ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 4,480,017 in 0.220 second(s)

  • 176.9.116.5:25 (tcp/smtp) - last seen on 2024-11-21 at 08:29:50 UTC

    • IP
      176.9.116.5
      Network
      176.9.0.0/16
      Domain(s)
      vielhak.de
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      Reverse DNS
      arya.vielhak.de
      ASN
      AS24940
      Organization
      Hetzner Online GmbH
      Protocol
      smtp
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Postfix Postfix
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      81cc26cc56cdf1c523c7a992012720cf 
    • 220-smtp.vielhak.de ESMTP Postfix
521 5.5.1 Protocol error

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:29:50.000Z",
   "app" : {
      "length" : 61
   },
   "asn" : "AS24940",
   "city" : "Falkenstein",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-smtp.vielhak.de ESMTP Postfix\r\n521 5.5.1 Protocol error\r\n",
   "datamd5" : "81cc26cc56cdf1c523c7a992012720cf",
   "datammh3" : -1167105301,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "vielhak.de"
   ],
   "host" : [
      "arya"
   ],
   "hostname" : [
      "arya.vielhak.de"
   ],
   "ip" : "176.9.116.5",
   "ipv6" : "false",
   "latitude" : "50.4777",
   "location" : "50.4777,12.3649",
   "longitude" : "12.3649",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hetzner Online GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25,
   "product" : "Postfix",
   "productvendor" : "Postfix",
   "protocol" : "smtp",
   "reverse" : [
      "arya.vielhak.de"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "176.9.0.0/16",
   "tld" : [
      "de"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

  • 111.193.238.153:25 (tcp/smtp/tls) - last seen on 2024-11-21 at 08:29:41 UTC

    • IP
      111.193.238.153
      Alternative IP(s)
      111.193.237.82
      Network
      111.192.0.0/13
      Domain(s)
      synology.me
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      ASN
      AS4808
      Organization
      China Unicom Beijing Province Network
      Protocol
      smtp Cert not expired smtp
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Postfix Postfix
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      R11
      Issuer Organization
      Let's Encrypt
      Subject Common Name
      ilwei.synology.me
      Subject Alt Name
      ilwei.synology.me
      SHA256 Fingerprint
      dad25e7b6a1c2002fc23bcbd4f3c3a75baa1a8c918d86190c2a376353090876b
      Validity Not Before
      2024-11-12T22:53:31Z
      Validity Not After
      2025-02-10T22:53:30Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      926e945defa4beedc9b05df2e9db9e76 
    • 220 mail.ilwei.cn ESMTP Postfix
250-mail.ilwei.cn
250-PIPELINING
250-SIZE 10485760
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
220 2.0.0 Ready to start TLS
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:29:41.000Z",
   "alternativeip" : [
      "111.193.237.82"
   ],
   "app" : {
      "length" : 215
   },
   "asn" : "AS4808",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Beijing",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220 mail.ilwei.cn ESMTP Postfix\r\n250-mail.ilwei.cn\r\n250-PIPELINING\r\n250-SIZE 10485760\r\n250-ETRN\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250-SMTPUTF8\r\n250 CHUNKING\r\n220 2.0.0 Ready to start TLS",
   "datamd5" : "926e945defa4beedc9b05df2e9db9e76",
   "datammh3" : 856806683,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "synology.me"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "57a5df1c1bc0282f3c3f66bdaae86db0",
      "sha1" : "8c5d859303d8bf203c574bf6e5723573eca3e5a8",
      "sha256" : "dad25e7b6a1c2002fc23bcbd4f3c3a75baa1a8c918d86190c2a376353090876b"
   },
   "geolocus" : {
      "asn" : "AS4808",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "bta.net.cn",
         "chinaunicom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "UNICOM-BJ",
      "organization" : "China Unicom Beijing Province Network",
      "subnet" : "111.192.0.0/13"
   },
   "host" : [
      "ilwei"
   ],
   "hostname" : [
      "ilwei.synology.me"
   ],
   "ip" : "111.193.238.153",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "R11",
      "country" : "US",
      "organization" : "Let's Encrypt"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "39.9110",
   "location" : "39.9110,116.3950",
   "longitude" : "116.3950",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Unicom Beijing Province Network",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25,
   "product" : "Postfix",
   "productvendor" : "Postfix",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-21",
   "serial" : "04:d0:14:27:c7:f9:0e:d3:e9:79:fc:7d:0c:0d:f5:b0:04:29",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "ilwei.synology.me"
      ],
      "commonname" : "ilwei.synology.me"
   },
   "subnet" : "111.192.0.0/13",
   "tld" : [
      "me"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-02-10T22:53:30Z",
      "notbefore" : "2024-11-12T22:53:31Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 166.62.87.53:25 (tcp/smtp/tls) - last seen on 2024-11-21 at 08:29:41 UTC

    • IP
      166.62.87.53
      Network
      166.62.64.0/19
      Domain(s)
      secureserver.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      Reverse DNS
      53.87.62.166.host.secureserver.net
      ASN
      AS398101
      Organization
      GO-DADDY-COM-LLC
      Protocol
      smtp Cert not expired smtp
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Exim Exim 4.93
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      s166-62-44-5.secureserver.net
      Subject Email
      ssl@s166-62-44-5.secureserver.net
      Subject Common Name
      s166-62-44-5.secureserver.net
      Subject Alt Name
      s166-62-44-5.secureserver.net
      SHA256 Fingerprint
      2ac50c972b7a95433021026b673eb6abcf4c6f97fc4325dfc4043ff6d6de1cde
      Validity Not Before
      2024-02-27T23:11:16Z
      Validity Not After
      2025-02-26T23:11:16Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d063c263ef280053b924201bcded7a28 
    • 220-s166-62-44-5.secureserver.net ESMTP Exim 4.93 #2 Thu, 21 Nov 2024 13:29:28 +0500 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-s166-62-44-5.secureserver.net Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-STARTTLS
250 HELP
220 TLS go ahead
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:29:41.000Z",
   "app" : {
      "length" : 338
   },
   "asn" : "AS398101",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-s166-62-44-5.secureserver.net ESMTP Exim 4.93 #2 Thu, 21 Nov 2024 13:29:28 +0500 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-s166-62-44-5.secureserver.net Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "d063c263ef280053b924201bcded7a28",
   "datammh3" : 1380812619,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "secureserver.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "b0500681d0c13c29d6f3206043957416",
      "sha1" : "5d6ecb5b3364125ae184d7515d69a021b0ba9350",
      "sha256" : "2ac50c972b7a95433021026b673eb6abcf4c6f97fc4325dfc4043ff6d6de1cde"
   },
   "geolocus" : {
      "asn" : "AS398101",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "godaddy.com",
         "secureserver.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "GO-DADDY-COM-LLC",
      "organization" : "GoDaddy.com, LLC",
      "subnet" : "166.62.64.0/19"
   },
   "host" : [
      53,
      "s166-62-44-5"
   ],
   "hostname" : [
      "53.87.62.166.host.secureserver.net",
      "s166-62-44-5.secureserver.net"
   ],
   "ip" : "166.62.87.53",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "s166-62-44-5.secureserver.net",
      "email" : "ssl@s166-62-44-5.secureserver.net"
   },
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GO-DADDY-COM-LLC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.93",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "53.87.62.166.host.secureserver.net"
   ],
   "seen_date" : "2024-11-21",
   "serial" : "01:28:53:c2:4b",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subdomains" : [
      "166.host.secureserver.net",
      "62.166.host.secureserver.net",
      "87.62.166.host.secureserver.net",
      "host.secureserver.net"
   ],
   "subject" : {
      "altname" : [
         "s166-62-44-5.secureserver.net"
      ],
      "commonname" : "s166-62-44-5.secureserver.net",
      "email" : "ssl@s166-62-44-5.secureserver.net"
   },
   "subnet" : "166.62.64.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-02-26T23:11:16Z",
      "notbefore" : "2024-02-27T23:11:16Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 182.16.226.242:25 (tcp/smtp/tls) - last seen on 2024-11-21 at 08:29:41 UTC

    • IP
      182.16.226.242
      Alternative IP(s)
      182.16.226.243
      Network
      182.16.224.0/21
      Domain(s)
      atw.ne.jp
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      Reverse DNS
      internal.atw.ne.jp
      ASN
      AS37916
      Organization
      A.T.WORKS, Inc.
      Protocol
      smtp Cert not expired smtp
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Postfix Postfix
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      JPRS Domain Validation Authority - G4
      Issuer Organization
      Japan Registry Services Co., Ltd.
      Subject Common Name
      *.atw.ne.jp
      Subject Alt Name
      *.atw.ne.jp atw.ne.jp
      SHA256 Fingerprint
      d60370373859b8f5ba0e84114bc6910b81af6233cddb97b44bb0302391f941a6
      Validity Not Before
      2024-01-10T03:31:27Z
      Validity Not After
      2025-01-31T14:59:59Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      dcb89971971ad76e4cf7081af3d9a44c 
    • 220 internal.atw.ne.jp ESMTP Postfix
250-internal.atw.ne.jp
250-PIPELINING
250-SIZE 20971520
250-ETRN
250-STARTTLS
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
220 2.0.0 Ready to start TLS
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:29:41.000Z",
   "alternativeip" : [
      "182.16.226.243"
   ],
   "app" : {
      "length" : 253
   },
   "asn" : "AS37916",
   "ca" : "false",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220 internal.atw.ne.jp ESMTP Postfix\r\n250-internal.atw.ne.jp\r\n250-PIPELINING\r\n250-SIZE 20971520\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250 CHUNKING\r\n220 2.0.0 Ready to start TLS",
   "datamd5" : "dcb89971971ad76e4cf7081af3d9a44c",
   "datammh3" : -169782873,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "atw.ne.jp"
   ],
   "extkeyusage" : [
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "35ae7b529d55052ba5539136d458f2c5",
      "sha1" : "b6a36a90b9b1e9ed878588a6f0f099da4d423456",
      "sha256" : "d60370373859b8f5ba0e84114bc6910b81af6233cddb97b44bb0302391f941a6"
   },
   "geolocus" : {
      "asn" : "AS37916",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "atworks.co.jp",
         "nic.ad.jp"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "atworks",
      "organization" : "A.T.WORKS,Inc.",
      "subnet" : "182.16.224.0/21"
   },
   "host" : [
      "internal"
   ],
   "hostname" : [
      "atw.ne.jp",
      "internal.atw.ne.jp"
   ],
   "ip" : "182.16.226.242",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "JPRS Domain Validation Authority - G4",
      "country" : "JP",
      "organization" : "Japan Registry Services Co., Ltd."
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6897",
   "location" : "35.6897,139.6895",
   "longitude" : "139.6895",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "A.T.WORKS, Inc.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25,
   "product" : "Postfix",
   "productvendor" : "Postfix",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "internal.atw.ne.jp"
   ],
   "seen_date" : "2024-11-21",
   "serial" : "39:0d:fb:0b:8f:73:09:98:87:59:14:2c:dd:c3:71:3b",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "*.atw.ne.jp",
         "atw.ne.jp"
      ],
      "commonname" : "*.atw.ne.jp"
   },
   "subnet" : "182.16.224.0/21",
   "tld" : [
      "ne.jp"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-01-31T14:59:59Z",
      "notbefore" : "2024-01-10T03:31:27Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

  • 13.211.8.52:25 (tcp/smtp) - last seen on 2024-11-21 at 08:29:40 UTC

    • IP
      13.211.8.52
      Network
      13.208.0.0/13
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      Reverse DNS
      ec2-13-211-8-52.ap-southeast-2.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      smtp
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      50dcf3af7b51d8b49db07da7b64e793c 
    • 220 smtp.icloud.com Simple Mail Transfer Service Ready
250-icloud.com greets icloud.com
250-8BITMIME
250-DSN
250-SIZE
250 HELP

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:29:40.000Z",
   "app" : {
      "length" : 133
   },
   "asn" : "AS16509",
   "city" : "Sydney",
   "country" : "AU",
   "data" : "220 smtp.icloud.com Simple Mail Transfer Service Ready\r\n250-icloud.com greets icloud.com\r\n250-8BITMIME\r\n250-DSN\r\n250-SIZE\r\n250 HELP\r\n",
   "datamd5" : "50dcf3af7b51d8b49db07da7b64e793c",
   "datammh3" : 746820499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "AMAZO-SYD",
      "organization" : "Amazon Corporate Services Pty Ltd",
      "subnet" : "13.210.0.0/15"
   },
   "host" : [
      "ec2-13-211-8-52"
   ],
   "hostname" : [
      "ec2-13-211-8-52.ap-southeast-2.compute.amazonaws.com"
   ],
   "ip" : "13.211.8.52",
   "ipv6" : "false",
   "latitude" : "-33.8715",
   "location" : "-33.8715,151.2006",
   "longitude" : "151.2006",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25,
   "protocol" : "smtp",
   "reverse" : [
      "ec2-13-211-8-52.ap-southeast-2.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subdomains" : [
      "ap-southeast-2.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "13.208.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

  • 89.161.252.231:25 (tcp/smtp/tls) - last seen on 2024-11-21 at 08:29:40 UTC

    • IP
      89.161.252.231
      Alternative IP(s)
      212.85.96.183
      Network
      89.161.128.0/17
      Domain(s)
      home.pl ppk-pniewy.pl
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      Reverse DNS
      ppk-pniewy.pl
      ASN
      AS12824
      Organization
      home.pl S.A.
      Protocol
      smtp Cert not expired smtp
      Source
      datascan
    • Operating System
      Linux Linux Kernel
    • Issuer Common Name
      Certyfikat SSL
      Issuer Organization
      home.pl S.A.
      Subject Common Name
      *.home.pl
      Subject Alt Name
      *.home.pl home.pl
      SHA256 Fingerprint
      1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8
      Validity Not Before
      2024-05-22T06:16:06Z
      Validity Not After
      2025-06-21T06:16:05Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      f83eb6ca30d6aef629f40f04663e1cb6 
    • 220 ppk-pniewy.pl ESMTP Mailsystemx
250-ppk-pniewy.pl
250-PIPELINING
250-SIZE 157286400
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
220 2.0.0 Ready to start TLS
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:29:40.000Z",
   "alternativeip" : [
      "212.85.96.183"
   ],
   "app" : {
      "length" : 228
   },
   "asn" : "AS12824",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "PL",
   "data" : "220 ppk-pniewy.pl ESMTP Mailsystemx\r\n250-ppk-pniewy.pl\r\n250-PIPELINING\r\n250-SIZE 157286400\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250 CHUNKING\r\n220 2.0.0 Ready to start TLS",
   "datamd5" : "f83eb6ca30d6aef629f40f04663e1cb6",
   "datammh3" : -827359711,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "home.pl",
      "ppk-pniewy.pl"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "3cb3495faefd5a71e8e53d41332f1a18",
      "sha1" : "81df355ee26c67e11ddaf24175c426cb8f3d3c0c",
      "sha256" : "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8"
   },
   "hostname" : [
      "home.pl",
      "ppk-pniewy.pl"
   ],
   "ip" : "89.161.252.231",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Certyfikat SSL",
      "country" : "PL",
      "organization" : "home.pl S.A."
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "52.2394",
   "location" : "52.2394,21.0362",
   "longitude" : "21.0362",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "home.pl S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25,
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "ppk-pniewy.pl"
   ],
   "seen_date" : "2024-11-21",
   "serial" : "5f:86:b9:ff:df:24:40:21:f7:62:a2:46:70:65:14:cf",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "*.home.pl",
         "home.pl"
      ],
      "commonname" : "*.home.pl"
   },
   "subnet" : "89.161.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "pl"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-06-21T06:16:05Z",
      "notbefore" : "2024-05-22T06:16:06Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

  • 178.189.91.199:25 (tcp/smtp/tls) - last seen on 2024-11-21 at 08:29:40 UTC

    • IP
      178.189.91.199
      Alternative IP(s)
      45.83.106.98
      Network
      178.188.0.0/14
      Domain(s)
      szabo-scandic.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      ASN
      AS8447
      Organization
      Telekom Austria
      Protocol
      smtp Cert not expired smtp
      Source
      datascan
    • Operating System
      Linux Linux Kernel
    • Issuer Common Name
      Sectigo RSA Domain Validation Secure Server CA
      Issuer Organization
      Sectigo Limited
      Subject Common Name
      *.szabo-scandic.com
      Subject Alt Name
      *.szabo-scandic.com szabo-scandic.com
      SHA256 Fingerprint
      84a9e1e815c998a90a1f3a41c1f3794ff422159448d43768c892c134d922f3f7
      Validity Not Before
      2023-11-07T00:00:00Z
      Validity Not After
      2024-12-07T23:59:59Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      089c63f16d304b651dd76b1af463eef5 
    • 220 mx01.szabo-scandic.com ESMTP ready
250-mx01.szabo-scandic.com Hello <hostname> [<srcip>]
250-SIZE
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-STARTTLS
250 HELP
220 TLS go ahead
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:29:40.000Z",
   "alternativeip" : [
      "45.83.106.98"
   ],
   "app" : {
      "length" : 192
   },
   "asn" : "AS8447",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Vienna",
   "country" : "AT",
   "data" : "220 mx01.szabo-scandic.com ESMTP ready\r\n250-mx01.szabo-scandic.com Hello <hostname> [<srcip>]\r\n250-SIZE\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "089c63f16d304b651dd76b1af463eef5",
   "datammh3" : 247611413,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "szabo-scandic.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "e797bd07ade6d2adede350d4aa60530f",
      "sha1" : "c5af1ef6303b67d63b940cec37c1f9c85d6fd604",
      "sha256" : "84a9e1e815c998a90a1f3a41c1f3794ff422159448d43768c892c134d922f3f7"
   },
   "hostname" : [
      "szabo-scandic.com"
   ],
   "ip" : "178.189.91.199",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "48.1436",
   "location" : "48.1436,16.2941",
   "longitude" : "16.2941",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Telekom Austria",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25,
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 4096
   },
   "seen_date" : "2024-11-21",
   "serial" : "92:36:79:12:2d:c1:aa:5a:04:66:16:80:9c:99:f1:c9",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "*.szabo-scandic.com",
         "szabo-scandic.com"
      ],
      "commonname" : "*.szabo-scandic.com"
   },
   "subnet" : "178.188.0.0/14",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2024-12-07T23:59:59Z",
      "notbefore" : "2023-11-07T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

  • 188.128.172.28:25 (tcp/smtp/tls) - last seen on 2024-11-21 at 08:29:40 UTC

    • IP
      188.128.172.28
      Alternative IP(s)
      212.85.96.183 2a02:25a9:1:e01c:0:0:0:1
      Network
      188.128.160.0/19
      Domain(s)
      home.pl
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      Reverse DNS
      cloudserver121948.home.pl
      ASN
      AS12824
      Organization
      home.pl S.A.
      Protocol
      smtp Cert not expired smtp
      Source
      datascan
    • Operating System
      Linux Linux Kernel
    • Issuer Common Name
      Certyfikat SSL
      Issuer Organization
      home.pl S.A.
      Subject Common Name
      *.home.pl
      Subject Alt Name
      *.home.pl home.pl
      SHA256 Fingerprint
      1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8
      Validity Not Before
      2024-05-22T06:16:06Z
      Validity Not After
      2025-06-21T06:16:05Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      c002c5751f6dd7e8f0c031a7fce1aaed 
    • 220 cloudserver121948.home.pl ESMTP Mailsystemx
250-cloudserver121948.home.pl
250-PIPELINING
250-SIZE 157286400
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
220 2.0.0 Ready to start TLS
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:29:40.000Z",
   "alternativeip" : [
      "212.85.96.183",
      "2a02:25a9:1:e01c:0:0:0:1"
   ],
   "app" : {
      "length" : 252
   },
   "asn" : "AS12824",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "PL",
   "data" : "220 cloudserver121948.home.pl ESMTP Mailsystemx\r\n250-cloudserver121948.home.pl\r\n250-PIPELINING\r\n250-SIZE 157286400\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250 CHUNKING\r\n220 2.0.0 Ready to start TLS",
   "datamd5" : "c002c5751f6dd7e8f0c031a7fce1aaed",
   "datammh3" : -1103777079,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "home.pl"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "3cb3495faefd5a71e8e53d41332f1a18",
      "sha1" : "81df355ee26c67e11ddaf24175c426cb8f3d3c0c",
      "sha256" : "1c12ea601b0bf59cc7ba2a74fffdd93691d97bcd2af411df7f1b4e7dc36214d8"
   },
   "host" : [
      "cloudserver121948"
   ],
   "hostname" : [
      "cloudserver121948.home.pl",
      "home.pl"
   ],
   "ip" : "188.128.172.28",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Certyfikat SSL",
      "country" : "PL",
      "organization" : "home.pl S.A."
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "52.2394",
   "location" : "52.2394,21.0362",
   "longitude" : "21.0362",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "home.pl S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25,
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "cloudserver121948.home.pl"
   ],
   "seen_date" : "2024-11-21",
   "serial" : "5f:86:b9:ff:df:24:40:21:f7:62:a2:46:70:65:14:cf",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "*.home.pl",
         "home.pl"
      ],
      "commonname" : "*.home.pl"
   },
   "subnet" : "188.128.160.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "pl"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-06-21T06:16:05Z",
      "notbefore" : "2024-05-22T06:16:06Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

  • 188.165.183.242:25 (tcp/smtp/tls) - last seen on 2024-11-21 at 08:29:40 UTC

    • IP
      188.165.183.242
      Network
      188.165.0.0/16
      Domain(s)
      studea-ipac.fr
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Ubuntu
      Reverse DNS
      studea-ipac.fr
      ASN
      AS16276
      Organization
      OVH SAS
      Protocol
      smtp Cert expired smtp
      Source
      datascan
    • Operating System
      Linux Linux Ubuntu
      Product
      Postfix Postfix
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      Plesk
      Issuer Organization
      Plesk
      Subject Organization
      Plesk
      Subject Email
      info@plesk.com
      Subject Common Name
      Plesk
      SHA256 Fingerprint
      7e92310ebe9bc9b75281741f84fb02bfa80b84205a6831de2263c7a8795cc67c
      Validity Not Before
      2021-05-03T15:53:11Z
      Validity Not After
      2022-05-03T15:53:11Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      fe41dfb4bb8ebe0e6e1144281024a782 
    • 220 ns3193808.ip-152-228-225.eu ESMTP Postfix (Ubuntu)
250-ns3193808.ip-152-228-225.eu
250-PIPELINING
250-SIZE 20480000
250-ETRN
250-STARTTLS
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
220 2.0.0 Ready to start TLS
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:29:40.000Z",
   "app" : {
      "length" : 280
   },
   "asn" : "AS16276",
   "ca" : "false",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220 ns3193808.ip-152-228-225.eu ESMTP Postfix (Ubuntu)\r\n250-ns3193808.ip-152-228-225.eu\r\n250-PIPELINING\r\n250-SIZE 20480000\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250 CHUNKING\r\n220 2.0.0 Ready to start TLS",
   "datamd5" : "fe41dfb4bb8ebe0e6e1144281024a782",
   "datammh3" : -1054006321,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "studea-ipac.fr"
   ],
   "extkeyusage" : [
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "b7a01e2e3f23d5a52245839776465e90",
      "sha1" : "f6861945387892ee6891f56664f3fc8ce323b3ce",
      "sha256" : "7e92310ebe9bc9b75281741f84fb02bfa80b84205a6831de2263c7a8795cc67c"
   },
   "hostname" : [
      "studea-ipac.fr"
   ],
   "ip" : "188.165.183.242",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Schaffhausen",
      "commonname" : "Plesk",
      "country" : "CH",
      "email" : "info@plesk.com",
      "organization" : "Plesk"
   },
   "latitude" : "48.8582",
   "location" : "48.8582,2.3387",
   "longitude" : "2.3387",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "OVH SAS",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 25,
   "product" : "Postfix",
   "productvendor" : "Postfix",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "studea-ipac.fr"
   ],
   "seen_date" : "2024-11-21",
   "serial" : "60:90:1c:67",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "city" : "Schaffhausen",
      "commonname" : "Plesk",
      "country" : "CH",
      "email" : "info@plesk.com",
      "organization" : "Plesk"
   },
   "subnet" : "188.165.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "fr"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2022-05-03T15:53:11Z",
      "notbefore" : "2021-05-03T15:53:11Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 34.64.187.241:25 (tcp/smtp) - last seen on 2024-11-21 at 08:29:40 UTC

    • IP
      34.64.187.241
      Network
      34.64.160.0/19
      Domain(s)
      eutilex.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      Reverse DNS
      gw.eutilex.com
      ASN
      AS396982
      Organization
      GOOGLE-CLOUD-PLATFORM
      Protocol
      smtp
      Source
      datascan
    • Operating System
      Linux Linux Kernel

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      c165c354fe8371468433eeb83e044029 
    • 220 *******************************************
250-gw.eutilex.com Pleased to meet you
250-SIZE 104857600
250-8BITMIME
250-HELP
250-PIPELINING
250-AUTH LOGIN PLAIN
250 ENHANCEDSTATUSCODES

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:29:40.000Z",
   "app" : {
      "length" : 196
   },
   "asn" : "AS396982",
   "city" : "Seoul",
   "country" : "KR",
   "data" : "220 *******************************************\r\n250-gw.eutilex.com Pleased to meet you\r\n250-SIZE 104857600\r\n250-8BITMIME\r\n250-HELP\r\n250-PIPELINING\r\n250-AUTH LOGIN PLAIN\r\n250 ENHANCEDSTATUSCODES\r\n",
   "datamd5" : "c165c354fe8371468433eeb83e044029",
   "datammh3" : 453771252,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "eutilex.com"
   ],
   "geolocus" : {
      "asn" : "AS396982",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "SG",
      "countryname" : "Singapore",
      "domain" : [
         "google.com",
         "googleusercontent.com"
      ],
      "isineu" : "false",
      "latitude" : "1.352083",
      "location" : "1.352083,103.819836",
      "longitude" : "103.819836",
      "netname" : "KR-11-10",
      "organization" : "Google Asia Pacific Pte. Ltd.",
      "subnet" : "34.64.160.0/19"
   },
   "host" : [
      "gw"
   ],
   "hostname" : [
      "gw.eutilex.com"
   ],
   "ip" : "34.64.187.241",
   "ipv6" : "false",
   "latitude" : "37.5794",
   "location" : "37.5794,126.9754",
   "longitude" : "126.9754",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GOOGLE-CLOUD-PLATFORM",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 25,
   "protocol" : "smtp",
   "reverse" : [
      "gw.eutilex.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "subnet" : "34.64.160.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}