "+OK Dovecot (Debian) ready.\r\n"
},
"port": 995,
"service_name": "POP3",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Dovecot",
"product": "Dovecot",
"other": {
"family": "Dovecot"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.200",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 2048,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "3c8b8ced0f40619280a5ee6f46db78fdb77e7e7e3fd5ca53e8f13de4869e2768",
"fingerprint": "f2f2ebbe9deaee51d4f267cbc0f0a6c124cd50ba52b5a1e962a32aeb3818f606",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "oAiUZ7x7udIYPj1BxpF4pE377Z6lgPx0LCrMrIIZCVCOugThtLz9HfL5OP/3Auc3AdgvRsNqNNe1vryqCA4wbiXxOPhcy4fAysvlXcjqud/7ApWoZE5uPxQwtBUwmJIQqXWo63VQI4ZI3j3juvlZTbovqVuxgPiRBq/vRG5qLARIRC2YP92fQ+8E2sqMf9NEqUmfUPgJExoUZur8QhzbPcfrsjMCVWlE9IfZw5BsBju4OdHM6gHVfLHhUwy0QW+KA2m++cJFbjAh2eyV4OpYYl+59mamSGPUMAPAOHnoC7zZFnfBuqT2yQNw9HMbFOv1HQESDuLbxmIUKMM7OMs9pw==",
"exponent": "AAEAAQ==",
"length": 256
},
"fingerprint": "d150ddb154113c3934b2e58b40d9a51e34caaa48e6aa24154cc96c8b45e5b24c"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
},
{
"fingerprint": "d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891",
"ja4s": "t130200_1303_a56c5b993250"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 403 Forbidden\r\nDate: <REDACTED>\r\nContent-Length: 0\r\n",
"banner_hashes": [
"sha256:c28f407c23f6962ebd6ec1a15d17b91652ca7de591a2ccdfee40565c6400621d"
],
"banner_hex": "485454502f312e312034303320466f7262696464656e0d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d4c656e6774683a20300d0a",
"discovery_method": "PREDICTIVE_METHOD_30",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://185.30.32.2:999/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 403,
"status_reason": "Forbidden",
"headers": {
"Date": [
"<REDACTED>"
],
"_encoding": {
"Date": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8"
},
"Content_Length": [
"0"
]
},
"body_size": 0
},
"supports_http2": false
},
"observed_at": "2025-01-23T01:37:54.426332897Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 999,
"service_name": "HTTP",
"source_ip": "162.142.125.47",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "mysql",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "5.5.5-10.11.4-MariaDB-1:10.11.4+maria~deb11-log",
"banner_hashes": [
"sha256:42d3a0194dcea536a857e11269daa38506c04178b65e2481672d277061c0649f"
],
"banner_hex": "352e352e352d31302e31312e342d4d6172696144422d313a31302e31312e342b6d617269617e64656231312d6c6f67",
"extended_service_name": "MYSQL",
"labels": [
"database"
],
"mysql": {
"protocol_version": 10,
"server_version": "5.5.5-10.11.4-MariaDB-1:10.11.4+maria~deb11-log",
"connection_id": 12415041,
"_encoding": {
"auth_plugin_data": "DISPLAY_HEX"
},
"auth_plugin_data": "4a70762345743859394e5e6d2b2c3a7d2b595f5300",
"character_set": 45,
"status_flags": {
"SERVER_STATUS_AUTOCOMMIT": true
},
"capability_flags": {
"CLIENT_RESERVED": true,
"CLIENT_MULTI_STATEMENTS": true,
"CLIENT_PROTOCOL_41": true,
"CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS": true,
"CLIENT_CONNECT_WITH_DB": true,
"CLIENT_SECURE_CONNECTION": true,
"CLIENT_ODBC": true,
"CLIENT_LOCAL_FILES": true,
"CLIENT_IGNORE_SPACE": true,
"CLIENT_PLUGIN_AUTH_LEN_ENC_CLIENT_DATA": true,
"CLIENT_IGNORE_SIGPIPE": true,
"CLIENT_DEPRECATED_EOF": true,
"CLIENT_FOUND_ROWS": true,
"CLIENT_SESSION_TRACK": true,
"CLIENT_INTERACTIVE": true,
"CLIENT_PLUGIN_AUTH": true,
"CLIENT_MULTI_RESULTS": true,
"CLIENT_CONNECT_ATTRS": true,
"CLIENT_LONG_FLAG": true,
"CLIENT_TRANSACTIONS": true,
"CLIENT_COMPRESS": true,
"CLIENT_PS_MULTI_RESULTS": true,
"CLIENT_NO_SCHEMA": true
},
"auth_plugin_name": "mysql_native_password",
"error_code": 0
},
"observed_at": "2025-01-23T01:31:01.541280141Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 3306,
"service_name": "MYSQL",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:9.1:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"version": "9.1",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:mariadb:mariadb:10.11.4:*:*:*:*:*:*:*",
"part": "a",
"vendor": "MariaDB",
"product": "MariaDB",
"version": "10.11.4",
"other": {
"family": "MySQL"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "199.45.155.73",
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "\"IMPLEMENTATION\" \"Dovecot (Debian) Pigeonhole\"\r\n\"SIEVE\" \"fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body",
"banner_hashes": [
"sha256:2bab95704a42f08d471c62f1df2030ff7b9d52b7a018f4626d0ac4e63f14098a"
],
"banner_hex": "22494d504c454d454e544154494f4e222022446f7665636f74202844656269616e2920506967656f6e686f6c65220d0a22534945564522202266696c65696e746f2072656a65637420656e76656c6f706520656e636f6465642d636861726163746572207661636174696f6e207375626164647265737320636f6d70617261746f722d693b61736369692d6e756d657269632072656c6174696f6e616c20726567657820696d617034666c61677320636f707920696e636c756465207661726961626c657320626f6479",
"extended_service_name": "PIGEONHOLE",
"labels": [
"email"
],
"observed_at": "2025-01-23T02:24:10.328853595Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 4190,
"service_name": "PIGEONHOLE",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
}
],
"source_ip": "167.94.146.58",
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 401 Unauthorized\r\nServer: Icinga/r2.14.3-1\r\nWWW-Authenticate: Basic realm=\"Icinga 2\"\r\nConnection: close\r\nContent-Type: text/html\r\nContent-Length: 58\r\n",
"banner_hashes": [
"sha256:51c6fd6f55d3d127a61a0ce6eb3f268e35ae4526c346cf8dd595f2714136681d"
],
"banner_hex": "485454502f312e312034303120556e617574686f72697a65640d0a5365727665723a204963696e67612f72322e31342e332d310d0a5757572d41757468656e7469636174653a204261736963207265616c6d3d224963696e67612032220d0a436f6e6e656374696f6e3a20636c6f73650d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a2035380d0a",
"certificate": "f702e811446a4c5c330c8db97eff714738f90feb6b15e9b9c83c12e4aff42b24",
"extended_service_name": "HTTPS",
"http": {
"request": {
"method": "GET",
"uri": "https://185.30.32.2:5665/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 401,
"status_reason": "Unauthorized",
"headers": {
"WWW_Authenticate": [
"Basic realm=\"Icinga 2\""
],
"_encoding": {
"WWW_Authenticate": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8"
},
"Server": [
"Icinga/r2.14.3-1"
],
"Content_Length": [
"58"
],
"Content_Type": [
"text/html"
],
"Connection": [
"close"
]
},
"body_size": 58,
"_encoding": {
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8"
},
"body": "<h1>Unauthorized. Please check your user credentials.</h1>",
"body_hashes": [
"sha256:96e9cf9119d9b1a4488e42969dd86cca39f90986c100149e0e10e367262e7781",
"sha1:0781b2ef0edae3f86ab5f8ef7aaa4e8dae54208a"
],
"body_hash": "sha1:0781b2ef0edae3f86ab5f8ef7aaa4e8dae54208a"
},
"supports_http2": false
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "2ad2ad16d2ad2ad00042d42d0000000b7957bea5dccaf2976e02aac6e2963a",
"cipher_and_version_fingerprint": "2ad2ad16d2ad2ad00042d42d000000",
"tls_extensions_sha256": "0b7957bea5dccaf2976e02aac6e2963a",
"observed_at": "2025-01-13T02:55:20.155823342Z"
},
"observed_at": "2025-01-23T02:15:15.585812692Z",
"perspective_id": "PERSPECTIVE_UNKNOWN",
"port": 5665,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
}
],
"source_ip": "167.94.146.58",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "f702e811446a4c5c330c8db97eff714738f90feb6b15e9b9c83c12e4aff42b24",
"chain_fps_sha_256": [
"e7892aa47949cb3b328caab424c8fd58869b1bb8f2b12b0ea5052b3c901e809d"
],
"leaf_data": {
"names": [
"server2.webgo24.de"
],
"subject_dn": "CN=server2.webgo24.de",
"issuer_dn": "CN=Icinga CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "e1bd1c25a5e265f00c6c69bb36070bf9d8c499e2e37811ca03a1c3f7d371dd23",
"fingerprint": "f702e811446a4c5c330c8db97eff714738f90feb6b15e9b9c83c12e4aff42b24",
"issuer": {
"common_name": [
"Icinga CA"
]
},
"subject": {
"common_name": [
"server2.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "yQaj6DaL8Gi+eiojL2EGdbrmz66IGbxdukd1Mp3U0KAgORQwXHaNy51M72647w8WfakHAPr62BXcEaYMeHRwJudElX6QmjQ/4wy5tfxWoRSKz/LGTzQJtmGJ2XKS0BjSYujzcI+IXgO7/y3ZQz6VoUXT2NXDxDyGq8RHQNr5rD3yIH8qU1WySgpyv6fmIzIG9DIQ7cpJ2mapc3PU1KIeYzilsgqmRs1G5OTHbVa1pUbB7+vzp2PVxdYDdzHh5TpA79EI1gubfNLxyrrCQvW6rMWYWilmZtQmtL+mX99OBoodx7pBj51zrXupg3K+e49C0tMJoFJgSuq3ovTXyLhuVOBpufT/IZrMkf4+QBnLe3wPjKo4pMn0OdKI8yHXOf1nyGmeD6jCmn/s5m0XIKvne+Wys/pWr23g9fe7WlGidvk8xCNLhzQ8MAtiNFWgWbMxqJ8nlZsK0fEHbkczWk/MKvaPKuryAdhbkYo4sRRolZmPBqptCsYx1alDlmjzk4LjexHVur5CPmYimRm2UybWPvPvUwhf+DFMPXUqrzr9GIsaPrPIduqmnPMQE/10/IALE3VsZqzRCSa2e1NiC6NXu4pWv9ZQlPBqEE+LPrQ1Lge0i+fYTf0VGKnTke/styhi7PFa2kNFHn36zUPCn1qofCwpmOl3gH3dHh+L+yNZdV0=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "743acea5429c319ee8a009d45bf7e4ca6bd9879a41d201362e332b9e230459d1"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "e7892aa47949cb3b328caab424c8fd58869b1bb8f2b12b0ea5052b3c901e809d",
"subject_dn": "CN=Icinga CA",
"issuer_dn": "CN=Icinga CA"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036",
"ja4s": "t130200_1302_a56c5b993250",
"versions": [
{
"tls_version": "TLSv1_3",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036",
"ja4s": "t130200_1302_a56c5b993250"
},
{
"tls_version": "TLSv1_2",
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "0debd3853f330c574b05e0b6d882dc27",
"ja4s": "t120200_c030_344b4dce5a52"
}
]
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
}
],
"location": {
"continent": "Europe",
"country": "Germany",
"country_code": "DE",
"city": "Hamburg",
"postal_code": "20038",
"timezone": "Europe/Berlin",
"province": "Hamburg",
"coordinates": {
"latitude": 53.55073,
"longitude": 9.99302
}
},
"location_updated_at": "2025-01-16T00:18:17.455556446Z",
"autonomous_system": {
"asn": 48324,
"description": "DE-WEBGO www.webgo.de",
"bgp_prefix": "185.30.32.0/22",
"name": "DE-WEBGO www.webgo.de",
"country_code": "DE"
},
"autonomous_system_updated_at": "2025-01-15T10:32:40.718761377Z",
"whois": {
"network": {
"handle": "WEBGO-RZ-HAM1",
"name": "webgo GmbH",
"cidrs": [
"185.30.32.0/23"
],
"created": "2018-09-26T00:00:00Z",
"updated": "2018-09-26T00:00:00Z"
},
"organization": {
"handle": "ORG-WE2-RIPE",
"name": "webgo GmbH",
"address": "Heidenkampsweg 81\\n20097\\nHamburg\\nGERMANY",
"abuse_contacts": [
{
"handle": "WRC4-RIPE",
"name": "webgo Ripe Coordination",
"email": "[email protected]"
}
],
"admin_contacts": [
{
"handle": "SA8363-RIPE",
"name": "Sebastian Angermeyer",
"email": "[email protected]"
}
]
}
},
"operating_system": {
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
}
},
"dns": {
"names": [
"www.tanjabauer-uebersetzt.de",
"www.euro-top-one.de",
"malerbetriebmueller.de",
"www.bader.support",
"www.frauenhofpalais.de",
"jb-it.support",
"server2.webgo24.de",
"wiebkechristinlebus.com",
"bvbs-homann.de",
"pop.swue-netz.de",
"john-bader.de",
"mail1.tanjabauer-uebersetzt.de",
"mail2.tanjabauer-uebersetzt.de",
"pop.bader.systems",
"www.pflegequalitaet-schulz.de",
"www.lutz-arnold.eu",
"pop.delphin-potential.de",
"smtp.bader.systems",
"elli-john.de",
"www.horst-abel.de",
"pop.synoptikfibel.de",
"mail1.swueb.de",
"christineputz.de",
"smtp.bader.support",
"www.adelheidhenke.de",
"mail2.swueb.de",
"www.bbs-rutke.de",
"www.swueb.de",
"www.elli-john.de",
"tanjabauer-uebersetzt.de",
"pop.hug-sz.de",
"nsgos.fh28.de",
"md-maler.de",
"www.wille-schenk.de",
"mail1.divh.de",
"swue-netz.de",
"mail1.elli-john.de",
"klostertrophy.de",
"delphin-potential.de",
"synoptikfibel.de",
"it-support.john-bader.de",
"smtp.elli-bader.de",
"www.matthias-fischbach.de",
"brauer-tischlerei.de",
"www.idt21.de",
"smtp.delphin-potential.de",
"hug-sz.de",
"www.jamo-events.de",
"smtp.frauenhofpalais.de",
"www.minihold.de",
"www.verein-effeltrich.de",
"pop.minihold.de",
"www.concaer.de",
"mail1.jb-it.support",
"www.schornsteinfeger-ordowski.de",
"www.kaiser-schornsteinfeger.de",
"euro-top-one.com",
"adelheidhenke.de",
"www.swue-netz.de",
"www.brauer-tischlerei.de",
"matthias-fischbach.de",
"mit-kidz.de",
"kosmetikpraxis-erkrath.de",
"www.energieberater-ordowski.de",
"www.elli-bader.de",
"livesol.de",
"www.aua-autoservice.de",
"www.synoptikfibel.de",
"minihold.de",
"www.hug-sz.de",
"mail2.jb-it.support",
"www.mit-kidz.de",
"pop.elli-bader.de",
"euro-top-one.de",
"www.euro-top-one.com",
"smtp.synoptikfibel.de",
"concaer.de",
"mail2.john-bader.de",
"www.idt21.com",
"idt21.de",
"pop.frauenhofpalais.de",
"bader.systems",
"pflegequalitaet-schulz.de",
"mail1.john-bader.de",
"www.md-maler.de",
"energieberater-ordowski.de",
"elli-bader.de",
"www.livesol.de",
"www.malerbetriebmueller.de",
"mail2.divh.de",
"idt21.com",
"horst-abel.de",
"kaiser-schornsteinfeger.de",
"jm-medpro.de",
"ruetten-stb.de",
"pop.bader.support",
"smtp.hug-sz.de",
"swueb.de",
"smtp.minihold.de",
"aua-autoservice.de"
],
"records": {
"idt21.de": {
"record_type": "A",
"resolved_at": "2024-12-27T20:16:23.025211422Z"
},
"jm-medpro.de": {
"record_type": "A",
"resolved_at": "2025-01-16T20:24:31.596224904Z"
},
"pop.bader.systems": {
"record_type": "A",
"resolved_at": "2025-01-10T03:30:34.572493446Z"
},
"mail2.john-bader.de": {
"record_type": "A",
"resolved_at": "2024-12-26T22:17:29.367572498Z"
},
"pop.frauenhofpalais.de": {
"record_type": "A",
"resolved_at": "2024-12-26T22:15:51.990962690Z"
},
"www.bbs-rutke.de": {
"record_type": "A",
"resolved_at": "2025-01-22T20:44:52.566058838Z"
},
"horst-abel.de": {
"record_type": "A",
"resolved_at": "2025-01-21T19:40:40.604148840Z"
},
"pop.minihold.de": {
"record_type": "A",
"resolved_at": "2025-01-18T19:29:13.133225328Z"
},
"md-maler.de": {
"record_type": "A",
"resolved_at": "2025-01-18T19:29:17.873982229Z"
},
"wiebkechristinlebus.com": {
"record_type": "A",
"resolved_at": "2024-12-30T19:28:08.007509572Z"
},
"www.elli-bader.de": {
"record_type": "A",
"resolved_at": "2025-01-10T19:35:33.941830732Z"
},
"www.adelheidhenke.de": {
"record_type": "A",
"resolved_at": "2024-12-29T20:56:10.010515947Z"
},
"www.tanjabauer-uebersetzt.de": {
"record_type": "A",
"resolved_at": "2025-01-19T21:04:07.505912290Z"
},
"smtp.hug-sz.de": {
"record_type": "A",
"resolved_at": "2025-01-17T21:05:42.266806549Z"
},
"mail2.jb-it.support": {
"record_type": "A",
"resolved_at": "2025-01-20T03:07:23.493499536Z"
},
"www.frauenhofpalais.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:07:04.394242487Z"
},
"malerbetriebmueller.de": {
"record_type": "A",
"resolved_at": "2025-01-14T21:07:29.583592441Z"
},
"www.idt21.com": {
"record_type": "A",
"resolved_at": "2025-01-06T18:00:24.083791277Z"
},
"smtp.minihold.de": {
"record_type": "A",
"resolved_at": "2025-01-16T20:27:21.734088758Z"
},
"synoptikfibel.de": {
"record_type": "A",
"resolved_at": "2025-01-13T20:27:24.883562092Z"
},
"hug-sz.de": {
"record_type": "A",
"resolved_at": "2025-01-22T20:49:01.721740264Z"
},
"pop.elli-bader.de": {
"record_type": "A",
"resolved_at": "2025-01-03T18:51:28.969023818Z"
},
"jb-it.support": {
"record_type": "A",
"resolved_at": "2025-01-06T00:22:35.913544476Z"
},
"www.concaer.de": {
"record_type": "A",
"resolved_at": "2025-01-17T21:01:56.667064177Z"
},
"smtp.elli-bader.de": {
"record_type": "A",
"resolved_at": "2025-01-10T19:35:33.421646326Z"
},
"www.minihold.de": {
"record_type": "A",
"resolved_at": "2025-01-05T19:00:05.665276030Z"
},
"bvbs-homann.de": {
"record_type": "A",
"resolved_at": "2025-01-17T21:01:14.374429995Z"
},
"www.horst-abel.de": {
"record_type": "A",
"resolved_at": "2025-01-10T19:37:27.791480512Z"
},
"bader.systems": {
"record_type": "A",
"resolved_at": "2025-01-05T04:22:49.130545909Z"
},
"www.euro-top-one.de": {
"record_type": "A",
"resolved_at": "2025-01-15T19:40:18.107548895Z"
},
"mail2.swueb.de": {
"record_type": "A",
"resolved_at": "2024-12-25T19:40:24.446334941Z"
},
"server2.webgo24.de": {
"record_type": "A",
"resolved_at": "2025-01-12T19:40:06.370540073Z"
},
"www.mit-kidz.de": {
"record_type": "A",
"resolved_at": "2025-01-18T19:29:27.440018442Z"
},
"www.swue-netz.de": {
"record_type": "A",
"resolved_at": "2025-01-19T20:59:20.972671217Z"
},
"www.md-maler.de": {
"record_type": "A",
"resolved_at": "2025-01-05T19:00:33.477399198Z"
},
"smtp.frauenhofpalais.de": {
"record_type": "A",
"resolved_at": "2025-01-08T18:19:10.822552713Z"
},
"www.jamo-events.de": {
"record_type": "A",
"resolved_at": "2025-01-22T20:51:13.522740184Z"
},
"swueb.de": {
"record_type": "A",
"resolved_at": "2025-01-16T20:31:40.404541811Z"
},
"idt21.com": {
"record_type": "A",
"resolved_at": "2025-01-10T17:00:00.430296474Z"
},
"euro-top-one.com": {
"record_type": "A",
"resolved_at": "2025-01-21T16:33:31.921387616Z"
},
"www.elli-john.de": {
"record_type": "A",
"resolved_at": "2025-01-21T19:39:12.972965123Z"
},
"pop.swue-netz.de": {
"record_type": "A",
"resolved_at": "2024-12-30T19:52:32.660703563Z"
},
"elli-bader.de": {
"record_type": "A",
"resolved_at": "2025-01-06T21:05:59.334965177Z"
},
"it-support.john-bader.de": {
"record_type": "A",
"resolved_at": "2025-01-15T19:42:28.503039473Z"
},
"smtp.delphin-potential.de": {
"record_type": "A",
"resolved_at": "2025-01-02T21:28:13.683658712Z"
},
"www.schornsteinfeger-ordowski.de": {
"record_type": "A",
"resolved_at": "2025-01-18T19:31:07.640389116Z"
},
"www.wille-schenk.de": {
"record_type": "A",
"resolved_at": "2025-01-07T21:27:05.138574078Z"
},
"www.verein-effeltrich.de": {
"record_type": "A",
"resolved_at": "2025-01-17T21:17:17.047855247Z"
},
"pop.synoptikfibel.de": {
"record_type": "A",
"resolved_at": "2024-12-31T20:51:38.928156967Z"
},
"smtp.bader.systems": {
"record_type": "A",
"resolved_at": "2025-01-17T02:57:06.264747590Z"
},
"www.pflegequalitaet-schulz.de": {
"record_type": "A",
"resolved_at": "2025-01-15T19:47:03.556258068Z"
},
"minihold.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:11:13.741043490Z"
},
"www.matthias-fischbach.de": {
"record_type": "A",
"resolved_at": "2025-01-10T19:39:07.664047310Z"
},
"mail1.elli-john.de": {
"record_type": "A",
"resolved_at": "2025-01-08T18:28:33.921034201Z"
},
"mit-kidz.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:10:31.902119454Z"
},
"mail1.swueb.de": {
"record_type": "A",
"resolved_at": "2025-01-21T19:45:26.505910247Z"
},
"adelheidhenke.de": {
"record_type": "A",
"resolved_at": "2025-01-09T21:03:33.696809536Z"
},
"kaiser-schornsteinfeger.de": {
"record_type": "A",
"resolved_at": "2025-01-18T19:28:33.912905778Z"
},
"pop.delphin-potential.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:05:28.152116883Z"
},
"mail1.divh.de": {
"record_type": "A",
"resolved_at": "2025-01-15T19:39:50.801155672Z"
},
"www.euro-top-one.com": {
"record_type": "A",
"resolved_at": "2025-01-09T17:18:03.183599537Z"
},
"www.brauer-tischlerei.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:06:23.984465611Z"
},
"mail2.tanjabauer-uebersetzt.de": {
"record_type": "A",
"resolved_at": "2025-01-18T19:35:44.169997294Z"
},
"aua-autoservice.de": {
"record_type": "A",
"resolved_at": "2025-01-08T17:57:57.435681652Z"
},
"matthias-fischbach.de": {
"record_type": "A",
"resolved_at": "2025-01-18T19:29:53.242236895Z"
},
"swue-netz.de": {
"record_type": "A",
"resolved_at": "2025-01-11T20:55:01.723579120Z"
},
"mail1.john-bader.de": {
"record_type": "A",
"resolved_at": "2025-01-19T20:54:04.150887299Z"
},
"klostertrophy.de": {
"record_type": "A",
"resolved_at": "2025-01-16T20:25:55.499642446Z"
},
"www.idt21.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:08:16.502005005Z"
},
"brauer-tischlerei.de": {
"record_type": "A",
"resolved_at": "2025-01-10T19:33:29.912290828Z"
},
"smtp.synoptikfibel.de": {
"record_type": "A",
"resolved_at": "2025-01-22T20:55:02.044211955Z"
},
"www.bader.support": {
"record_type": "A",
"resolved_at": "2025-01-10T03:29:54.877491943Z"
},
"www.synoptikfibel.de": {
"record_type": "A",
"resolved_at": "2025-01-19T21:02:57.841368085Z"
},
"energieberater-ordowski.de": {
"record_type": "A",
"resolved_at": "2024-12-25T19:32:29.102868191Z"
},
"pop.hug-sz.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:08:41.874390203Z"
},
"mail1.jb-it.support": {
"record_type": "A",
"resolved_at": "2025-01-23T02:59:01.857438517Z"
},
"www.aua-autoservice.de": {
"record_type": "A",
"resolved_at": "2025-01-17T20:59:30.653418863Z"
},
"christineputz.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:04:49.168559429Z"
},
"mail1.tanjabauer-uebersetzt.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:17:14.846899184Z"
},
"www.kaiser-schornsteinfeger.de": {
"record_type": "A",
"resolved_at": "2025-01-21T19:42:32.016552943Z"
},
"www.hug-sz.de": {
"record_type": "A",
"resolved_at": "2025-01-09T21:07:19.770952445Z"
},
"concaer.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:05:43.380694511Z"
},
"pop.bader.support": {
"record_type": "A",
"resolved_at": "2025-01-20T03:06:37.623778803Z"
},
"ruetten-stb.de": {
"record_type": "A",
"resolved_at": "2025-01-19T21:00:57.642281818Z"
},
"www.livesol.de": {
"record_type": "A",
"resolved_at": "2025-01-06T21:10:48.321299107Z"
},
"www.lutz-arnold.eu": {
"record_type": "A",
"resolved_at": "2025-01-14T22:12:31.115254800Z"
},
"elli-john.de": {
"record_type": "A",
"resolved_at": "2025-01-15T19:40:06.499407436Z"
},
"www.swueb.de": {
"record_type": "A",
"resolved_at": "2025-01-11T20:55:02.502915173Z"
},
"delphin-potential.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:05:27.523218646Z"
},
"livesol.de": {
"record_type": "A",
"resolved_at": "2025-01-04T21:42:12.268779382Z"
},
"smtp.bader.support": {
"record_type": "A",
"resolved_at": "2025-01-14T02:36:07.781522608Z"
},
"tanjabauer-uebersetzt.de": {
"record_type": "A",
"resolved_at": "2025-01-20T21:17:14.128993957Z"
},
"www.malerbetriebmueller.de": {
"record_type": "A",
"resolved_at": "2025-01-19T20:58:34.693117318Z"
},
"mail2.divh.de": {
"record_type": "A",
"resolved_at": "2025-01-07T21:08:50.846092576Z"
},
"pflegequalitaet-schulz.de": {
"record_type": "A",
"resolved_at": "2025-01-14T21:08:46.424441179Z"
},
"nsgos.fh28.de": {
"record_type": "A",
"resolved_at": "2025-01-10T19:36:01.052543057Z"
},
"www.energieberater-ordowski.de": {
"record_type": "A",
"resolved_at": "2025-01-22T20:47:35.766330260Z"
},
"kosmetikpraxis-erkrath.de": {
"record_type": "A",
"resolved_at": "2025-01-21T19:42:40.753561400Z"
},
"euro-top-one.de": {
"record_type": "A",
"resolved_at": "2025-01-17T21:03:11.568400894Z"
},
"john-bader.de": {
"record_type": "A",
"resolved_at": "2025-01-17T21:06:08.467914692Z"
}
},
"reverse_dns": {
"names": [
"server2.webgo24.de"
],
"resolved_at": "2025-01-23T05:46:07.324822591Z"
}
},
"last_updated_at": "2025-01-23T05:56:08.721Z",
"labels": [
"bootstrap",
"database",
"email",
"file-sharing",
"jquery",
"login-page",
"remote-access"
]
}