91.203.144.131

As of: Mar 31, 2023 3:55pm UTC | Latest

Basic Information

OS: Red Hat Enterprise Linux 7
Network: GOODNET-AS (UA)
Routing: 91.203.144.0/22 via AS45045
Protocols: 21/FTP , 25/SMTP , 53/DNS , 80/HTTP , 110/POP3 , 143/IMAP , 443/HTTP , 587/SMTP , 993/IMAP , 995/POP3 , 2222/HTTP , 55577/SSH
Labels: email , file-sharing , remote-access

21/FTP TCP
Observed Mar 30, 2023 at 2:38am UTC

View All Data

Labels

File Sharing

Software

linux

PureFTPd Pure-FTPd

Details

Banner

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 04:38. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.

Auth TLS Response

234 AUTH TLS OK.

Status Code

220

Status Meaning

Service ready for new user.

TLS

JA3S: e58f0b3c1e9eefb8ee4f92aeceee5858
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

25/SMTP TCP
Observed Mar 30, 2023 at 1:49am UTC

View All Data

Labels

Email

Software

linux

exim

Details

Banner

220 sky.goodnet.ua ESMTP Exim 4.96-58-g4e9ed49f8 Thu, 30 Mar 2023 04:49:22 +0300

EHLO

250-sky.goodnet.ua Hello scanner-09.ch1.censys-scanner.com [167.248.133.51]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP

Start TLS

220 TLS go ahead

TLS

JA3S: f9a66afdd1f499d415ca470974ec00c8
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

53/DNS UDP
Observed Mar 30, 2023 at 8:50pm UTC

View All Data

Software

ISC BIND 9.11.4-P2

Red Hat Enterprise Linux 7

Details

Server Type: FORWARDING
Resolves Correctly: True
R Code: SUCCESS

80/HTTP TCP
Observed Mar 30, 2023 at 1:54am UTC

View All Data Go

Software

nginx

Details

http://91.203.144.131

Request

GET /

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:9e18d2a2d27125aa704a882e14c345253c0f9d9f

HTML Title

Shared IP

Response Body

#

This IP is being shared among many domains

IP

To view the domain you are looking for, simply enter the domain name in the
location bar of your web browser.

Powered by

[ ](https://www.directadmin.com)

110/POP3 TCP
Observed Mar 31, 2023 at 1:32am UTC

View All Data

Labels

Email

Software

linux

Dovecot

Details

Banner

+OK Dovecot DA ready.

Start TLS

+OK Begin TLS negotiation now.

TLS

JA3S: f9a66afdd1f499d415ca470974ec00c8
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

143/IMAP TCP
Observed Mar 31, 2023 at 9:58am UTC

View All Data

Labels

Email

Software

linux

Dovecot

Details

Banner

* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN] Dovecot DA ready.

Start TLS

a001 OK Begin TLS negotiation now.

TLS

JA3S: f9a66afdd1f499d415ca470974ec00c8
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

443/HTTP TCP
Observed Mar 30, 2023 at 10:06am UTC

View All Data Go

Software

nginx

Details

https://91.203.144.131

Request

GET /

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:9e18d2a2d27125aa704a882e14c345253c0f9d9f

HTML Title

Shared IP

Response Body

#

This IP is being shared among many domains

IP

To view the domain you are looking for, simply enter the domain name in the
location bar of your web browser.

Powered by

[ ](https://www.directadmin.com)

TLS

JARM: 27d27d27d00027d00027d27d27d27d240f02438bda2f593609b67b1dfb3516
JA3S: ea4ac9a2c0ba2e422112132cdbb985ea
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

587/SMTP TCP
Observed Mar 30, 2023 at 6:26am UTC

View All Data

Labels

Email

Software

linux

exim

Details

Banner

220 sky.goodnet.ua ESMTP Exim 4.96-58-g4e9ed49f8 Thu, 30 Mar 2023 09:26:48 +0300

EHLO

250-sky.goodnet.ua Hello scanner-26.ch1.censys-scanner.com [167.248.133.125]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP

Start TLS

220 TLS go ahead

TLS

JA3S: f9a66afdd1f499d415ca470974ec00c8
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

993/IMAP TCP
Observed Mar 31, 2023 at 3:55pm UTC

View All Data

Labels

Email

Software

linux

Dovecot

Details

Banner

* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.

TLS

JARM: 27d28d28d00028d00027d28d27d28d5367dd7e1b5519f6c6bcd2f69e963253
JA3S: f9a66afdd1f499d415ca470974ec00c8
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

995/POP3 TCP
Observed Mar 30, 2023 at 4:42pm UTC

View All Data

Labels

Email

Software

linux

Dovecot

Details

Banner

+OK Dovecot DA ready.

TLS

JA3S: f9a66afdd1f499d415ca470974ec00c8
Version Selected: TLSv1_2
Cipher Selected: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

2222/HTTP TCP
Observed Mar 30, 2023 at 7:21pm UTC

View All Data Go

Details

https://91.203.144.131:2222

Request

GET /

Protocol

HTTP/1.1

Status Code

200

Status Reason

Body Hash

sha1:1ed3a2804431265d33a7ba91c5188d3ce4b5c8c4

HTML Title

Вход в DirectAdmin

Response Body

  
  
  
  

# Форма входа в DirectAdmin

Пожалуйста введите ваш логин и пароль  
---  
Логин:|  
Пароль:|

TLS

JARM: 40d40d40d00000000043d40d40d43da936ab0256fab25eca082941d14e3ece
JA3S: 475c9302dc42b2751db9edcac3b74891
Version Selected: TLSv1_3
Cipher Selected: TLS_CHACHA20_POLY1305_SHA256

55577/SSH TCP
Observed Mar 30, 2023 at 1:54am UTC

View All Data

Labels

Remote Access

Software

OpenBSD OpenSSH 7.4

Details

Algorithm: ecdsa-sha2-nistp256
Fingerprint: b90cc5ecfdf330897d9f9371c2ce3640844ceb9d12fbde3486c9ebf15a6f5d41
Key Exchange: [email protected]
Symmetric Cipher: aes128-ctr [] aes128-ctr []
MAC: hmac-sha2-256 [] hmac-sha2-256 []

Geographic Location

City: Bucha
Province: Kyiv Oblast
Country: Ukraine (UA)
Coordinates: 50.5454, 30.2173
Timezone: Europe/Kyiv

91.203.144.131

Basic Information

21/FTP TCP Observed Mar 30, 2023 at 2:38am UTC

Labels

File Sharing

Software

linux

PureFTPd Pure-FTPd

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

25/SMTP TCP Observed Mar 30, 2023 at 1:49am UTC

Labels

Email

Software

linux

exim

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

53/DNS UDP Observed Mar 30, 2023 at 8:50pm UTC

Software

ISC BIND 9.11.4-P2

Red Hat Enterprise Linux 7

Details

80/HTTP TCP Observed Mar 30, 2023 at 1:54am UTC

Software

nginx

Details

http://91.203.144.131

110/POP3 TCP Observed Mar 31, 2023 at 1:32am UTC

Labels

Email

Software

linux

Dovecot

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

143/IMAP TCP Observed Mar 31, 2023 at 9:58am UTC

Labels

Email

Software

linux

Dovecot

Details

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

443/HTTP TCP Observed Mar 30, 2023 at 10:06am UTC

Software

nginx

Details

https://91.203.144.131

TLS

Fingerprint

Handshake

Leaf Certificate

Issuer Chain

587/SMTP TCP Observed Mar 30, 2023 at 6:26am UTC

Labels

Email

Software

linux

exim

Details

TLS

Fingerprint

Handshake

21/FTP TCP
Observed Mar 30, 2023 at 2:38am UTC

25/SMTP TCP
Observed Mar 30, 2023 at 1:49am UTC

53/DNS UDP
Observed Mar 30, 2023 at 8:50pm UTC

80/HTTP TCP
Observed Mar 30, 2023 at 1:54am UTC

110/POP3 TCP
Observed Mar 31, 2023 at 1:32am UTC

143/IMAP TCP
Observed Mar 31, 2023 at 9:58am UTC

443/HTTP TCP
Observed Mar 30, 2023 at 10:06am UTC

587/SMTP TCP
Observed Mar 30, 2023 at 6:26am UTC

993/IMAP TCP
Observed Mar 31, 2023 at 3:55pm UTC

995/POP3 TCP
Observed Mar 30, 2023 at 4:42pm UTC

2222/HTTP TCP
Observed Mar 30, 2023 at 7:21pm UTC

55577/SSH TCP
Observed Mar 30, 2023 at 1:54am UTC