2.59.134.219

As of: Dec 08, 2022 7:22am UTC | Latest

Basic Information

Reverse DNS
v46790.php-friends.de
OS
Ubuntu Linux 18.04
Network
DATAFOREST (DE)
Routing
2.59.132.0/22  via  AS58212
Protocols
21/FTP , 25/SMTP , 53/DNS , 80/HTTP , 110/POP3 , 143/IMAP , 443/HTTP , 465/SMTP , 993/IMAP , 995/POP3 , 4190/PIGEONHOLE , 6556/UNKNOWN , 7080/HTTP , 7081/HTTP , 8443/HTTP , 8880/HTTP , 19812/SSH

21/FTP TCP
Observed Dec 07, 2022 at 9:48am UTC


View All Data

Software

ProFTPD Project ProFTPD
linux

Details

Banner
220 ProFTPD Server (ProFTPD) [2.59.134.219]
Auth TLS Response
234 AUTH TLS successful
Status Code
220
Status Meaning
Service ready for new user.

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
b1ad249aeb8cb2dfac75756a78c5d979750a5a8e7a57b8c124b1b5bdd731efce
CN=v46790.php-friends.de
C=US, O=Let's Encrypt, CN=R3
Issuer Chain

25/SMTP TCP
Observed Dec 07, 2022 at 5:03pm UTC


View All Data

Software

Postfix

Details

Banner
220 v46790.php-friends.de ESMTP Postfix
EHLO
250-v46790.php-friends.de
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
Start TLS
220 2.0.0 Ready to start TLS

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
b1ad249aeb8cb2dfac75756a78c5d979750a5a8e7a57b8c124b1b5bdd731efce
CN=v46790.php-friends.de
C=US, O=Let's Encrypt, CN=R3
Issuer Chain

53/DNS UDP
Observed Dec 07, 2022 at 11:00pm UTC


View All Data

Details

Server Type
AUTHORITATIVE
R Code
REFUSED

80/HTTP TCP
Observed Dec 07, 2022 at 7:49am UTC


View All Data Go

Software

nginx

Details

http://2.59.134.219
Request
GET /
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:daa369c4bf3b2c10273927d74e7acc42c170954e
HTML Title
Web Server's Default Page
Response Body
You see this page because there is no Web site at this address.

110/POP3 TCP
Observed Dec 07, 2022 at 1:44pm UTC


View All Data

Software

linux
Dovecot

Details

Banner
+OK Dovecot ready. <[email protected]>
Start TLS
+OK Begin TLS negotiation now.

TLS

Fingerprint
JA3S
15af977ce25de452b96affa2addb1036
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Leaf Certificate
b1ad249aeb8cb2dfac75756a78c5d979750a5a8e7a57b8c124b1b5bdd731efce
CN=v46790.php-friends.de
C=US, O=Let's Encrypt, CN=R3
Issuer Chain

143/IMAP TCP
Observed Dec 08, 2022 at 7:22am UTC


View All Data

Software

linux

Details

Banner
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
Start TLS
a001 OK Begin TLS negotiation now.

TLS

Fingerprint
JA3S
15af977ce25de452b96affa2addb1036
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Leaf Certificate
b1ad249aeb8cb2dfac75756a78c5d979750a5a8e7a57b8c124b1b5bdd731efce
CN=v46790.php-friends.de
C=US, O=Let's Encrypt, CN=R3
Issuer Chain

443/HTTP TCP
Observed Dec 07, 2022 at 4:11pm UTC


View All Data Go

Software

nginx

Details

https://2.59.134.219
Request
GET /login_up.php
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:695b4b4f176ba9d2d313f5fdec9c8a764cc3a82a
HTML Title
Plesk Obsidian 18.0.48
Response Body

465/SMTP TCP
Observed Dec 08, 2022 at 2:47am UTC


View All Data

Software

linux
Postfix

Details

Banner
220 v46790.php-friends.de ESMTP Postfix
EHLO
250-v46790.php-friends.de
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING

TLS

Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
b1ad249aeb8cb2dfac75756a78c5d979750a5a8e7a57b8c124b1b5bdd731efce
CN=v46790.php-friends.de
C=US, O=Let's Encrypt, CN=R3
Issuer Chain

993/IMAP TCP
Observed Dec 06, 2022 at 11:22pm UTC


View All Data

Details

Banner
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.

995/POP3 TCP
Observed Dec 06, 2022 at 3:44pm UTC


View All Data

Software

Dovecot

Details

Banner
+OK Dovecot ready. <[email protected]>

TLS

Fingerprint
JA3S
15af977ce25de452b96affa2addb1036
Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Leaf Certificate
b1ad249aeb8cb2dfac75756a78c5d979750a5a8e7a57b8c124b1b5bdd731efce
CN=v46790.php-friends.de
C=US, O=Let's Encrypt, CN=R3
Issuer Chain

4190/PIGEONHOLE TCP
Observed Dec 07, 2022 at 5:03pm UTC


View All Data

Software

linux

Details

Banner
"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4

6556/UNKNOWN TCP
Observed Dec 08, 2022 at 7:08am UTC


View All Data

Software

linux

Details

Banner
<<<check_mk>>>

7080/HTTP TCP
Observed Dec 07, 2022 at 4:51am UTC


View All Data Go

Software

Apache HTTPD

Details

http://2.59.134.219:7080
Request
GET /
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:daa369c4bf3b2c10273927d74e7acc42c170954e
HTML Title
Web Server's Default Page
Response Body
You see this page because there is no Web site at this address.

7081/HTTP TCP
Observed Dec 06, 2022 at 3:23pm UTC


View All Data Go

Software

linux
Apache HTTPD

Details

https://2.59.134.219:7081
Request
GET /
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:daa369c4bf3b2c10273927d74e7acc42c170954e
HTML Title
Web Server's Default Page
Response Body
You see this page because there is no Web site at this address.

TLS

Fingerprint
JARM
29d29d15d29d29d00029d29d29d29d6ec53d77bd8a94aca32ce8d30b67ca95
JA3S
ccc514751b175866924439bdbb5bba34
Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Leaf Certificate
b1ad249aeb8cb2dfac75756a78c5d979750a5a8e7a57b8c124b1b5bdd731efce
CN=v46790.php-friends.de
C=US, O=Let's Encrypt, CN=R3
Issuer Chain

8443/HTTP TCP
Observed Dec 08, 2022 at 2:40am UTC


View All Data Go

Software

Parallels Plesk Panel
Parallels Plesk

Details

https://2.59.134.219:8443
Request
GET /login_up.php
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:d2419c6645d1908e792f8005c5e66e766c0ae96c
HTML Title
Plesk Obsidian 18.0.48
Response Body

8880/HTTP TCP
Observed Dec 07, 2022 at 9:02pm UTC


View All Data Go

Software

Parallels Plesk Panel
Parallels Plesk

Details

http://2.59.134.219:8880
Request
GET /login_up.php
Protocol
HTTP/1.1
Status Code
200
Status Reason
OK
Body Hash
sha1:81d84784fed6c49b5e163a4afb25945b89b3d7a6
HTML Title
Plesk Obsidian 18.0.48
Response Body

19812/SSH TCP
Observed Dec 06, 2022 at 3:22pm UTC


View All Data

Software

Ubuntu Linux 18.04
OpenBSD OpenSSH 7.6

Details

Host Key
Algorithm
ecdsa-sha2-nistp256
Fingerprint
5d44a491751920b664ae00d8679ab2607d8a0af8e65ef1744acbe9af5b44786b
Negotiated
Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] aes128-ctr []
MAC
hmac-sha2-256 [] hmac-sha2-256 []

Geographic Location

Country
Germany (DE)
Coordinates
51.2993, 9.491
Timezone
Europe/Berlin