Cyber Defense Search Engine

IP
197.242.150.193

Network
197.242.144.0/20

Domain(s)
dedicated.co.za

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
pps.dedicated.co.za

ASN
AS37611

Organization
Afrihost

Protocol
smtp Cert not expired smtp

Source
datascan
Operating System
Linux Linux Kernel

Product
Exim Exim 4.96.2

CPE(s)

<enterprise field>: cpe
Issuer Common Name
R11

Issuer Organization
Let's Encrypt

Subject Common Name
pps.dedicated.co.za

Subject Alt Name
pps.dedicated.co.za

SHA256 Fingerprint
e53fefb1934ea6332b7a17719b5c36f103407c7b3c1459dde4b22c276d8a2a5e

Validity Not Before
2024-10-25T17:57:25Z

Validity Not After
2025-01-23T17:57:24Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f0c66014aad217bae50df44fd88d835c

220-pps.dedicated.co.za ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 10:39:10 +0200 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-pps.dedicated.co.za Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
220 TLS go ahead

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:39:21.000Z",
   "app" : {
      "length" : 359
   },
   "asn" : "AS37611",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "ZA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-pps.dedicated.co.za ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 10:39:10 +0200 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-pps.dedicated.co.za Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-AUTH PLAIN LOGIN\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "f0c66014aad217bae50df44fd88d835c",
   "datammh3" : -638241315,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "dedicated.co.za"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "ccd8520afa0536caefaad7fbcd32d440",
      "sha1" : "7a4ab0436b92a4a955710c1e2676cc94f6a7bf01",
      "sha256" : "e53fefb1934ea6332b7a17719b5c36f103407c7b3c1459dde4b22c276d8a2a5e"
   },
   "geolocus" : {
      "asn" : "AS37611",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "ZA",
      "countryname" : "South Africa",
      "domain" : [
         "afrihost.com"
      ],
      "isineu" : "false",
      "latitude" : "-30.559482",
      "location" : "-30.559482,22.937506",
      "longitude" : "22.937506",
      "netname" : "Afrihost-Cloud",
      "organization" : "Afrihost",
      "subnet" : "197.242.144.0/21"
   },
   "host" : [
      "pps"
   ],
   "hostname" : [
      "pps.dedicated.co.za"
   ],
   "ip" : "197.242.150.193",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "R11",
      "country" : "US",
      "organization" : "Let's Encrypt"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "-28.9984",
   "location" : "-28.9984,23.9888",
   "longitude" : "23.9888",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Afrihost",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 587,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.96.2",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "pps.dedicated.co.za"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "03:49:a1:a6:4e:0d:58:da:95:c9:62:00:4b:b1:3d:ff:44:03",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "pps.dedicated.co.za"
      ],
      "commonname" : "pps.dedicated.co.za"
   },
   "subnet" : "197.242.144.0/20",
   "tld" : [
      "co.za"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-01-23T17:57:24Z",
      "notbefore" : "2024-10-25T17:57:25Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
191.252.160.213

Alternative IP(s)
186.202.157.79

Network
191.252.0.0/16

Domain(s)
hospedagemdesites.ws

Device

<enterprise field>: device.class

ASN
AS27715

Organization
Locaweb Servicos de Internet SA

Protocol
smtp Cert not expired smtp

Source
datascan
Product
Exim Exim 4.96.2

CPE(s)

<enterprise field>: cpe
Issuer Common Name
GlobalSign GCC R6 AlphaSSL CA 2023

Issuer Organization
GlobalSign nv-sa

Subject Common Name
*.hospedagemdesites.ws

Subject Alt Name
*.hospedagemdesites.ws hospedagemdesites.ws

SHA256 Fingerprint
071cdaa08687744427dad7fb7d78bb735700df76ab6045d374a2832f4d84a446

Validity Not Before
2024-10-16T04:11:03Z

Validity Not After
2025-11-17T04:11:02Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
6acaf6b1886312809b23112f90496f09

220-iuri0036.hospedagemdesites.ws ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 05:39:10 -0300 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-iuri0036.hospedagemdesites.ws Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
220 TLS go ahead

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:39:20.000Z",
   "alternativeip" : [
      "186.202.157.79"
   ],
   "app" : {
      "length" : 379
   },
   "asn" : "AS27715",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-iuri0036.hospedagemdesites.ws ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 05:39:10 -0300 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-iuri0036.hospedagemdesites.ws Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-AUTH PLAIN LOGIN\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "6acaf6b1886312809b23112f90496f09",
   "datammh3" : -529179862,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "hospedagemdesites.ws"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "be0851f275345890664d46151eb4849d",
      "sha1" : "2ee20df8dba23d346bce98f34d86b434cbb3af6d",
      "sha256" : "071cdaa08687744427dad7fb7d78bb735700df76ab6045d374a2832f4d84a446"
   },
   "geolocus" : {
      "asn" : "AS27715",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "cert.br",
         "locaweb.com.br"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "02.351.877/0001-52",
      "organization" : "Locaweb Servicos de Internet S/A",
      "subnet" : "191.252.0.0/16"
   },
   "hostname" : [
      "hospedagemdesites.ws"
   ],
   "ip" : "191.252.160.213",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "GlobalSign GCC R6 AlphaSSL CA 2023",
      "country" : "BE",
      "organization" : "GlobalSign nv-sa"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "-22.8305",
   "location" : "-22.8305,-43.2192",
   "longitude" : "-43.2192",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Locaweb Servicos de Internet SA",
   "port" : 587,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.96.2",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-07",
   "serial" : "20:bf:dc:2c:78:1c:cb:1a:26:a8:2c:ec",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "*.hospedagemdesites.ws",
         "hospedagemdesites.ws"
      ],
      "commonname" : "*.hospedagemdesites.ws"
   },
   "subnet" : "191.252.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ws"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-11-17T04:11:02Z",
      "notbefore" : "2024-10-16T04:11:03Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
51.91.105.88

Network
51.91.0.0/16

Domain(s)
ip-51-91-105.eu

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
ns3162632.ip-51-91-105.eu

ASN
AS16276

Organization
OVH SAS

Protocol
smtp Cert not expired smtp

Source
datascan
Operating System
Linux Linux Kernel

Product
Exim Exim 4.96.2

CPE(s)

<enterprise field>: cpe
Issuer Common Name
R11

Issuer Organization
Let's Encrypt

Subject Common Name
ns3162632.ip-51-91-105.eu

Subject Alt Name
ns3162632.ip-51-91-105.eu

SHA256 Fingerprint
bfd6f70c8ed3b02c400e767bdde9eb72cb649977c628c8bf5790fb9d68e0682a

Validity Not Before
2024-09-11T23:38:08Z

Validity Not After
2024-12-10T23:38:07Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2244aa29b7a580d791fcd67caf88a80b

220-ns3162632.ip-51-91-105.eu ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 08:39:09 +0000 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-ns3162632.ip-51-91-105.eu Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-STARTTLS
250 HELP
220 TLS go ahead

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:39:20.000Z",
   "app" : {
      "length" : 349
   },
   "asn" : "AS16276",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-ns3162632.ip-51-91-105.eu ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 08:39:09 +0000 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-ns3162632.ip-51-91-105.eu Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "2244aa29b7a580d791fcd67caf88a80b",
   "datammh3" : -1231592990,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ip-51-91-105.eu"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "cd1b8030038dfac1aacd704ae62c6660",
      "sha1" : "46f08218234512927b44c2991e36a0812268b44e",
      "sha256" : "bfd6f70c8ed3b02c400e767bdde9eb72cb649977c628c8bf5790fb9d68e0682a"
   },
   "host" : [
      "ns3162632"
   ],
   "hostname" : [
      "ns3162632.ip-51-91-105.eu"
   ],
   "ip" : "51.91.105.88",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "R11",
      "country" : "US",
      "organization" : "Let's Encrypt"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "48.8582",
   "location" : "48.8582,2.3387",
   "longitude" : "2.3387",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "OVH SAS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 587,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.96.2",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "ns3162632.ip-51-91-105.eu"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "04:c5:b3:54:bb:48:69:40:c3:ab:33:39:c5:f2:ce:08:34:54",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "ns3162632.ip-51-91-105.eu"
      ],
      "commonname" : "ns3162632.ip-51-91-105.eu"
   },
   "subnet" : "51.91.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "eu"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2024-12-10T23:38:07Z",
      "notbefore" : "2024-09-11T23:38:08Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
85.9.47.31

Alternative IP(s)
86.107.43.63

Network
85.9.0.0/18

Domain(s)
romania-webhosting.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
cw85-i-dg31.romania-webhosting.com

ASN
AS5606

Organization
GTS Telecom SRL

Protocol
smtp Cert not expired smtp

Source
datascan
Operating System
Linux Linux Kernel

Product
Exim Exim 4.96.2

CPE(s)

<enterprise field>: cpe
Issuer Common Name
R10

Issuer Organization
Let's Encrypt

Subject Common Name
server63.romania-webhosting.com

Subject Alt Name
autoconfig.server63.romania-webhosting.com autodiscover.server63.romania-webhosting.com cpanel.server63.romania-webhosting.com cpcalendars.server63.romania-webhosting.com cpcontacts.server63.romania-webhosting.com ipv6.server63.romania-webhosting.com mail.server63.romania-webhosting.com server63.romania-webhosting.com webdisk.server63.romania-webhosting.com webmail.server63.romania-webhosting.com whm.server63.romania-webhosting.com www.server63.romania-webhosting.com

SHA256 Fingerprint
d6d472e6945e88fd0ede4b21338e0cca86ffc76a6e97538209e3dc38a6f7155d

Validity Not Before
2024-11-01T07:25:04Z

Validity Not After
2025-01-30T07:25:03Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
41c612b1c920688f6f5b62b7ad89eabe

220-server63.romania-webhosting.com ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 10:39:09 +0200 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-server63.romania-webhosting.com Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
220 TLS go ahead

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:39:20.000Z",
   "alternativeip" : [
      "86.107.43.63"
   ],
   "app" : {
      "length" : 383
   },
   "asn" : "AS5606",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Alexandria",
   "country" : "RO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-server63.romania-webhosting.com ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 10:39:09 +0200 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-server63.romania-webhosting.com Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-AUTH PLAIN LOGIN\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "41c612b1c920688f6f5b62b7ad89eabe",
   "datammh3" : 1089071874,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "romania-webhosting.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "644258b784e7bd0f13a3c76d953eb4ac",
      "sha1" : "adf829803b1a520e3e2027445400d7f40a548698",
      "sha256" : "d6d472e6945e88fd0ede4b21338e0cca86ffc76a6e97538209e3dc38a6f7155d"
   },
   "host" : [
      "autoconfig",
      "autodiscover",
      "cpanel",
      "cpcalendars",
      "cpcontacts",
      "cw85-i-dg31",
      "ipv6",
      "mail",
      "server63",
      "webdisk",
      "webmail",
      "whm",
      "www"
   ],
   "hostname" : [
      "autoconfig.server63.romania-webhosting.com",
      "autodiscover.server63.romania-webhosting.com",
      "cpanel.server63.romania-webhosting.com",
      "cpcalendars.server63.romania-webhosting.com",
      "cpcontacts.server63.romania-webhosting.com",
      "cw85-i-dg31.romania-webhosting.com",
      "ipv6.server63.romania-webhosting.com",
      "mail.server63.romania-webhosting.com",
      "server63.romania-webhosting.com",
      "webdisk.server63.romania-webhosting.com",
      "webmail.server63.romania-webhosting.com",
      "whm.server63.romania-webhosting.com",
      "www.server63.romania-webhosting.com"
   ],
   "ip" : "85.9.47.31",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "R10",
      "country" : "US",
      "organization" : "Let's Encrypt"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "43.9827",
   "location" : "43.9827,25.3329",
   "longitude" : "25.3329",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GTS Telecom SRL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 587,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.96.2",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "cw85-i-dg31.romania-webhosting.com"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "03:69:e2:14:f6:c8:de:33:c8:9b:6d:57:e3:47:f8:a6:2e:dd",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subdomains" : [
      "server63.romania-webhosting.com"
   ],
   "subject" : {
      "altname" : [
         "autoconfig.server63.romania-webhosting.com",
         "autodiscover.server63.romania-webhosting.com",
         "cpanel.server63.romania-webhosting.com",
         "cpcalendars.server63.romania-webhosting.com",
         "cpcontacts.server63.romania-webhosting.com",
         "ipv6.server63.romania-webhosting.com",
         "mail.server63.romania-webhosting.com",
         "server63.romania-webhosting.com",
         "webdisk.server63.romania-webhosting.com",
         "webmail.server63.romania-webhosting.com",
         "whm.server63.romania-webhosting.com",
         "www.server63.romania-webhosting.com"
      ],
      "commonname" : "server63.romania-webhosting.com"
   },
   "subnet" : "85.9.0.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-01-30T07:25:03Z",
      "notbefore" : "2024-11-01T07:25:04Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP
23.254.136.104

Alternative IP(s)
142.11.230.202

Network
23.254.128.0/17

Domain(s)
hostwindsdns.com spiveyremodelinginc.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
spiveyremodelinginc.com

ASN
AS54290

Organization
HOSTWINDS

Protocol
smtp Cert not expired smtp

Source
datascan
Operating System
Linux Linux Kernel

Product
Exim Exim 4.96.2

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo ECC Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
*.hostwindsdns.com

Subject Alt Name
*.hostwindsdns.com hostwindsdns.com

SHA256 Fingerprint
1f4323b134d5ff5439bdd92ee6f881e9797e37038620450f2ca8ea1991f4cd58

Validity Not Before
2024-01-22T00:00:00Z

Validity Not After
2025-02-21T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b75c904c8657f214dc12f5e48280e70f

220-dal-business-15.hostwindsdns.com ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 00:39:09 -0800 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-dal-business-15.hostwindsdns.com Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-STARTTLS
250 HELP
220 TLS go ahead

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:39:19.000Z",
   "alternativeip" : [
      "142.11.230.202"
   ],
   "app" : {
      "length" : 363
   },
   "asn" : "AS54290",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-dal-business-15.hostwindsdns.com ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 00:39:09 -0800 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-dal-business-15.hostwindsdns.com Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "b75c904c8657f214dc12f5e48280e70f",
   "datammh3" : 370109744,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "hostwindsdns.com",
      "spiveyremodelinginc.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "36834b68a3f5b09eb87cbf834f1189a2",
      "sha1" : "ed6ea56e96950e6b6ac5a7cc65c5b7c1ec89441a",
      "sha256" : "1f4323b134d5ff5439bdd92ee6f881e9797e37038620450f2ca8ea1991f4cd58"
   },
   "geolocus" : {
      "asn" : "AS54290",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "hostwinds.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "HOSTWINDS-17-6",
      "organization" : "Hostwinds LLC.",
      "subnet" : "23.254.128.0/18"
   },
   "hostname" : [
      "hostwindsdns.com",
      "spiveyremodelinginc.com"
   ],
   "ip" : "23.254.136.104",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo ECC Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature"
   ],
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "HOSTWINDS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 587,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.96.2",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "id-ecPublicKey",
      "length" : 256
   },
   "reverse" : [
      "spiveyremodelinginc.com"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "05:d9:ee:48:91:e9:3e:e0:89:f8:4e:ee:ac:bc:9b:5f",
   "signature" : {
      "algorithm" : "ecdsa-with-SHA256"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "*.hostwindsdns.com",
         "hostwindsdns.com"
      ],
      "commonname" : "*.hostwindsdns.com"
   },
   "subnet" : "23.254.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-02-21T23:59:59Z",
      "notbefore" : "2024-01-22T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
108.167.168.20

Alternative IP(s)
172.66.40.38 172.66.43.218 2606:4700:3108:0:0:0:ac42:2826 2606:4700:3108:0:0:0:ac42:2bda

Network
108.167.168.0/21

Domain(s)
hostgator.com.br unifiedlayer.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
108-167-168-20.unifiedlayer.com

ASN
AS19871

Organization
NETWORK-SOLUTIONS-HOSTING

Protocol
smtp Cert not expired smtp

Source
datascan
Operating System
Linux Linux Kernel

Product
Exim Exim 4.96.2

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
*.hostgator.com.br

Subject Alt Name
*.hostgator.com.br hostgator.com.br

SHA256 Fingerprint
1c5b2e5fc1cfd4d06020018b6cea63d755223344ffa60e46232b2f4412c7c2e6

Validity Not Before
2024-06-12T00:00:00Z

Validity Not After
2025-06-12T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3a168adaf6103b638b797dd54b68f34e

220-br320.hostgator.com.br ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 05:39:09 -0300 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-br320.hostgator.com.br Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
220 TLS go ahead

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:39:19.000Z",
   "alternativeip" : [
      "172.66.40.38",
      "172.66.43.218",
      "2606:4700:3108:0:0:0:ac42:2826",
      "2606:4700:3108:0:0:0:ac42:2bda"
   ],
   "app" : {
      "length" : 365
   },
   "asn" : "AS19871",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-br320.hostgator.com.br ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 05:39:09 -0300 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-br320.hostgator.com.br Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-AUTH PLAIN LOGIN\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "3a168adaf6103b638b797dd54b68f34e",
   "datammh3" : 1763812218,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "hostgator.com.br",
      "unifiedlayer.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "18dd475b74582c26628324b10f7ac286",
      "sha1" : "2a50e0f1e5ba91937fa25ac9406c906e2f49b166",
      "sha256" : "1c5b2e5fc1cfd4d06020018b6cea63d755223344ffa60e46232b2f4412c7c2e6"
   },
   "geolocus" : {
      "asn" : "AS19871",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "endurance.com",
         "hostgator.com",
         "unifiedlayer.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "HGBLOCK-4",
      "organization" : "HostGator.com LLC",
      "subnet" : "108.167.168.0/21"
   },
   "host" : [
      "108-167-168-20"
   ],
   "hostname" : [
      "108-167-168-20.unifiedlayer.com",
      "hostgator.com.br"
   ],
   "ip" : "108.167.168.20",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "NETWORK-SOLUTIONS-HOSTING",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 587,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.96.2",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "108-167-168-20.unifiedlayer.com"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "d6:2d:d7:b2:0c:48:cf:4f:84:53:99:ad:35:2d:37:74",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "*.hostgator.com.br",
         "hostgator.com.br"
      ],
      "commonname" : "*.hostgator.com.br"
   },
   "subnet" : "108.167.168.0/21",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "com.br"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-06-12T23:59:59Z",
      "notbefore" : "2024-06-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
143.95.71.232

Alternative IP(s)
173.237.172.6

Network
143.95.64.0/18

Domain(s)
asoshared.com ip-143-95-71-232.iplocal

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
ip-143-95-71-232.iplocal

ASN
AS46606

Organization
UNIFIEDLAYER-AS-1

Protocol
smtp Cert not expired smtp

Source
datascan
Operating System
Linux Linux Kernel

Product
Exim Exim 4.96.2

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
*.asoshared.com

Subject Alt Name
*.asoshared.com asoshared.com

SHA256 Fingerprint
cb732fe5515e92758d4146eadf44ba2ecc4b19eba3cd5e885e5ce4c3ad4255c7

Validity Not Before
2024-09-04T00:00:00Z

Validity Not After
2025-09-04T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
5357d57b95ce5d883fed85b36a8d6da3

220-sh022.asoshared.com ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 02:39:09 -0600 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-sh022.asoshared.com Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
220 TLS go ahead

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:39:19.000Z",
   "alternativeip" : [
      "173.237.172.6"
   ],
   "app" : {
      "length" : 359
   },
   "asn" : "AS46606",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-sh022.asoshared.com ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 02:39:09 -0600 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-sh022.asoshared.com Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-AUTH PLAIN LOGIN\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "5357d57b95ce5d883fed85b36a8d6da3",
   "datammh3" : 1424232396,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "asoshared.com",
      "ip-143-95-71-232.iplocal"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "529e10610d9f9de8df0d0a1ef0894805",
      "sha1" : "c1c7cbf06246323fe57d67f68f6d727065e7e6d3",
      "sha256" : "cb732fe5515e92758d4146eadf44ba2ecc4b19eba3cd5e885e5ce4c3ad4255c7"
   },
   "geolocus" : {
      "asn" : "AS46606",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "endurance.com",
         "ip-143-95-64-1.iplocal"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ATHENIX",
      "organization" : "Newfold Digital, Inc.",
      "subnet" : "143.95.64.0/18"
   },
   "hostname" : [
      "asoshared.com",
      "ip-143-95-71-232.iplocal"
   ],
   "ip" : "143.95.71.232",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UNIFIEDLAYER-AS-1",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 587,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.96.2",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "ip-143-95-71-232.iplocal"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "79:cc:95:f0:ed:f5:da:be:a0:f9:a9:f3:0d:23:76:a4",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "*.asoshared.com",
         "asoshared.com"
      ],
      "commonname" : "*.asoshared.com"
   },
   "subnet" : "143.95.64.0/18",
   "tld" : [
      "com",
      "iplocal"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-09-04T23:59:59Z",
      "notbefore" : "2024-09-04T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
143.95.239.56

Alternative IP(s)
108.174.156.218

Network
143.95.224.0/19

Domain(s)
accountservergroup.com ip-143-95-239-56.iplocal

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
ip-143-95-239-56.iplocal

ASN
AS46606

Organization
UNIFIEDLAYER-AS-1

Protocol
smtp Cert not expired smtp

Source
datascan
Operating System
Linux Linux Kernel

Product
Exim Exim 4.96.2

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Domain Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Common Name
*.accountservergroup.com

Subject Alt Name
*.accountservergroup.com accountservergroup.com

SHA256 Fingerprint
a1f957ccae09972288fc6b8a20b5c19d830f7e34e8d9700d3e27a20c18392eef

Validity Not Before
2023-12-02T00:00:00Z

Validity Not After
2024-12-01T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
289e0b541af21b66809604f78d208393

220-shared140.accountservergroup.com ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 02:39:09 -0600 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-shared140.accountservergroup.com Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
220 TLS go ahead

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:39:19.000Z",
   "alternativeip" : [
      "108.174.156.218"
   ],
   "app" : {
      "length" : 385
   },
   "asn" : "AS46606",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-shared140.accountservergroup.com ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 02:39:09 -0600 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-shared140.accountservergroup.com Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-AUTH PLAIN LOGIN\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "289e0b541af21b66809604f78d208393",
   "datammh3" : -305784525,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "accountservergroup.com",
      "ip-143-95-239-56.iplocal"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "d5a0a3565749e7e27fdf64efb8156ccf",
      "sha1" : "f81ec872227a84330eb1d21e0e9a2d6f502fd35c",
      "sha256" : "a1f957ccae09972288fc6b8a20b5c19d830f7e34e8d9700d3e27a20c18392eef"
   },
   "geolocus" : {
      "asn" : "AS46606",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "endurance.com",
         "ip-143-95-224-1.iplocal"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ATHENIX",
      "organization" : "Newfold Digital, Inc.",
      "subnet" : "143.95.224.0/19"
   },
   "hostname" : [
      "accountservergroup.com",
      "ip-143-95-239-56.iplocal"
   ],
   "ip" : "143.95.239.56",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UNIFIEDLAYER-AS-1",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 587,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.96.2",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "ip-143-95-239-56.iplocal"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "65:30:7d:f2:6e:2d:28:8c:a2:49:f8:d5:ee:9d:c7:a0",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "*.accountservergroup.com",
         "accountservergroup.com"
      ],
      "commonname" : "*.accountservergroup.com"
   },
   "subnet" : "143.95.224.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "iplocal"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2024-12-01T23:59:59Z",
      "notbefore" : "2023-12-02T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
162.219.44.18

Alternative IP(s)
162.219.44.2

Network
162.219.44.0/22

Domain(s)
methodhosting.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

ASN
AS55129

Organization
METHOD

Protocol
smtp Cert not expired smtp

Source
datascan
Operating System
Linux Linux Kernel

Product
Exim Exim 4.96.2

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Starfield Secure Certificate Authority - G2

Issuer Organization
Starfield Technologies, Inc.

Subject Common Name
*.methodhosting.net

Subject Alt Name
*.methodhosting.net methodhosting.net

SHA256 Fingerprint
c2d182da42467f5d6f9f09542e79d3b663d992942ab43c92acd28d6a98c2d423

Validity Not Before
2024-08-29T21:06:18Z

Validity Not After
2025-09-07T17:51:35Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
977c4ceb3f96f8742964bb194c40420f

220-cpanel1.methodhosting.net ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 00:39:09 -0800 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-cpanel1.methodhosting.net Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
220 TLS go ahead

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:39:19.000Z",
   "alternativeip" : [
      "162.219.44.2"
   ],
   "app" : {
      "length" : 371
   },
   "asn" : "AS55129",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-cpanel1.methodhosting.net ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 00:39:09 -0800 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-cpanel1.methodhosting.net Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-AUTH PLAIN LOGIN\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "977c4ceb3f96f8742964bb194c40420f",
   "datammh3" : 1695581142,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "methodhosting.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "799b477eff8263a16489203ac33e925a",
      "sha1" : "602d00e32c0b91d9635d2d7b5c35f483e2b3757d",
      "sha256" : "c2d182da42467f5d6f9f09542e79d3b663d992942ab43c92acd28d6a98c2d423"
   },
   "geolocus" : {
      "asn" : "AS55129",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "methodcolo.net",
         "mtinc.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "METHOD2",
      "organization" : "Method Technologies Inc.",
      "subnet" : "162.219.44.0/22"
   },
   "hostname" : [
      "methodhosting.net"
   ],
   "ip" : "162.219.44.18",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Scottsdale",
      "commonname" : "Starfield Secure Certificate Authority - G2",
      "country" : "US",
      "organization" : "Starfield Technologies, Inc.",
      "organizationalunit" : "http://certs.starfieldtech.com/repository/"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "METHOD",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 587,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.96.2",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "seen_date" : "2024-11-07",
   "serial" : "93:e5:a6:92:6f:d1:e1:57",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subject" : {
      "altname" : [
         "*.methodhosting.net",
         "methodhosting.net"
      ],
      "commonname" : "*.methodhosting.net"
   },
   "subnet" : "162.219.44.0/22",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-09-07T17:51:35Z",
      "notbefore" : "2024-08-29T21:06:18Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
148.72.127.207

Network
148.72.112.0/20

Domain(s)
secureserver.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

Reverse DNS
207.127.72.148.host.secureserver.net

ASN
AS398101

Organization
GO-DADDY-COM-LLC

Protocol
smtp Cert not expired smtp

Source
datascan
Operating System
Linux Linux Kernel

Product
Exim Exim 4.96.2

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Starfield Secure Certificate Authority - G2

Issuer Organization
Starfield Technologies, Inc.

Subject Common Name
*.prod.phx3.secureserver.net

Subject Alt Name
*.prod.phx3.secureserver.net prod.phx3.secureserver.net

SHA256 Fingerprint
d53a2eeb58dc99df4a623b606a967bae6d8dc40c46407be617a96a9a141d0346

Validity Not Before
2024-02-15T21:45:33Z

Validity Not After
2025-03-18T21:45:33Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
98cb46c705fb9d96c60c0df1f997663c

220-p3plmcpnl496636.prod.phx3.secureserver.net ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 01:39:09 -0700 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-p3plmcpnl496636.prod.phx3.secureserver.net Hello <hostname> [<srcip>]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
220 TLS go ahead

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T08:39:19.000Z",
   "app" : {
      "length" : 405
   },
   "asn" : "AS398101",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Ashburn",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-p3plmcpnl496636.prod.phx3.secureserver.net ESMTP Exim 4.96.2 #2 Thu, 07 Nov 2024 01:39:09 -0700 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-p3plmcpnl496636.prod.phx3.secureserver.net Hello <hostname> [<srcip>]\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-PIPELINING\r\n250-PIPECONNECT\r\n250-AUTH PLAIN LOGIN\r\n250-STARTTLS\r\n250 HELP\r\n220 TLS go ahead",
   "datamd5" : "98cb46c705fb9d96c60c0df1f997663c",
   "datammh3" : 1339243938,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "secureserver.net"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "8f2c6fb954159534174d537ca1bd989d",
      "sha1" : "6b61301cf7cce6a63cfbe37a4cff59d4a77cde5d",
      "sha256" : "d53a2eeb58dc99df4a623b606a967bae6d8dc40c46407be617a96a9a141d0346"
   },
   "geolocus" : {
      "asn" : "AS398101",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "godaddy.com",
         "secureserver.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "GO-DADDY-COM-LLC",
      "organization" : "GoDaddy.com, LLC",
      "subnet" : "148.72.112.0/20"
   },
   "host" : [
      207,
      "prod"
   ],
   "hostname" : [
      "207.127.72.148.host.secureserver.net",
      "prod.phx3.secureserver.net"
   ],
   "ip" : "148.72.127.207",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Scottsdale",
      "commonname" : "Starfield Secure Certificate Authority - G2",
      "country" : "US",
      "organization" : "Starfield Technologies, Inc.",
      "organizationalunit" : "http://certs.starfieldtech.com/repository/"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "39.0469",
   "location" : "39.0469,-77.4903",
   "longitude" : "-77.4903",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GO-DADDY-COM-LLC",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 587,
   "product" : "Exim",
   "productvendor" : "Exim",
   "productversion" : "4.96.2",
   "protocol" : "smtp",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reverse" : [
      "207.127.72.148.host.secureserver.net"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "09:63:b0:73:d6:70:b9:ef",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "subdomains" : [
      "127.72.148.host.secureserver.net",
      "148.host.secureserver.net",
      "72.148.host.secureserver.net",
      "host.secureserver.net",
      "phx3.secureserver.net",
      "prod.phx3.secureserver.net"
   ],
   "subject" : {
      "altname" : [
         "*.prod.phx3.secureserver.net",
         "prod.phx3.secureserver.net"
      ],
      "commonname" : "*.prod.phx3.secureserver.net"
   },
   "subnet" : "148.72.112.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "validity" : {
      "notafter" : "2025-03-18T21:45:33Z",
      "notbefore" : "2024-02-15T21:45:33Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

Returning 10 result(s) out of 1,382,193 in 0.201 second(s)

197.242.150.193:587 (tcp/smtp/tls) - last seen on 2024-11-07 at 08:39:21 UTC

191.252.160.213:587 (tcp/smtp/tls) - last seen on 2024-11-07 at 08:39:20 UTC

51.91.105.88:587 (tcp/smtp/tls) - last seen on 2024-11-07 at 08:39:20 UTC

85.9.47.31:587 (tcp/smtp/tls) - last seen on 2024-11-07 at 08:39:20 UTC

23.254.136.104:587 (tcp/smtp/tls) - last seen on 2024-11-07 at 08:39:19 UTC

108.167.168.20:587 (tcp/smtp/tls) - last seen on 2024-11-07 at 08:39:19 UTC

143.95.71.232:587 (tcp/smtp/tls) - last seen on 2024-11-07 at 08:39:19 UTC

143.95.239.56:587 (tcp/smtp/tls) - last seen on 2024-11-07 at 08:39:19 UTC

162.219.44.18:587 (tcp/smtp/tls) - last seen on 2024-11-07 at 08:39:19 UTC

148.72.127.207:587 (tcp/smtp/tls) - last seen on 2024-11-07 at 08:39:19 UTC