212.48.71.198

As of: Mar 21, 2023 9:23pm UTC | Latest

Basic Information

Reverse DNS: 799452.vps-10.com
Network: GD-EMEA-DC-LD5 (DE)
Routing: 212.48.70.0/23 via AS20738
Protocols: 21/FTP , 22/SSH , 25/SMTP , 53/DNS , 80/HTTP , 110/POP3 , 111/PORTMAP , 143/IMAP , 443/HTTP , 465/SMTP , 587/SMTP , 993/IMAP , 995/POP3 , 4190/PIGEONHOLE , 7080/HTTP , 7081/HTTP , 8443/HTTP , 8880/HTTP
Labels: Email , File Sharing , Remote Access

21/FTP TCP
Observed Mar 20, 2023 at 4:38pm UTC

View All Data

Labels

File Sharing

Software

ProFTPD Project ProFTPD

Details

Banner

220 ProFTPD Server (ProFTPD) [212.48.71.198]

Auth TLS Response

234 AUTH TLS successful

Status Code

220

Status Meaning

Service ready for new user.

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

22/SSH TCP
Observed Mar 20, 2023 at 5:33pm UTC

View All Data

Labels

Remote Access

Software

OpenBSD OpenSSH 5.3

Details

Algorithm: ssh-rsa
Fingerprint: a15391079e7c6435d2ee88dedcf3ba0077a9eb9c1bff027bea018fe95a411390
Key Exchange: diffie-hellman-group14-sha1
Symmetric Cipher: aes128-ctr [] aes128-ctr []
MAC: hmac-sha2-256 [] hmac-sha2-256 []

25/SMTP TCP
Observed Mar 21, 2023 at 4:27pm UTC

View All Data

Labels

Email

Software

Postfix

Details

Banner

220 799452.vps-10.com ESMTP Postfix

EHLO

250-799452.vps-10.com
250-PIPELINING
250-SIZE 15360000
250-ETRN
250-STARTTLS
250-AUTH PLAIN CRAM-MD5 DIGEST-MD5 LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

Start TLS

220 2.0.0 Ready to start TLS

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

53/DNS UDP
Observed Mar 19, 2023 at 5:33pm UTC

View All Data

Details

Server Type: AUTHORITATIVE
R Code: REFUSED

80/HTTP TCP
Observed Mar 21, 2023 at 2:18am UTC

View All Data Go

Software

nginx

Details

http://212.48.71.198

Request

GET /

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:f7c43a0eb3fb68e309a65446f1ebee738e81b4ba

HTML Title

Welcome to evolve

Response Body









![evolve Logo](logo.png)

110/POP3 TCP
Observed Mar 20, 2023 at 12:12pm UTC

View All Data

Labels

Email

Software

Dovecot

Details

Banner

+OK Dovecot ready. <[email protected]>

Start TLS

+OK Begin TLS negotiation now.

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

111/PORTMAP UDP
Observed Mar 20, 2023 at 11:53pm UTC

View All Data

Details

Banner (Hex)

  00000000
00000010
00000020
00000030
00000040
00000050
00000060
00000070
00000080
00000090
1a a9 ff e1 00 00 00 01  00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00  00 00 00 01 00 01 86 a0 
00 00 00 04 00 00 00 06  00 00 00 6f 00 00 00 01 
00 01 86 a0 00 00 00 03  00 00 00 06 00 00 00 6f 
00 00 00 01 00 01 86 a0  00 00 00 02 00 00 00 06 
00 00 00 6f 00 00 00 01  00 01 86 a0 00 00 00 04 
00 00 00 11 00 00 00 6f  00 00 00 01 00 01 86 a0 
00 00 00 03 00 00 00 11  00 00 00 6f 00 00 00 01 
00 01 86 a0 00 00 00 02  00 00 00 11 00 00 00 6f 
00 00 00 00                                      
................
................
...........o....
...............o
................
...o............
.......o........
...........o....
...............o
....

143/IMAP TCP
Observed Mar 20, 2023 at 11:53pm UTC

View All Data

Labels

Email

Details

Banner

* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.

Start TLS

a001 OK Begin TLS negotiation now.

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

443/HTTP TCP
Observed Mar 21, 2023 at 8:30am UTC

View All Data Go

Software

nginx

Details

https://212.48.71.198

Request

GET /

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:f7c43a0eb3fb68e309a65446f1ebee738e81b4ba

HTML Title

Welcome to evolve

Response Body









![evolve Logo](logo.png)

TLS

JARM: 29d29d00029d29d21c42d42d000000307ee0eb468e9fdb5cfcd698a80a67ef
JA3S: 15af977ce25de452b96affa2addb1036
Version Selected: TLSv1_3
Cipher Selected: TLS_AES_256_GCM_SHA384

465/SMTP TCP
Observed Mar 21, 2023 at 3:00am UTC

View All Data

Labels

Email

Software

Postfix

Details

Banner

220 799452.vps-10.com ESMTP Postfix

EHLO

250-799452.vps-10.com
250-PIPELINING
250-SIZE 15360000
250-ETRN
250-AUTH PLAIN CRAM-MD5 DIGEST-MD5 LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

587/SMTP TCP
Observed Mar 20, 2023 at 11:53pm UTC

View All Data

Labels

Email

Software

Postfix

Details

Banner

220 799452.vps-10.com ESMTP Postfix

EHLO

250-799452.vps-10.com
250-PIPELINING
250-SIZE 15360000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

Start TLS

220 2.0.0 Ready to start TLS

TLS

JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

993/IMAP TCP
Observed Mar 20, 2023 at 6:06pm UTC

View All Data

Labels

Email

Details

Banner

* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.

TLS

JARM: 29d29d15d29d29d21c29d29d29d29d579b2ec9bfaf00aff9d6fe780b7932ae
JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

995/POP3 TCP
Observed Mar 20, 2023 at 7:51am UTC

View All Data

Labels

Email

Software

Dovecot

Details

Banner

+OK Dovecot ready. <15af.1.64181069.OHf0DWTUaFMZoE8h6/[email protected]>

TLS

JARM: 29d29d15d29d29d21c29d29d29d29d579b2ec9bfaf00aff9d6fe780b7932ae
JA3S: 303951d4c50efb2e991652225a6f02b1
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

4190/PIGEONHOLE TCP
Observed Mar 19, 2023 at 6:50pm UTC

View All Data

Labels

Email

Details

Banner

"IMPLEMENTATION" "Dovecot Pigeonhole"
"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4

7080/HTTP TCP
Observed Mar 20, 2023 at 1:23pm UTC

View All Data Go

Software

Apache HTTPD

Details

http://212.48.71.198:7080

Request

GET /

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:f7c43a0eb3fb68e309a65446f1ebee738e81b4ba

HTML Title

Welcome to evolve

Response Body









![evolve Logo](logo.png)

7081/HTTP TCP
Observed Mar 20, 2023 at 11:53pm UTC

View All Data Go

Software

Apache HTTPD

Details

https://212.48.71.198:7081

Request

GET /

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:f7c43a0eb3fb68e309a65446f1ebee738e81b4ba

HTML Title

Welcome to evolve

Response Body









![evolve Logo](logo.png)

TLS

JARM: 29d29d15d29d29d21c29d29d29d29dc80334825071f8ff93376ac14c5a331f
JA3S: ccc514751b175866924439bdbb5bba34
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

8443/HTTP TCP
Observed Mar 20, 2023 at 7:17pm UTC

View All Data Go

Software

Parallels Plesk Panel

Parallels Plesk

Details

https://212.48.71.198:8443

Request

GET /login_up.php

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:54d4cec6a95f0e0f1ef21764087092ebe067df92

HTML Title

Plesk Obsidian 18.0.30

Response Body

TLS

JARM: 29d29d00029d29d21c29d29d29d29d2cf081a3b5014b9d10e7b0d1db5c5635
JA3S: ccc514751b175866924439bdbb5bba34
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

8880/HTTP TCP
Observed Mar 21, 2023 at 4:15pm UTC

View All Data Go

Software

Parallels Plesk Panel

Parallels Plesk

Details

http://212.48.71.198:8880

Request

GET /login_up.php

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:c2ba40c47f2b1b321aeee5caf51ab864c642014b

HTML Title

Plesk Obsidian 18.0.30

Response Body

Geographic Location

City: Leeds
Province: England
Country: United Kingdom (GB)
Coordinates: 53.7881, -1.6008
Timezone: Europe/London

212.48.71.198

Basic Information

21/FTP TCP Observed Mar 20, 2023 at 4:38pm UTC

Labels

File Sharing

Software

ProFTPD Project ProFTPD

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

22/SSH TCP Observed Mar 20, 2023 at 5:33pm UTC

Labels

Remote Access

Software

OpenBSD OpenSSH 5.3

Details

Host Key

Negotiated

25/SMTP TCP Observed Mar 21, 2023 at 4:27pm UTC

Labels

Email

Software

Postfix

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

53/DNS UDP Observed Mar 19, 2023 at 5:33pm UTC

Details

80/HTTP TCP Observed Mar 21, 2023 at 2:18am UTC

Software

nginx

Details

http://212.48.71.198

110/POP3 TCP Observed Mar 20, 2023 at 12:12pm UTC

Labels

Email

Software

Dovecot

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

111/PORTMAP UDP Observed Mar 20, 2023 at 11:53pm UTC

Details

Banner (Hex)

143/IMAP TCP Observed Mar 20, 2023 at 11:53pm UTC

Labels

Email

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

443/HTTP TCP Observed Mar 21, 2023 at 8:30am UTC

Software

nginx

Details

https://212.48.71.198

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

465/SMTP TCP Observed Mar 21, 2023 at 3:00am UTC

Labels

Email

Software

Postfix

Details

TLS

Fingerprint

21/FTP TCP
Observed Mar 20, 2023 at 4:38pm UTC

22/SSH TCP
Observed Mar 20, 2023 at 5:33pm UTC

25/SMTP TCP
Observed Mar 21, 2023 at 4:27pm UTC

53/DNS UDP
Observed Mar 19, 2023 at 5:33pm UTC

80/HTTP TCP
Observed Mar 21, 2023 at 2:18am UTC

110/POP3 TCP
Observed Mar 20, 2023 at 12:12pm UTC

111/PORTMAP UDP
Observed Mar 20, 2023 at 11:53pm UTC

143/IMAP TCP
Observed Mar 20, 2023 at 11:53pm UTC

443/HTTP TCP
Observed Mar 21, 2023 at 8:30am UTC

465/SMTP TCP
Observed Mar 21, 2023 at 3:00am UTC

587/SMTP TCP
Observed Mar 20, 2023 at 11:53pm UTC

993/IMAP TCP
Observed Mar 20, 2023 at 6:06pm UTC

995/POP3 TCP
Observed Mar 20, 2023 at 7:51am UTC

4190/PIGEONHOLE TCP
Observed Mar 19, 2023 at 6:50pm UTC

7080/HTTP TCP
Observed Mar 20, 2023 at 1:23pm UTC

7081/HTTP TCP
Observed Mar 20, 2023 at 11:53pm UTC

8443/HTTP TCP
Observed Mar 20, 2023 at 7:17pm UTC

8880/HTTP TCP
Observed Mar 21, 2023 at 4:15pm UTC