185.30.32.2
As of: Feb 01, 2023 5:50pm UTC |
Latest
{
"ip": "185.30.32.2",
"services": [
{
"_decoded": "ftp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 webgo STRINGTOREPLACE FTP Server ready.\r\n",
"banner_hashes": [
"sha256:9e74df2f57fee49f33cf8475c57c83ac26a52116530b334f7053af6982949cbb"
],
"banner_hex": "32323020776562676f20535452494e47544f5245504c41434520465450205365727665722072656164792e0d0a",
"certificate": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"extended_service_name": "FTPes",
"ftp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"auth_tls_response": "DISPLAY_UTF8"
},
"banner": "220 webgo STRINGTOREPLACE FTP Server ready.\r\n",
"auth_tls_response": "234 AUTH TLS successful\r\n",
"status_code": 220,
"status_meaning": "Service ready for new user.",
"implicit_tls": false
},
"observed_at": "2023-01-30T19:10:24.338558420Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 21,
"service_name": "FTP",
"source_ip": "167.94.138.117",
"tls": {
"version_selected": "TLSv1_2",
"cipher_selected": "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "5d917c2ba7eac2d877ce519d58d5ed4a29fca2141b81d403fa259f7c2b38e50a",
"fingerprint": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"server_key_exchange": {
"ec_params": {
"named_curve": 29
}
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "d25619cb77d3219fc9fc14cb6b35eacc"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "ssh",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1",
"banner_hashes": [
"sha256:7f884f317e207e1df4b58ed0db420fff8b24166704f8df7637cb70c7af407daa"
],
"banner_hex": "5353482d322e302d4f70656e5353485f382e3470312044656269616e2d352b64656231317531",
"extended_service_name": "SSH",
"observed_at": "2023-02-01T08:09:24.218441446Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 22,
"service_name": "SSH",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
}
],
"source_ip": "167.248.133.63",
"ssh": {
"endpoint_id": {
"_encoding": {
"raw": "DISPLAY_UTF8"
},
"raw": "SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1",
"protocol_version": "2.0",
"software_version": "OpenSSH_8.4p1",
"comment": "Debian-5+deb11u1"
},
"kex_init_message": {
"kex_algorithms": [
"curve25519-sha256",
"[email protected]",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group16-sha512",
"diffie-hellman-group18-sha512",
"diffie-hellman-group14-sha256"
],
"host_key_algorithms": [
"rsa-sha2-512",
"rsa-sha2-256",
"ssh-rsa"
],
"client_to_server_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]"
],
"server_to_client_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"client_to_server_compression": [
"none",
"[email protected]"
],
"server_to_client_compression": [
"none",
"[email protected]"
],
"first_kex_follows": false
},
"algorithm_selection": {
"kex_algorithm": "[email protected]",
"host_key_algorithm": "ssh-rsa",
"client_to_server_alg_group": {
"cipher": "aes128-ctr",
"mac": "hmac-sha2-256",
"compression": "none"
},
"server_to_client_alg_group": {
"cipher": "aes128-ctr",
"mac": "hmac-sha2-256",
"compression": "none"
}
},
"server_host_key": {
"fingerprint_sha256": "69b6f0e46ac5e9cb7c1f9c49bb1dc702ee61b0face503d38557ea50bfcb42855",
"rsa_public_key": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "vCEbtK7VUlN0H6u2C6aCiEjqgoV9ITsAvLw0020uGSrsfUs9E4SY64a2Ph86QkTqrmFwJ67cJh8Fp5YJkgf2bLBfSrPmqLU5d048lXLp4RGxoY2VDjnBA6nLn9NjCP9lCX/IFWbbRuK6obUQlNi+SMXyjs+VWfX+urEbr56YnIY3dM/KeTtB4crswaAVL/vcmd5cE7tgE4EGPQv1pAcGTj6qMV+U/j+1D2jzahlqFIOww3mbiZ78OmagnIdmrFE1dC+puqDQgcyF59Ix2yZB+KVEKVpe47nOcre8Hhnvtq4rw9iocfI3sCyNZh5rTPhcRAYy9iU6ZCB6AswNkuVaUw==",
"exponent": "AAEAAQ==",
"length": 2048
}
},
"hassh_fingerprint": "3ccd1778a76049721c71ad7d2bf62bbc"
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "smtp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220-webgo MAILSERVER - checking mail...\r\n220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"banner_hashes": [
"sha256:e0774d25eea42114d591d6f4243e210273622cc9a15870552af5bf46b3d99c65"
],
"banner_hex": "3232302d776562676f204d41494c534552564552202d20636865636b696e67206d61696c2e2e2e0d0a32323020736572766572322e776562676f32342e64652045534d545020506f7374666978202844656269616e2f474e55290d0a",
"certificate": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"extended_service_name": "SMTP-STARTTLS",
"observed_at": "2023-01-31T05:42:25.612070695Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 25,
"service_name": "SMTP",
"smtp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"ehlo": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "220-webgo MAILSERVER - checking mail...\r\n220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"ehlo": "250-server2.webgo24.de\r\n250-SIZE 1073741824\r\n250-ETRN\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 CHUNKING\r\n",
"start_tls": "220 2.0.0 Ready to start TLS\r\n"
},
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
}
],
"source_ip": "167.94.138.44",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "5d917c2ba7eac2d877ce519d58d5ed4a29fca2141b81d403fa259f7c2b38e50a",
"fingerprint": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036"
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: <REDACTED>\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: keep-alive\r\nLocation: http://server2.webgo24.de\r\n",
"banner_hashes": [
"sha256:5f54c8b121e00b89ae22abfa2dec560e4fbad4f9f4fd3492d527596956a0de18"
],
"banner_hex": "485454502f312e3120333031204d6f766564205065726d616e656e746c790d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a203136320d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a4c6f636174696f6e3a20687474703a2f2f736572766572322e776562676f32342e64650d0a",
"extended_service_name": "HTTP",
"http": {
"request": {
"method": "GET",
"uri": "http://185.30.32.2/",
"headers": {
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
],
"_encoding": {
"User_Agent": "DISPLAY_UTF8",
"Accept": "DISPLAY_UTF8"
},
"Accept": [
"*/*"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 301,
"status_reason": "Moved Permanently",
"headers": {
"Server": [
"nginx"
],
"_encoding": {
"Server": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Location": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8"
},
"Connection": [
"keep-alive"
],
"Content_Length": [
"162"
],
"Location": [
"http://server2.webgo24.de"
],
"Content_Type": [
"text/html"
],
"Date": [
"<REDACTED>"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>301 Moved Permanently</title>"
],
"body_size": 162,
"body": "<html>\r\n<head><title>301 Moved Permanently</title></head>\r\n<body>\r\n<center><h1>301 Moved Permanently</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
"body_hashes": [
"sha256:9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a",
"sha1:3adb1f02d5b6054de0046e367c1d687b6cdf7aff"
],
"body_hash": "sha1:3adb1f02d5b6054de0046e367c1d687b6cdf7aff",
"html_title": "301 Moved Permanently"
},
"supports_http2": false
},
"observed_at": "2023-02-01T03:26:39.229841516Z",
"perspective_id": "PERSPECTIVE_TELIA",
"port": 80,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:nginx:nginx:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "nginx",
"product": "nginx",
"other": {
"family": "nginx"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.146.60",
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "pop3",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "+OK Dovecot (Debian) ready.\r\n",
"banner_hashes": [
"sha256:d23f942eab9de1c939a3dcab0aefadf6c86ebc2b99ba56b2b364c14c7c2b8dad"
],
"banner_hex": "2b4f4b20446f7665636f74202844656269616e292072656164792e0d0a",
"certificate": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"extended_service_name": "POP3S",
"observed_at": "2023-01-31T07:42:51.653905940Z",
"perspective_id": "PERSPECTIVE_ORANGE",
"pop3": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "+OK Dovecot (Debian) ready.\r\n",
"start_tls": "+OK Begin TLS negotiation now.\r\n"
},
"port": 110,
"service_name": "POP3",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Dovecot",
"product": "Dovecot",
"other": {
"family": "Dovecot"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.145.57",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "5d917c2ba7eac2d877ce519d58d5ed4a29fca2141b81d403fa259f7c2b38e50a",
"fingerprint": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891"
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "\u001a\ufffd\ufffd\ufffd\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0004\u0000\u0000\u0000\u0006\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0003\u0000\u0000\u0000\u0006\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0002\u0000\u0000\u0000\u0006\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0004\u0000\u0000\u0000\u0011\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0003\u0000\u0000\u0000\u0011\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0001\ufffd\ufffd\u0000\u0000\u0000\u0002\u0000\u0000\u0000\u0011\u0000\u0000\u0000o\u0000\u0000\u0000\u0001\u0000\u0005\ufffdZ\u0000\u0000\u0000\u0002\u0000\u0000\u0000\u0006",
"banner_grab": {
"_encoding": {
"banner": "DISPLAY_BASE64"
},
"banner": "Gqn/4QAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAQABhqAAAAAEAAAABgAAAG8AAAABAAGGoAAAAAMAAAAGAAAAbwAAAAEAAYagAAAAAgAAAAYAAABvAAAAAQABhqAAAAAEAAAAEQAAAG8AAAABAAGGoAAAAAMAAAARAAAAbwAAAAEAAYagAAAAAgAAABEAAABvAAAAAQAF91oAAAACAAAABg==",
"transport": "UDP"
},
"banner_hashes": [
"sha256:e49020af45840c9749ce4fbe83e7e7e6cf7b9c4599a749518bbaed79fde4608a"
],
"banner_hex": "1aa9ffe1000000010000000000000000000000000000000000000001000186a000000004000000060000006f00000001000186a000000003000000060000006f00000001000186a000000002000000060000006f00000001000186a000000004000000110000006f00000001000186a000000003000000110000006f00000001000186a000000002000000110000006f000000010005f75a0000000200000006",
"extended_service_name": "PORTMAP",
"observed_at": "2023-01-31T20:35:30.978671248Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 111,
"service_name": "PORTMAP",
"source_ip": "162.142.125.219",
"transport_protocol": "UDP",
"truncated": false
},
{
"_decoded": "ntp",
"extended_service_name": "NTP",
"ntp": {
"get_time_header": {
"version": 3,
"mode": 4,
"stratum": 3,
"poll": 3,
"precision": -23,
"_encoding": {
"reference_id": "DISPLAY_UTF8"
},
"reference_id": "\ufffd\ufffdm,",
"leap_indicator": 0
}
},
"observed_at": "2023-01-31T08:22:04.517655139Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 123,
"service_name": "NTP",
"source_ip": "162.142.125.7",
"transport_protocol": "UDP",
"truncated": false
},
{
"_decoded": "imap",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN] Dovecot (Debian) ready.\r\n",
"banner_hashes": [
"sha256:30da5d31a6902099f19ddc50a2f3de9fceaa1081ac7b6fed7c48384108795c93"
],
"banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c45204c49544552414c2b205354415254544c5320415554483d504c41494e5d20446f7665636f74202844656269616e292072656164792e0d0a",
"certificate": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"extended_service_name": "IMAPS",
"imap": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN] Dovecot (Debian) ready.\r\n",
"start_tls": "a001 OK Begin TLS negotiation now.\r\n"
},
"observed_at": "2023-01-31T18:02:53.873621152Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 143,
"service_name": "IMAP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
}
],
"source_ip": "167.94.138.45",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "5d917c2ba7eac2d877ce519d58d5ed4a29fca2141b81d403fa259f7c2b38e50a",
"fingerprint": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891"
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: <REDACTED>\r\nContent-Type: text/html; charset=ISO-8859-1\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=7126279666d8aecc2463b0019116ecb8; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n",
"banner_hashes": [
"sha256:893ec66a51315a1b92d999aca1e2cdcae0a4f547e2eec5a80c4963df4d6bb394"
],
"banner_hex": "485454502f312e3120323030204f4b0d0a5365727665723a206e67696e780d0a446174653a20203c52454441435445443e0d0a436f6e74656e742d547970653a20746578742f68746d6c3b20636861727365743d49534f2d383835392d310d0a5472616e736665722d456e636f64696e673a206368756e6b65640d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a566172793a204163636570742d456e636f64696e670d0a5365742d436f6f6b69653a205048505345535349443d37313236323739363636643861656363323436336230303139313136656362383b20706174683d2f0d0a457870697265733a205468752c203139204e6f7620313938312030383a35323a303020474d540d0a43616368652d436f6e74726f6c3a206e6f2d73746f72652c206e6f2d63616368652c206d7573742d726576616c69646174650d0a507261676d613a206e6f2d63616368650d0a436f6e74656e742d456e636f64696e673a20677a69700d0a",
"certificate": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"extended_service_name": "HTTPS",
"http": {
"request": {
"method": "GET",
"uri": "https://185.30.32.2/admin/index.php",
"headers": {
"Accept": [
"*/*"
],
"_encoding": {
"Accept": "DISPLAY_UTF8",
"User_Agent": "DISPLAY_UTF8"
},
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 200,
"status_reason": "OK",
"headers": {
"Server": [
"nginx"
],
"_encoding": {
"Server": "DISPLAY_UTF8",
"Date": "DISPLAY_UTF8",
"Cache_Control": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Vary": "DISPLAY_UTF8",
"Connection": "DISPLAY_UTF8",
"Set_Cookie": "DISPLAY_UTF8",
"Pragma": "DISPLAY_UTF8",
"Expires": "DISPLAY_UTF8"
},
"Date": [
"<REDACTED>"
],
"Cache_Control": [
"no-store, no-cache, must-revalidate"
],
"Content_Type": [
"text/html; charset=ISO-8859-1"
],
"Vary": [
"Accept-Encoding"
],
"Connection": [
"keep-alive"
],
"Set_Cookie": [
"PHPSESSID=7126279666d8aecc2463b0019116ecb8; path=/"
],
"Pragma": [
"no-cache"
],
"Expires": [
"Thu, 19 Nov 1981 08:52:00 GMT"
]
},
"_encoding": {
"html_tags": "DISPLAY_UTF8",
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8",
"html_title": "DISPLAY_UTF8"
},
"html_tags": [
"<title>webgo Webspace-Admin</title>",
"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">",
"<META HTTP-EQUIV=\"Pragma\" CONTENT=\"no-cache\">",
"<META HTTP-EQUIV=\"Expires\" CONTENT=\"-1\">"
],
"body_size": 4553,
"body": "\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">\n<html>\n<head>\n <meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">\n <META HTTP-EQUIV=\"Pragma\" CONTENT=\"no-cache\">\n <META HTTP-EQUIV=\"Expires\" CONTENT=\"-1\">\n <script type=\"text/javascript\" src=\"../javascripts/scripte.js\"></script>\n <script src=\"https://code.jquery.com/jquery-3.2.1.slim.min.js\" integrity=\"sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN\" crossorigin=\"anonymous\"></script>\n<script src=\"https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js\" integrity=\"sha384-vFJXuSJphROIrBnz7yo7oB41mKfc8JzQZiCq4NCceLEaO4IHwicKwpJf9c9IpFgh\" crossorigin=\"anonymous\"></script>\n<script src=\"https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js\" integrity=\"sha384-alpBpkh1PFOepccYVYDB4do5UnbKysX5WZXm3XxPqe5iKTfUKjNkCk9SaVuEZflJ\" crossorigin=\"anonymous\"></script>\n <script type=\"text/javascript\" src=\"../javascripts/boot.js\"></script>\n <title>webgo Webspace-Admin</title>\n<link rel=\"shortcut icon\" href=\"https://www.webgo.de/assets/images/favicon.ico\"> \n <link href=\"../css/style.css\" rel=\"stylesheet\" type=\"text/css\">\n <link rel=\"stylesheet\" href=\"https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css\" integrity=\"sha384-PsH8R72JQ3SOdhVi3uxftmaW6Vc51MKb0q5P2rRUpPvrszuE4W1povHYgTpBfshb\" crossorigin=\"anonymous\">\n</head>\n<noscript>\n <br>\n <center>\n <span class ='rot12b'>JavaScript is disabled on your browser.\n Please enable JavaScript to use correctly mesosadmin frontend</span>\n </center>\n</noscript>\n<script type=\"text/javascript\">\nif (navigator.cookieEnabled == false) {\n document.write(\"<br><center><span class ='rot12b'>your browser refuses to sing in. (cookies rejected) <\\/span><\\/center>\")\n}\n</script>\n<body OnLoad=\"setzeCurser()\" background=\"../images/background_content.jpg\" text=\"black\" link=\"black\" vlink=\"black\" alink=\"black\" leftmargin=\"0\" topmargin=\"0\" text=\"black\" link=\"black\">\n\n\n\n\n<br>\n<form method=\"POST\" name='myform' action=\"../admin/index.php\">\n<table width=\"500\" align='center' cellspacing=\"0\" cellpadding=\"0\" align='center'>\n\n<tr>\n<td colspan=\"3\" bgcolor=\"#000000\"><img src=\"../images/blind.gif\" height=\"1\" width=\"1\"></td>\n</tr>\n\n\n<tr>\n<td width=\"1\" bgcolor=\"#000000\"><img src=\"../images/blind.gif\" width=\"1\" height=\"1\"></td>\n\n<td> \n<table width=\"500\" border=0 background=\"../images/background_blau.gif\" border=0 valign=\"top\" cellspacing=\"0\" cellpadding=\"0\" align='center' >\n\n<tr bgcolor='white'>\n\n<td height=\"71\" align=\"center\" colspan=\"3\" height=33 background=\"../images/background_Leiste.gif\">\n\n</td></tr>\n\n<tr><td background=\"../images/background_blau.gif\" height=\"10\" colspan=\"3\" valign=\"center\" align=\"center\">\n\t\n\t \n\t <font size=2 color ='white'><b>Please login</b></font></td></tr>\n\n\t \n\t \n <tr>\n\t \n\t <td height=\"22\" align='right' ><br>\n\n\t <font size=2 color ='black'><b>Benutzer </b></font></td>\n\t \n <td valign=\"top\" height=\"22\" width=\"20%\" ><br>\n\t \n\t <input type=\"text\" size=\"20\" name=\"user_name\" value=\"\" class='myinput'></td>\n\t \n\t <td width=\"40%\" > </td>\t \n\t </tr>\n\n <tr>\n\t <td height=\"22\" align ='right'>\n\t \n\t <font size=2 color ='black' align='left'><b>Passwort </b></font>\n </td>\n \n\t <td valign=\"center\" height=\"22\" width=\"0%\">\n\t \n\t <input type=\"password\" size=\"20\" name=\"user_pwd\" class='myinput'></td>\n\t <td width=\"40%\"> </td>\n\t </tr>\n\n\t \n \n\t <tr><td valign=\"top\" height=\"22\" width=\"40%\"><b> </b></td>\n \n\t <td valign=\"top\" width=\"64\" align=\"center\">\n\t <input type=\"submit\" name='login' value='login' class='my_submit'>\n </td>\n\n\t <td valign=\"top\" height=\"22\" width=\"20%\"> </td>\n\t\t </tr>\n\n\n<tr><td td colspan=4 align='center'> </td></tr>\n\n<tr><td td colspan=4 align='center'>\n\n<font color='white' size=2 style='font-family:sans-serif; color:white;'>\n\n\n</font></td></tr>\n\n\n<tr><td td colspan=4 align='center'> </td></tr>\n\n<tr><td td colspan=4 align='center'>\n\n\n<font color='white' size=2 style='font-family:sans-serif;color:white;text-decoration: underline;'>\n\n\n\n<tr><td td colspan=4 align='center'>\n\n<p><a href=\"https://webgo.de\" target=\"_blank\">webgo.de</a></p>\n\n</td></tr>\n\n\n</table>\n</td>\n\n<td width=\"1\" bgcolor=\"#000000\"><img src=\"../images/blind.gif\" width=\"1\" height=\"1\"></td>\n\n</tr>\n\n<tr>\n<td colspan=\"3\" bgcolor=\"#000000\"><img src=\"../images/blind.gif\" height=\"1\" width=\"1\"></td>\n</tr>\n\n\n</table>\n<input type=\"hidden\" name=\"_ma_form_token\" value=\"ba80e852af27588388e5106517ea2a75\">\n</form>\n\n\n\n</body>\n</html>\n",
"body_hashes": [
"sha256:0b4b5d8d1d0c86535bd202b84dba7010849618f3ff5c3f45478de4c10926a978",
"sha1:6cbbcbd25e7a7e1fc61e2cb57bed66522efe39e4"
],
"body_hash": "sha1:6cbbcbd25e7a7e1fc61e2cb57bed66522efe39e4",
"html_title": "webgo Webspace-Admin"
},
"supports_http2": true
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "29d29d38d29d29d00042d42d0000005fd00fabd213a5ac89229012f70afd5c",
"cipher_and_version_fingerprint": "29d29d38d29d29d00042d42d000000",
"tls_extensions_sha256": "5fd00fabd213a5ac89229012f70afd5c",
"observed_at": "2023-01-22T12:49:59.228977595Z"
},
"observed_at": "2023-02-01T01:49:35.558981057Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 443,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "PHP",
"product": "PHP",
"other": {
"family": "PHP"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:nginx:nginx:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "nginx",
"product": "nginx",
"other": {
"family": "nginx"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "162.142.125.222",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "5d917c2ba7eac2d877ce519d58d5ed4a29fca2141b81d403fa259f7c2b38e50a",
"fingerprint": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "smtp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"banner_hashes": [
"sha256:7c04ea0d77354c4686bb3b67e3e6be0b2b12c4f5b0474fad34e25a7f17a973b4"
],
"banner_hex": "32323020736572766572322e776562676f32342e64652045534d545020506f7374666978202844656269616e2f474e55290d0a",
"certificate": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"extended_service_name": "SMTPS",
"observed_at": "2023-02-01T03:07:15.794209372Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 465,
"service_name": "SMTP",
"smtp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"ehlo": "DISPLAY_UTF8"
},
"banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"ehlo": "250-server2.webgo24.de\r\n250-PIPELINING\r\n250-SIZE 1073741824\r\n250-ETRN\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 CHUNKING\r\n"
},
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Postfix",
"product": "Postfix",
"other": {
"family": "Postfix"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.248.133.45",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "5d917c2ba7eac2d877ce519d58d5ed4a29fca2141b81d403fa259f7c2b38e50a",
"fingerprint": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036"
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "smtp",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"banner_hashes": [
"sha256:7c04ea0d77354c4686bb3b67e3e6be0b2b12c4f5b0474fad34e25a7f17a973b4"
],
"banner_hex": "32323020736572766572322e776562676f32342e64652045534d545020506f7374666978202844656269616e2f474e55290d0a",
"certificate": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"extended_service_name": "SMTP-STARTTLS",
"observed_at": "2023-01-31T14:52:31.940602281Z",
"perspective_id": "PERSPECTIVE_ORANGE",
"port": 587,
"service_name": "SMTP",
"smtp": {
"_encoding": {
"banner": "DISPLAY_UTF8",
"ehlo": "DISPLAY_UTF8",
"start_tls": "DISPLAY_UTF8"
},
"banner": "220 server2.webgo24.de ESMTP Postfix (Debian/GNU)\r\n",
"ehlo": "250-server2.webgo24.de\r\n250-PIPELINING\r\n250-SIZE 1073741824\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 CHUNKING\r\n",
"start_tls": "220 2.0.0 Ready to start TLS\r\n"
},
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:postfix:postfix:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Postfix",
"product": "Postfix",
"other": {
"family": "Postfix"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.145.58",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "5d917c2ba7eac2d877ce519d58d5ed4a29fca2141b81d403fa259f7c2b38e50a",
"fingerprint": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036"
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "imap",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot (Debian) ready.\r\n",
"banner_hashes": [
"sha256:c6da3659113355d5304fa51a7cf8a22204b433dac37072359c696b6c8b3b9f30"
],
"banner_hex": "2a204f4b205b4341504142494c49545920494d41503472657631205341534c2d4952204c4f47494e2d524546455252414c5320494420454e41424c452049444c45204c49544552414c2b20415554483d504c41494e5d20446f7665636f74202844656269616e292072656164792e0d0a",
"certificate": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"extended_service_name": "IMAPS",
"imap": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot (Debian) ready.\r\n"
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "07d3fd12d21d21d07c42d43d0000008435c4f14f7a2c9375dab1adaee145f3",
"cipher_and_version_fingerprint": "07d3fd12d21d21d07c42d43d000000",
"tls_extensions_sha256": "8435c4f14f7a2c9375dab1adaee145f3",
"observed_at": "2023-01-22T12:50:35.029298784Z"
},
"observed_at": "2023-01-31T20:36:47.486098068Z",
"perspective_id": "PERSPECTIVE_TATA",
"port": 993,
"service_name": "IMAP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
}
],
"source_ip": "167.94.138.45",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "5d917c2ba7eac2d877ce519d58d5ed4a29fca2141b81d403fa259f7c2b38e50a",
"fingerprint": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891"
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "pop3",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "+OK Dovecot (Debian) ready.\r\n",
"banner_hashes": [
"sha256:d23f942eab9de1c939a3dcab0aefadf6c86ebc2b99ba56b2b364c14c7c2b8dad"
],
"banner_hex": "2b4f4b20446f7665636f74202844656269616e292072656164792e0d0a",
"certificate": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"extended_service_name": "POP3S",
"observed_at": "2023-01-31T18:16:15.313780038Z",
"perspective_id": "PERSPECTIVE_TATA",
"pop3": {
"_encoding": {
"banner": "DISPLAY_UTF8"
},
"banner": "+OK Dovecot (Debian) ready.\r\n"
},
"port": 995,
"service_name": "POP3",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "Dovecot",
"product": "Dovecot",
"other": {
"family": "Dovecot"
},
"source": "OSI_APPLICATION_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.94.138.120",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_CHACHA20_POLY1305_SHA256",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"chain_fps_sha_256": [
"7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b"
],
"leaf_data": {
"names": [
"*.webgo24.de",
"webgo24.de"
],
"subject_dn": "CN=*.webgo24.de",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "5d917c2ba7eac2d877ce519d58d5ed4a29fca2141b81d403fa259f7c2b38e50a",
"fingerprint": "9fcb2219fabc7dee094819462530676865e2196de4f646c4640a2d8e286a1781",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
],
"country": [
"GB"
]
},
"subject": {
"common_name": [
"*.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "wIcElBzcOXzG1eqhC3S2XcBBKEiWNZPs6QBW8C0TTMFyccKu66f09A0dWT88P8p+DbPAq6EZco0HVci5Vha3aK2odDc7pOySpsWuTP5GwmMAs25ItLaWQiii460u57Y8K0hBndoMmID4FbRG5TZDrwozUH3AeFtPnzVGtpGJjR9Xxorl4E+Uzj5SfK2gJ4yjhEQkIyBHSKVcw4Hza7DH2kVmSWHAuCFACwtd/U2qh1YR1gdc5BD65vtxQ37XLHzGsahcnHpJaJ9vqvaBfTUEHcw2TyLCVMtjxUgAd58GDX5QwJ8X9+uuyFkIkhWYM5O0x3QYQc2NcuyZW7dv0MyeLdYdrYCsxJU10xejb/OogRpTD1Ss2imvoMZGk18/1dRJpkGBUewQpif1Z1EjjKUjHMaP15XddtRUrLDfk47DvRtzeBhwmuxZjimOomFCK5tAqsL4c8nOlVnRGNtwIBcEZULkEmvZQChTDnZBeRPB98bBpcIaBTVe32bKbMaZUk99rsTQ8S/modWenbK2MTLF0cGKfrWjQFPpmFZ9i71XHZ8Gt+v27ihVer9XloWOHoNL4Rwl/D0AliWNDZVAfHG+DWhfnlQyJZiZTuT4a8yvHlu2dgSjbtAxPJwr7abzmzkkKp2syWrNEdkcRnnysWfpVNbmC1IavHJ6+MsE3KDRZzk=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "f06d2ad8baeed59135ed30ac50b0c5ffc24b2b874af03ede29677605b347dc16"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676",
"subject_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA",
"issuer_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
},
{
"fingerprint": "68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b",
"subject_dn": "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority",
"issuer_dn": "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "475c9302dc42b2751db9edcac3b74891"
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "mysql",
"extended_service_name": "MYSQL",
"mysql": {
"error_code": 1130,
"error_id": "ER_HOST_NOT_PRIVILEGED",
"error_message": "Host 'scanner-08.ch1.censys-scanner.com' is not allowed to connect to this MariaDB server",
"protocol_version": 0,
"connection_id": 0,
"character_set": 0
},
"observed_at": "2023-02-01T09:27:18.877311180Z",
"perspective_id": "PERSPECTIVE_NTT",
"port": 3306,
"service_name": "MYSQL",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
},
{
"uniform_resource_identifier": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"part": "a",
"vendor": "MariaDB",
"product": "MariaDB",
"other": {
"family": "MySQL"
},
"source": "OSI_APPLICATION_LAYER"
}
],
"source_ip": "167.248.133.45",
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "banner_grab",
"_encoding": {
"banner": "DISPLAY_UTF8",
"banner_hex": "DISPLAY_HEX"
},
"banner": "\"IMPLEMENTATION\" \"Dovecot (Debian) Pigeonhole\"\r\n\"SIEVE\" \"fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational re",
"banner_grab": {
"_encoding": {
"banner": "DISPLAY_BASE64"
},
"banner": "IklNUExFTUVOVEFUSU9OIiAiRG92ZWNvdCAoRGViaWFuKSBQaWdlb25ob2xlIg0KIlNJRVZFIiAiZmlsZWludG8gcmVqZWN0IGVudmVsb3BlIGVuY29kZWQtY2hhcmFjdGVyIHZhY2F0aW9uIHN1YmFkZHJlc3MgY29tcGFyYXRvci1pO2FzY2lpLW51bWVyaWMgcmVsYXRpb25hbCByZQ==",
"transport": "TCP"
},
"banner_hashes": [
"sha256:b5a094162546bd162624951f97e9e30238fd1dfe0e8ffca53da185832dc03096"
],
"banner_hex": "22494d504c454d454e544154494f4e222022446f7665636f74202844656269616e2920506967656f6e686f6c65220d0a22534945564522202266696c65696e746f2072656a65637420656e76656c6f706520656e636f6465642d636861726163746572207661636174696f6e207375626164647265737320636f6d70617261746f722d693b61736369692d6e756d657269632072656c6174696f6e616c207265",
"extended_service_name": "PIGEONHOLE",
"observed_at": "2023-01-31T20:36:46.818452388Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 4190,
"service_name": "PIGEONHOLE",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
}
],
"source_ip": "162.142.125.219",
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
},
{
"_decoded": "http",
"_encoding": {
"banner": "DISPLAY_UTF8",
"certificate": "DISPLAY_HEX",
"banner_hex": "DISPLAY_HEX"
},
"banner": "HTTP/1.1 401 Unauthorized\r\nServer: Icinga/r2.13.6-1\r\nWWW-Authenticate: Basic realm=\"Icinga 2\"\r\nConnection: close\r\nContent-Type: text/html\r\nContent-Length: 58\r\n",
"banner_hashes": [
"sha256:fd7602ac4314340645e2a4b56c9de3bac1e1d4c9f25fa5ce015d7c5b069b6dfe"
],
"banner_hex": "485454502f312e312034303120556e617574686f72697a65640d0a5365727665723a204963696e67612f72322e31332e362d310d0a5757572d41757468656e7469636174653a204261736963207265616c6d3d224963696e67612032220d0a436f6e6e656374696f6e3a20636c6f73650d0a436f6e74656e742d547970653a20746578742f68746d6c0d0a436f6e74656e742d4c656e6774683a2035380d0a",
"certificate": "529f23c2dca8d7b2c130ba92902cd8773ab0b74593a60ad1481a025b5b1d9eef",
"extended_service_name": "HTTPS",
"http": {
"request": {
"method": "GET",
"uri": "https://185.30.32.2:5665/",
"headers": {
"Accept": [
"*/*"
],
"_encoding": {
"Accept": "DISPLAY_UTF8",
"User_Agent": "DISPLAY_UTF8"
},
"User_Agent": [
"Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
]
}
},
"response": {
"protocol": "HTTP/1.1",
"status_code": 401,
"status_reason": "Unauthorized",
"headers": {
"Connection": [
"close"
],
"_encoding": {
"Connection": "DISPLAY_UTF8",
"Server": "DISPLAY_UTF8",
"Content_Length": "DISPLAY_UTF8",
"Content_Type": "DISPLAY_UTF8",
"Www_Authenticate": "DISPLAY_UTF8"
},
"Server": [
"Icinga/r2.13.6-1"
],
"Content_Length": [
"58"
],
"Content_Type": [
"text/html"
],
"Www_Authenticate": [
"Basic realm=\"Icinga 2\""
]
},
"body_size": 58,
"_encoding": {
"body": "DISPLAY_UTF8",
"body_hash": "DISPLAY_UTF8"
},
"body": "<h1>Unauthorized. Please check your user credentials.</h1>",
"body_hashes": [
"sha256:96e9cf9119d9b1a4488e42969dd86cca39f90986c100149e0e10e367262e7781",
"sha1:0781b2ef0edae3f86ab5f8ef7aaa4e8dae54208a"
],
"body_hash": "sha1:0781b2ef0edae3f86ab5f8ef7aaa4e8dae54208a"
},
"supports_http2": false
},
"jarm": {
"_encoding": {
"fingerprint": "DISPLAY_HEX",
"cipher_and_version_fingerprint": "DISPLAY_HEX",
"tls_extensions_sha256": "DISPLAY_HEX"
},
"fingerprint": "2ad2ad0002ad2ad00042d42d000000ad9bf51cc3f5a1e29eecb81d0c7b06eb",
"cipher_and_version_fingerprint": "2ad2ad0002ad2ad00042d42d000000",
"tls_extensions_sha256": "ad9bf51cc3f5a1e29eecb81d0c7b06eb",
"observed_at": "2023-01-31T15:52:03.824130597Z"
},
"observed_at": "2023-01-31T20:36:48.600305178Z",
"perspective_id": "PERSPECTIVE_HE",
"port": 5665,
"service_name": "HTTP",
"software": [
{
"uniform_resource_identifier": "cpe:2.3:o:*:linux:*:*:*:*:*:*:*:*",
"part": "o",
"product": "linux",
"source": "OSI_TRANSPORT_LAYER"
}
],
"source_ip": "162.142.125.220",
"tls": {
"version_selected": "TLSv1_3",
"cipher_selected": "TLS_AES_256_GCM_SHA384",
"certificates": {
"_encoding": {
"leaf_fp_sha_256": "DISPLAY_HEX",
"chain_fps_sha_256": "DISPLAY_HEX"
},
"leaf_fp_sha_256": "529f23c2dca8d7b2c130ba92902cd8773ab0b74593a60ad1481a025b5b1d9eef",
"chain_fps_sha_256": [
"e7892aa47949cb3b328caab424c8fd58869b1bb8f2b12b0ea5052b3c901e809d"
],
"leaf_data": {
"names": [
"server2.webgo24.de"
],
"subject_dn": "CN=server2.webgo24.de",
"issuer_dn": "CN=Icinga CA",
"pubkey_bit_size": 4096,
"pubkey_algorithm": "RSA",
"tbs_fingerprint": "a13767f85b62bb23be1a258346f4db8e400e9ca591321e7a34d5e399f028ae61",
"fingerprint": "529f23c2dca8d7b2c130ba92902cd8773ab0b74593a60ad1481a025b5b1d9eef",
"issuer": {
"common_name": [
"Icinga CA"
]
},
"subject": {
"common_name": [
"server2.webgo24.de"
]
},
"public_key": {
"key_algorithm": "RSA",
"rsa": {
"_encoding": {
"modulus": "DISPLAY_BASE64",
"exponent": "DISPLAY_BASE64"
},
"modulus": "nSbLAey/yUPPgG0mGEtPX5pvYrW8bhp+AvptpWxh+aRbBGb9rm+B1ZI4uDYNUVZLf+6iC6tWtAwOLzOUd0wpoAuX0hiobvlvUB6vHK+p6JpIveh0yexQAyUDAuRbc9zuE1DBtMkIS98Dx7mdJmZKEGxafGJNvk7phDGozog+pxbs1PabQSEmdnO27bmta+XQ+wau4uU4D2zI4QY3tTSANiwOtk+ucdgaGZfL2jP/Y4bJAjb4wgCZd0cPLYGYDZFeC66RsNOBLqrdZAorHm//xujW86VlSwSd5yydrr3gFZ0ehiDGGbrsQAkuZIAWCKRZhk41g8wik7HG0F/j/kY+0J6zyi9f11bKJdNyPUIdy2PN/s50XkR7dBn5qLZ3ydHrHV//T2NZpUC6KXghJSTmdF6oNWJRgGujiNjpQu2LoyDhPNejXlTcuOrl3Si1bCqabDC7MNdIKr/wvxHB9pFsvG8RF4bKC7Ecdj9aSW22lU4a1xSI5OArdwtjqECgLD26OAETtB4rUt1cSBjeC8OPfn281PxiHjRNbYRXV+s+dJ39kmcD36+mWojVqpIWWluWwzt+9Cbf0uvblOm+eX4SA376z1Yvwf/2Aa6WJL93Yr6T1LlMsy6W4tMJKX2quD+kLUxJVZiYEDlG618sl09y5OMPx0dXpkvu8fKpDituKj0=",
"exponent": "AAEAAQ==",
"length": 512
},
"fingerprint": "c0a87c29c6c364665672937fcc8f8af5a5b9a65e135752d55c8a6ae8ba344c71"
},
"signature": {
"signature_algorithm": "SHA256-RSA",
"self_signed": false
}
},
"chain": [
{
"fingerprint": "e7892aa47949cb3b328caab424c8fd58869b1bb8f2b12b0ea5052b3c901e809d",
"subject_dn": "CN=Icinga CA",
"issuer_dn": "CN=Icinga CA"
}
]
},
"_encoding": {
"ja3s": "DISPLAY_HEX"
},
"ja3s": "15af977ce25de452b96affa2addb1036"
},
"transport_fingerprint": {
"id": 262,
"os": "CentOS",
"raw": "65160,64,true,MSTNW,1460,false,false"
},
"transport_protocol": "TCP",
"truncated": false
}
],
"location": {
"continent": "Europe",
"country": "Germany",
"country_code": "DE",
"postal_code": "",
"timezone": "Europe/Berlin",
"coordinates": {
"latitude": 51.2993,
"longitude": 9.491
},
"registered_country": "Germany",
"registered_country_code": "DE"
},
"location_updated_at": "2023-01-23T14:34:51.858012Z",
"autonomous_system": {
"asn": 48324,
"description": "DE-WEBGO www.webgo.de",
"bgp_prefix": "185.30.32.0/22",
"name": "DE-WEBGO www.webgo.de",
"country_code": "DE"
},
"autonomous_system_updated_at": "2023-01-23T08:39:11.161615Z",
"operating_system": {
"uniform_resource_identifier": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"part": "o",
"vendor": "Debian",
"product": "Linux",
"other": {
"family": "Linux"
}
},
"dns": {
"names": [
"www.tanjabauer-uebersetzt.de",
"www.euro-top-one.de",
"macstreff.de",
"malerbetriebmueller.de",
"rwbaugeschaeft.de",
"www.frauenhofpalais.de",
"jb-it.support",
"server2.webgo24.de",
"bvbs-homann.de",
"pop.swue-netz.de",
"john-bader.de",
"mail1.tanjabauer-uebersetzt.de",
"www.dr-bierl.de",
"pop.bader.systems",
"www.pflegequalitaet-schulz.de",
"smtp.macstreff.de",
"www.lutz-arnold.eu",
"pop.delphin-potential.de",
"smtp.bader.systems",
"elli-john.de",
"pop.synoptikfibel.de",
"mail1.swueb.de",
"christineputz.de",
"smtp.bader.support",
"www.adelheidhenke.de",
"mail2.swueb.de",
"www.bbs-rutke.de",
"www.swueb.de",
"www.elli-john.de",
"tanjabauer-uebersetzt.de",
"pop.hug-sz.de",
"nsgos.fh28.de",
"md-maler.de",
"www.wille-schenk.de",
"mail1.divh.de",
"swue-netz.de",
"mail1.elli-john.de",
"delphin-potential.de",
"synoptikfibel.de",
"it-support.john-bader.de",
"smtp.elli-bader.de",
"www.matthias-fischbach.de",
"www.buergernahes-bayern.de",
"brauer-tischlerei.de",
"www.idt21.de",
"smtp.delphin-potential.de",
"hug-sz.de",
"smtp.frauenhofpalais.de",
"www.minihold.de",
"www.concaer.de",
"wille-schenk.de",
"mail1.jb-it.support",
"www.schornsteinfeger-ordowski.de",
"www.chorisma-velbert.de",
"euro-top-one.com",
"adelheidhenke.de",
"www.swue-netz.de",
"www.brauer-tischlerei.de",
"mit-kidz.de",
"kosmetikpraxis-erkrath.de",
"www.energieberater-ordowski.de",
"dr-bierl.de",
"www.elli-bader.de",
"livesol.de",
"www.aua-autoservice.de",
"www.synoptikfibel.de",
"minihold.de",
"www.hug-sz.de",
"www.euro-top-one.net",
"mail2.jb-it.support",
"www.mit-kidz.de",
"physio-donau.de",
"pop.elli-bader.de",
"www.euro-top-one.com",
"smtp.synoptikfibel.de",
"concaer.de",
"www.physio-donau.de",
"mail2.john-bader.de",
"www.idt21.com",
"idt21.de",
"pop.frauenhofpalais.de",
"bader.systems",
"pflegequalitaet-schulz.de",
"mail1.john-bader.de",
"www.macstreff.de",
"www.md-maler.de",
"www.energiepreiserhoehung.de",
"energieberater-ordowski.de",
"elli-bader.de",
"www.livesol.de",
"www.malerbetriebmueller.de",
"mail2.divh.de",
"kaiser-schornsteinfeger.de",
"jm-medpro.de",
"ruetten-stb.de",
"pop.bader.support",
"smtp.hug-sz.de",
"swueb.de",
"smtp.minihold.de",
"aua-autoservice.de"
],
"records": {
"www.bbs-rutke.de": {
"record_type": "A",
"resolved_at": "2023-01-17T00:13:30.122460446Z"
},
"www.md-maler.de": {
"record_type": "A",
"resolved_at": "2023-01-24T14:10:21.851035439Z"
},
"pop.swue-netz.de": {
"record_type": "A",
"resolved_at": "2023-01-05T14:32:18.233713418Z"
},
"jb-it.support": {
"record_type": "A",
"resolved_at": "2023-01-02T16:49:06.475372145Z"
},
"synoptikfibel.de": {
"record_type": "A",
"resolved_at": "2023-01-16T14:50:39.314497465Z"
},
"brauer-tischlerei.de": {
"record_type": "A",
"resolved_at": "2023-01-21T14:31:34.449732683Z"
},
"john-bader.de": {
"record_type": "A",
"resolved_at": "2023-01-16T14:47:01.403275444Z"
},
"www.aua-autoservice.de": {
"record_type": "A",
"resolved_at": "2022-12-20T14:16:28.790574152Z"
},
"www.euro-top-one.com": {
"record_type": "A",
"resolved_at": "2023-01-10T13:13:29.923669802Z"
},
"smtp.delphin-potential.de": {
"record_type": "A",
"resolved_at": "2023-01-06T14:19:24.762647927Z"
},
"macstreff.de": {
"record_type": "A",
"resolved_at": "2023-01-05T14:31:37.011765082Z"
},
"www.concaer.de": {
"record_type": "A",
"resolved_at": "2023-01-30T14:19:33.783829257Z"
},
"smtp.macstreff.de": {
"record_type": "A",
"resolved_at": "2023-01-21T14:34:38.805522045Z"
},
"minihold.de": {
"record_type": "A",
"resolved_at": "2023-01-28T14:24:35.294810290Z"
},
"swue-netz.de": {
"record_type": "A",
"resolved_at": "2023-01-28T14:25:29.672161754Z"
},
"server2.webgo24.de": {
"record_type": "A",
"resolved_at": "2023-01-05T14:39:51.578378817Z"
},
"euro-top-one.com": {
"record_type": "A",
"resolved_at": "2023-02-01T13:14:51.129063587Z"
},
"pop.bader.support": {
"record_type": "A",
"resolved_at": "2023-01-21T17:54:59.149299684Z"
},
"www.buergernahes-bayern.de": {
"record_type": "A",
"resolved_at": "2023-01-19T19:22:08.706277076Z"
},
"www.adelheidhenke.de": {
"record_type": "A",
"resolved_at": "2023-01-29T14:36:33.894514193Z"
},
"www.swue-netz.de": {
"record_type": "A",
"resolved_at": "2023-01-25T14:37:33.499444182Z"
},
"kosmetikpraxis-erkrath.de": {
"record_type": "A",
"resolved_at": "2023-01-26T14:43:55.518984963Z"
},
"www.idt21.de": {
"record_type": "A",
"resolved_at": "2023-01-28T21:58:42.571478019Z"
},
"physio-donau.de": {
"record_type": "A",
"resolved_at": "2023-01-26T14:45:06.334131148Z"
},
"mail1.divh.de": {
"record_type": "A",
"resolved_at": "2023-01-04T14:18:36.610280690Z"
},
"www.wille-schenk.de": {
"record_type": "A",
"resolved_at": "2023-01-21T16:44:09.944355525Z"
},
"smtp.bader.support": {
"record_type": "A",
"resolved_at": "2023-01-21T17:54:59.754185109Z"
},
"elli-john.de": {
"record_type": "A",
"resolved_at": "2023-01-22T14:20:24.060886004Z"
},
"smtp.frauenhofpalais.de": {
"record_type": "A",
"resolved_at": "2023-01-05T14:30:26.484430522Z"
},
"www.chorisma-velbert.de": {
"record_type": "A",
"resolved_at": "2023-01-29T14:36:48.381819586Z"
},
"mail2.swueb.de": {
"record_type": "A",
"resolved_at": "2023-01-30T14:22:18.983254875Z"
},
"ruetten-stb.de": {
"record_type": "A",
"resolved_at": "2023-01-02T14:14:52.570437433Z"
},
"mail2.jb-it.support": {
"record_type": "A",
"resolved_at": "2023-01-08T16:37:27.432063047Z"
},
"rwbaugeschaeft.de": {
"record_type": "A",
"resolved_at": "2023-01-21T14:35:48.365196737Z"
},
"jm-medpro.de": {
"record_type": "A",
"resolved_at": "2023-01-08T14:14:52.347495737Z"
},
"mail2.divh.de": {
"record_type": "A",
"resolved_at": "2023-01-29T14:37:18.767449576Z"
},
"concaer.de": {
"record_type": "A",
"resolved_at": "2023-01-26T14:42:05.741622830Z"
},
"pflegequalitaet-schulz.de": {
"record_type": "A",
"resolved_at": "2023-01-25T14:37:12.243329973Z"
},
"adelheidhenke.de": {
"record_type": "A",
"resolved_at": "2023-01-19T14:01:03.530775523Z"
},
"www.livesol.de": {
"record_type": "A",
"resolved_at": "2023-01-05T14:31:40.719757662Z"
},
"mail1.jb-it.support": {
"record_type": "A",
"resolved_at": "2023-01-05T17:11:46.127342797Z"
},
"smtp.hug-sz.de": {
"record_type": "A",
"resolved_at": "2022-12-31T14:44:49.505716862Z"
},
"www.energiepreiserhoehung.de": {
"record_type": "A",
"resolved_at": "2023-01-01T14:12:45.596088318Z"
},
"delphin-potential.de": {
"record_type": "A",
"resolved_at": "2023-01-31T14:38:59.389503451Z"
},
"www.swueb.de": {
"record_type": "A",
"resolved_at": "2023-01-19T14:04:09.470740475Z"
},
"it-support.john-bader.de": {
"record_type": "A",
"resolved_at": "2022-12-31T21:29:26.193324554Z"
},
"www.idt21.com": {
"record_type": "A",
"resolved_at": "2023-01-28T13:30:33.405530249Z"
},
"mail1.swueb.de": {
"record_type": "A",
"resolved_at": "2023-01-01T14:15:26.756522028Z"
},
"www.tanjabauer-uebersetzt.de": {
"record_type": "A",
"resolved_at": "2023-01-29T14:43:42.159445815Z"
},
"www.physio-donau.de": {
"record_type": "A",
"resolved_at": "2023-01-11T14:31:05.062489534Z"
},
"bvbs-homann.de": {
"record_type": "A",
"resolved_at": "2023-01-27T14:29:27.582835144Z"
},
"wille-schenk.de": {
"record_type": "A",
"resolved_at": "2023-01-24T14:19:33.255239071Z"
},
"pop.hug-sz.de": {
"record_type": "A",
"resolved_at": "2023-01-30T14:20:16.765233078Z"
},
"elli-bader.de": {
"record_type": "A",
"resolved_at": "2023-01-16T14:46:18.070026342Z"
},
"aua-autoservice.de": {
"record_type": "A",
"resolved_at": "2023-01-22T14:19:56.166746775Z"
},
"swueb.de": {
"record_type": "A",
"resolved_at": "2023-01-24T14:11:42.639153499Z"
},
"www.elli-john.de": {
"record_type": "A",
"resolved_at": "2022-12-20T14:17:22.322145865Z"
},
"nsgos.fh28.de": {
"record_type": "A",
"resolved_at": "2023-01-21T00:36:32.150397747Z"
},
"idt21.de": {
"record_type": "A",
"resolved_at": "2023-01-19T14:02:06.459686932Z"
},
"pop.delphin-potential.de": {
"record_type": "A",
"resolved_at": "2023-01-14T14:22:50.201474831Z"
},
"www.lutz-arnold.eu": {
"record_type": "A",
"resolved_at": "2023-01-28T14:44:21.758418643Z"
},
"md-maler.de": {
"record_type": "A",
"resolved_at": "2023-01-22T14:21:59.153108314Z"
},
"pop.frauenhofpalais.de": {
"record_type": "A",
"resolved_at": "2023-01-03T14:08:14.183284739Z"
},
"www.euro-top-one.de": {
"record_type": "A",
"resolved_at": "2023-01-26T14:44:14.463248532Z"
},
"hug-sz.de": {
"record_type": "A",
"resolved_at": "2023-01-28T14:23:20.506044845Z"
},
"christineputz.de": {
"record_type": "A",
"resolved_at": "2023-01-16T14:45:52.313436674Z"
},
"www.dr-bierl.de": {
"record_type": "A",
"resolved_at": "2023-01-19T14:01:48.918784887Z"
},
"mail1.john-bader.de": {
"record_type": "A",
"resolved_at": "2023-01-29T14:37:38.987090200Z"
},
"www.minihold.de": {
"record_type": "A",
"resolved_at": "2023-01-05T14:31:29.926701351Z"
},
"www.matthias-fischbach.de": {
"record_type": "A",
"resolved_at": "2023-01-18T14:26:32.014418961Z"
},
"livesol.de": {
"record_type": "A",
"resolved_at": "2023-01-28T14:24:36.323885743Z"
},
"pop.elli-bader.de": {
"record_type": "A",
"resolved_at": "2023-01-16T14:46:18.418827285Z"
},
"www.hug-sz.de": {
"record_type": "A",
"resolved_at": "2023-01-08T14:14:43.825831890Z"
},
"www.pflegequalitaet-schulz.de": {
"record_type": "A",
"resolved_at": "2023-01-28T14:24:57.163274954Z"
},
"www.schornsteinfeger-ordowski.de": {
"record_type": "A",
"resolved_at": "2023-01-20T15:30:45.957320275Z"
},
"mail1.tanjabauer-uebersetzt.de": {
"record_type": "A",
"resolved_at": "2023-01-09T14:29:38.453098620Z"
},
"malerbetriebmueller.de": {
"record_type": "A",
"resolved_at": "2023-01-24T14:10:19.646039620Z"
},
"www.macstreff.de": {
"record_type": "A",
"resolved_at": "2023-01-25T14:36:14.555232633Z"
},
"www.euro-top-one.net": {
"record_type": "A",
"resolved_at": "2023-01-29T16:33:52.810761496Z"
},
"www.mit-kidz.de": {
"record_type": "A",
"resolved_at": "2023-01-12T14:07:27.190794132Z"
},
"www.brauer-tischlerei.de": {
"record_type": "A",
"resolved_at": "2023-01-26T14:42:09.940108768Z"
},
"smtp.synoptikfibel.de": {
"record_type": "A",
"resolved_at": "2023-01-24T14:13:13.734535467Z"
},
"smtp.bader.systems": {
"record_type": "A",
"resolved_at": "2023-01-16T17:47:54.682330794Z"
},
"kaiser-schornsteinfeger.de": {
"record_type": "A",
"resolved_at": "2023-01-08T06:23:54.231468537Z"
},
"tanjabauer-uebersetzt.de": {
"record_type": "A",
"resolved_at": "2023-01-06T14:24:41.045079299Z"
},
"bader.systems": {
"record_type": "A",
"resolved_at": "2023-01-20T18:10:20.820756927Z"
},
"www.frauenhofpalais.de": {
"record_type": "A",
"resolved_at": "2023-01-18T14:25:08.014532029Z"
},
"mit-kidz.de": {
"record_type": "A",
"resolved_at": "2023-01-19T14:03:02.033620434Z"
},
"www.elli-bader.de": {
"record_type": "A",
"resolved_at": "2022-12-29T14:21:59.513563450Z"
},
"pop.bader.systems": {
"record_type": "A",
"resolved_at": "2023-01-27T17:37:40.357677535Z"
},
"mail1.elli-john.de": {
"record_type": "A",
"resolved_at": "2023-01-02T14:12:35.944472966Z"
},
"smtp.minihold.de": {
"record_type": "A",
"resolved_at": "2022-12-11T14:30:27.079754842Z"
},
"www.energieberater-ordowski.de": {
"record_type": "A",
"resolved_at": "2023-01-19T16:41:19.868516213Z"
},
"dr-bierl.de": {
"record_type": "A",
"resolved_at": "2023-01-29T14:36:40.970584979Z"
},
"energieberater-ordowski.de": {
"record_type": "A",
"resolved_at": "2023-01-29T14:36:36.352208977Z"
},
"www.synoptikfibel.de": {
"record_type": "A",
"resolved_at": "2023-01-21T14:39:51.758749221Z"
},
"pop.synoptikfibel.de": {
"record_type": "A",
"resolved_at": "2023-01-12T14:11:06.830140763Z"
},
"smtp.elli-bader.de": {
"record_type": "A",
"resolved_at": "2023-01-25T14:34:37.914046244Z"
},
"www.malerbetriebmueller.de": {
"record_type": "A",
"resolved_at": "2023-01-06T14:21:17.811924494Z"
},
"mail2.john-bader.de": {
"record_type": "A",
"resolved_at": "2023-01-12T14:07:19.825414369Z"
}
},
"reverse_dns": {
"names": [
"server2.webgo24.de"
],
"resolved_at": "2023-01-31T21:23:16.356619773Z"
}
},
"last_updated_at": "2023-02-01T17:50:47.375Z"
}