Limited Time Beta Program Access: Censys Internet Intelligence Platform is here!

23.94.44.162

As of: Jan 13, 2025 1:06pm UTC | Latest

Basic Information

Reverse DNS
23-94-44-162-host.colocrossing.com
Forward DNS
visualstudiotoolscdn.com
Routing
23.94.44.0/24  via AS-COLOCROSSING, US (AS36352)
OS
Debian Linux
Services (5)
21/FTP, 22/SSH, 80/HTTP, 443/HTTP, 8443/UNKNOWN
Labels
C2 Default Landing Page File Sharing Remote Access

FTP 21/TCP
01/12/2025 08:13 UTC

File Sharing

Software

linux
vsFTPd Project vsFTPd 3.0.5

Details

Banner
220 (vsFTPd 3.0.5)
Auth TLS Response
530 Please login with USER and PASS.
Auth SSL Response
530 Please login with USER and PASS.
Status Code
220
Status Meaning
Service ready for new user.

SSH 22/TCP
01/12/2025 10:31 UTC

Remote Access

Software

linux
OpenBSD OpenSSH 9.6p1
Debian Linux

Details

Host Key
Algorithm
ecdsa-sha2-nistp256
Fingerprint
d7f207f386b2b8b6c0aa6901c42345cea77e071e09dd21fb7643a994f2fddaf2
Negotiated
Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] aes128-ctr []
MAC
hmac-sha2-256 [] hmac-sha2-256 []

HTTP 80/TCP
01/13/2025 05:47 UTC

Default Landing Page

Software

Apache HTTPD 2.4.58
Debian Linux

Details

http://23.94.44.162/
Status
200  OK
Body Hash
sha1:d23f3a5389aee902652b149cbe2474a12c57fa5a
HTML Title
Apache2 Debian Default Page: It works
Response Body
      ![Debian Logo](/icons/openlogo-75.png) Apache2 Debian Default Page

It works!

This is the default welcome page used to test the correct operation of the
Apache2 server after installation on Debian systems. If you can read this
page, it means that the Apache HTTP server installed at this site is working
properly. You should **replace this file** (located at
`/var/www/html/index.html`) before continuing to operate your HTTP server.

If you are a normal user of this web site and don't know what this page is
about, this probably means that the site is currently unavailable due to
maintenance. If the problem persists, please contact the site's administrator.

Configuration Overview

Debian's Apache2 default configuration is different from the upstream default
configuration, and split into several files optimized for interaction with
Debian tools. The configuration system is **fully documented in
/usr/share/doc/apache2/README.Debian.gz**. Refer to this for the full
documentation. Documentation for the web server itself can be found by
accessing the [manual](/manual) if the `apache2-doc` package was installed on
this server.

The configuration layout for an Apache2 web server installation on Debian
systems is as follows:

    
    
    /etc/apache2/
    |-- apache2.conf
    |       `--  ports.conf
    |-- mods-enabled
    |       |-- *.load
    |       `-- *.conf
    |-- conf-enabled
    |       `-- *.conf
    |-- sites-enabled
    |       `-- *.conf
              

  * `apache2.conf` is the main configuration file. It puts the pieces together by including all remaining configuration files when starting up the web server. 
  * `ports.conf` is always included from the main configuration file. It is used to determine the listening ports for incoming connections, and this file can be customized anytime. 
  * Configuration files in the `mods-enabled/`, `conf-enabled/` and `sites-enabled/` directories contain particular configuration snippets which manage modules, global configuration fragments, or virtual host configurations, respectively. 
  * They are activated by symlinking available configuration files from their respective *-available/ counterparts. These should be managed by using our helpers ` a2enmod, a2dismod, ` ` a2ensite, a2dissite, ` and ` a2enconf, a2disconf `. See their respective man pages for detailed information. 
  * The binary is called apache2. Due to the use of environment variables, in the default configuration, apache2 needs to be started/stopped with `/etc/init.d/apache2` or `apache2ctl`. **Calling` /usr/bin/apache2` directly will not work** with the default configuration. 

Document Roots

By default, Debian does not allow access through the web browser to _any_ file
apart of those located in `/var/www`,
[public_html](http://httpd.apache.org/docs/2.4/mod/mod_userdir.html)
directories (when enabled) and `/usr/share` (for web applications). If your
site is using a web document root located elsewhere (such as in `/srv`) you
may need to whitelist your document root directory in
`/etc/apache2/apache2.conf`.

The default Debian document root is `/var/www/html`. You can make your own
virtual hosts under /var/www. This is different to previous releases which
provides better security out of the box.

Reporting Problems

Please use the `reportbug` tool to report bugs in the Apache2 package with
Debian. However, check [existing bug reports](http://bugs.debian.org/cgi-
bin/pkgreport.cgi?ordering=normal;archive=0;src=apache2;repeatmerged=0) before
reporting a new bug.

Please report bugs specific to modules (such as PHP and others) to respective
packages, not to the web server itself.
    

HTTP 443/TCP
01/13/2025 13:00 UTC


Software

Apache HTTPD 2.4.58
Debian Linux

Details

http://23.94.44.162:443/
Status
400  Bad Request
Body Hash
sha1:a1aa0c989a79fdc82429fc9a93e9f0ed1ec9be94
HTML Title
400 Bad Request
Response Body
      # Bad Request

Your browser sent a request that this server could not understand.  
Reason: You're speaking plain HTTP to an SSL-enabled server port.  
Instead use the HTTPS scheme to access this URL, please.  

* * *

Apache/2.4.58 (Debian) Server at visualstudiotoolscdn.com Port 80
    

UNKNOWN 8443/TCP
01/13/2025 13:06 UTC

C2

Software

linux
Sliver

Details

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_CHACHA20_POLY1305_SHA256
Certificate
Fingerprint
df84282269929f3bcab953dd9cac10c8ed24f33454c6b80b641467e5a0affc02
Subject
CN=multiplayer
Issuer
CN=operators
Names
multiplayer
Fingerprint
JARM
00000000000000000043d43d00043de2a97eabb398317329f027c66e4c1b01
JA3S
475c9302dc42b2751db9edcac3b74891
JA4S
t130200_1303_a56c5b993250

Geographic Location

City
Ashburn
State
Virginia
Country
United States (US)
Coordinates
39.04372, -77.48749
Timezone
America/New_York