GeneralInformation

Hostnames	abc-jp.info solidsystem.net
Domains	abc-jp.info solidsystem.net
Country	Japan
City	Tokyo
Organization	DIX Co., Ltd.
ISP	GMO GlobalSign Holdings K.K.
ASN	AS131921

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-45802	5.9When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue.
CVE-2023-31122	7.5Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.
CVE-2022-37436	5.3Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
CVE-2022-31813	9.8Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.
CVE-2022-30556	7.5Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.
CVE-2022-29404	7.5In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
CVE-2022-28615	9.1Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.
CVE-2022-28614	5.3The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.
CVE-2022-28330	5.3Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
CVE-2022-22721	9.1If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
CVE-2022-22720	9.8Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
CVE-2022-22719	7.5A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.
CVE-2021-44790	9.8A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.
CVE-2021-40438	9.0A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-39275	9.8ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-34798	7.5Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-32792	6.1mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, there is an XSS vulnerability in when using `OIDCPreservePost On`.
CVE-2021-32791	5.9mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, the AES GCM encryption in mod_auth_openidc uses a static IV and AAD. It is important to fix because this creates a static nonce and since aes-gcm is a stream cipher, this can lead to known cryptographic issues, since the same key is being reused. From 2.4.9 onwards this has been patched to use dynamic values through usage of cjose AES encryption routines.
CVE-2021-32786	6.1mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9, `oidc_validate_redirect_url()` does not parse URLs the same way as most browsers do. As a result, this function can be bypassed and leads to an Open Redirect vulnerability in the logout functionality. This bug has been fixed in version 2.4.9 by replacing any backslash of the URL to redirect with slashes to address a particular breaking change between the different specifications (RFC2396 / RFC3986 and WHATWG). As a workaround, this vulnerability can be mitigated by configuring `mod_auth_openidc` to only allow redirection whose destination matches a given regular expression.
CVE-2021-32785	7.5mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When mod_auth_openidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache (`OIDCCacheEncrypt off`, `OIDCSessionType server-cache`, `OIDCCacheType redis`), `mod_auth_openidc` wrongly performed argument interpolation before passing Redis requests to `hiredis`, which would perform it again and lead to an uncontrolled format string bug. Initial assessment shows that this bug does not appear to allow gaining arbitrary code execution, but can reliably provoke a denial of service by repeatedly crashing the Apache workers. This bug has been corrected in version 2.4.9 by performing argument interpolation only once, using the `hiredis` API. As a workaround, this vulnerability can be mitigated by setting `OIDCCacheEncrypt` to `on`, as cache keys are cryptographically hashed before use when this option is enabled.
CVE-2018-1303	7.5A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability.
CVE-2018-1302	5.9When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.
CVE-2018-1301	5.9A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.
CVE-2017-9798	7.5Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.
CVE-2017-9788	9.1In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.
CVE-2016-8612	4.3Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process.
CVE-2015-4000	4.3The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
CVE-2015-0228	The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.
CVE-2015-0204	4.3The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.
CVE-2013-4365	Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.
CVE-2013-2765	The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
CVE-2013-1862	mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
CVE-2013-0942	Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0941	EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
CVE-2012-4360	Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-4001	The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
CVE-2012-3526	The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
CVE-2012-0053	protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
CVE-2012-0031	scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
CVE-2011-4415	The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.
CVE-2011-4317	The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
CVE-2011-3607	Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
CVE-2011-3368	The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
CVE-2011-3192	The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
CVE-2011-2688	SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
CVE-2011-1176	The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
CVE-2011-0419	Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
CVE-2009-3555	The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
CVE-2009-2299	The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.
CVE-2009-0796	Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
CVE-2007-6750	The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
CVE-2007-4723	Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.
CVE-2006-20001	7.5A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier.

OpenPorts

21 22 25 80 443 587 993 995

-1065236375 | 2024-03-27T04:52:24.899573

21 / tcp

220 FTP Server ready.
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
 CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
 EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
 XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
 NOOP    FEAT    OPTS    AUTH*   CCC*    CONF*   ENC*    MIC*    
 PBSZ*   PROT*   TYPE    STRU    MODE    RETR    STOR    STOU    
 APPE    REST    ABOR    USER    PASS    ACCT*   REIN*   LIST    
 NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@localhost
211-Features:
 MDTM
 MFMT
 TVFS
 MFF modify;UNIX.group;UNIX.mode;
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
 REST STREAM
 SIZE
211 End

1044474323 | 2024-04-18T01:51:05.452960

25 / tcp

554 abc-jp.info ESMTP not accepting messages
250-abc-jp.info Hello [224.254.175.29], pleased to meet you
250 ENHANCEDSTATUSCODES

720305818 | 2024-04-16T00:40:21.941071

80 / tcp

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 00:40:21 GMT
Server: Apache/2.0.64 (Unix)
Last-Modified: Thu, 29 Mar 2012 05:06:50 GMT
ETag: "442582-126-b107ce80"
Accept-Ranges: bytes
Content-Length: 294
Content-Type: text/html

720305818 | 2024-04-16T06:57:12.234378

443 / tcp

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 06:57:11 GMT
Server: Apache/2.0.64 (Unix)
Last-Modified: Thu, 29 Mar 2012 05:06:50 GMT
ETag: "442582-126-b107ce80"
Accept-Ranges: bytes
Content-Length: 294
Content-Type: text/html

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:61:8a:5a:25:37:3b:44:67:ff:ee:bf
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 DV TLS CA 2020
        Validity
            Not Before: May 29 03:50:23 2023 GMT
            Not After : Jun 29 03:50:22 2024 GMT
        Subject: CN=*.solidsystem.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:95:df:26:68:f6:ad:bc:0a:28:11:e4:fd:46:c2:
                    55:77:b0:60:43:4d:d7:d4:ce:c5:e7:3a:67:ea:13:
                    c9:fc:db:9b:af:c5:be:af:a8:d6:7d:e4:67:de:7c:
                    c1:99:4a:36:43:0f:e6:b9:fc:43:d0:f3:fe:9b:09:
                    72:b3:bb:57:46:97:7d:85:96:27:8b:47:4c:96:db:
                    88:38:e8:e8:db:62:93:b0:a2:b6:7d:f3:92:62:41:
                    5c:33:c8:3c:c8:de:95:6f:23:5e:18:6d:2b:d9:1d:
                    58:91:82:6f:e3:d1:4e:70:5c:f4:97:0b:c0:04:09:
                    89:40:02:05:61:bb:06:8e:92:55:7c:1c:07:22:dc:
                    78:56:d7:e0:bc:52:d7:7c:d7:37:74:8e:16:6d:39:
                    79:00:e0:5d:9a:d9:aa:67:51:da:8b:34:0c:89:fa:
                    f5:d3:2f:7a:3c:34:da:c2:fb:9d:b2:b0:92:60:07:
                    7c:b9:d3:f1:5d:b4:1c:3c:36:56:0b:53:33:f9:3e:
                    60:aa:6d:78:44:1a:65:38:30:74:8f:c5:55:1f:0f:
                    04:12:46:a4:5d:42:09:98:e9:b4:8d:4f:93:24:49:
                    c1:0c:e0:94:c3:cb:6e:c1:b6:9c:a2:91:db:fb:8a:
                    15:ee:df:17:97:58:98:b4:da:6b:98:f2:22:b5:76:
                    f2:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3dvtlsca2020.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3dvtlsca2020
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.10
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.1
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3dvtlsca2020.crl
            X509v3 Subject Alternative Name: 
                DNS:*.solidsystem.net, DNS:solidsystem.net
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                0D:98:C0:73:7F:AB:BD:BD:D9:47:4B:49:AD:0A:4A:0C:AC:3E:C7:7C
            X509v3 Subject Key Identifier: 
                0C:27:F2:89:28:4D:C4:3A:03:1E:AA:DF:42:ED:4F:AE:4B:BD:55:7F
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : May 29 03:50:29.489 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:70:75:80:8A:9B:1E:11:B1:F9:E7:56:DB:
                                29:06:04:E1:7F:CE:4F:B7:69:33:7E:83:97:C0:98:41:
                                88:70:71:A2:02:20:79:9B:63:98:D9:9B:E7:FD:5E:48:
                                F4:F2:7D:CA:AC:BD:1B:02:3E:D2:A4:0C:37:E4:60:0A:
                                13:E9:9F:0C:40:C4
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : May 29 03:50:29.468 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A6:E9:3C:EC:4B:3F:D4:37:84:57:92:
                                E7:48:BF:C0:E9:45:E8:63:39:9A:CC:12:59:EC:D9:D2:
                                59:33:61:4B:66:02:20:79:E9:70:60:9C:7A:43:B5:83:
                                D6:E4:E3:50:74:62:85:5E:7D:99:58:76:2C:E7:79:98:
                                D6:01:AF:A0:56:B5:53
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : May 29 03:50:29.534 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:1A:D6:B6:E7:3E:F3:8C:4C:12:2D:C1:D2:
                                71:1B:59:73:2B:8B:2D:83:5C:CC:12:93:29:F4:61:E4:
                                13:16:E5:90:02:20:39:11:B3:23:60:03:37:7C:55:2A:
                                E3:1E:6D:7D:A7:0F:31:F8:13:30:EA:A0:17:7B:3F:5C:
                                8E:AA:B7:D7:88:21
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2f:7e:a1:b9:2b:08:3c:01:a3:76:8b:df:c4:48:12:36:55:85:
        a1:8c:51:da:da:d9:1f:e5:c9:30:28:0f:bb:a7:46:3b:be:40:
        20:36:94:f9:56:94:be:3b:b4:78:8d:8d:ea:de:19:86:cd:64:
        28:dd:c7:06:65:96:c9:e2:92:f3:72:82:3a:54:d4:04:da:e9:
        1c:f4:c0:37:30:35:57:58:84:54:6c:00:fc:e0:ae:61:ac:79:
        d8:33:ce:33:e3:7b:60:b8:74:c9:ba:8b:3c:24:74:3b:6a:60:
        13:e5:cd:c4:fa:e9:19:21:89:42:0a:93:0a:f7:65:54:6d:f6:
        6b:b7:7c:49:76:f7:28:f8:98:dd:62:95:41:3b:cf:c2:7a:b8:
        47:9a:d0:70:bb:55:17:9a:5b:15:77:13:f3:fe:27:42:8b:2c:
        d9:f1:a3:bd:85:90:bb:11:bc:ef:fa:e8:b3:c2:3b:26:a8:06:
        d8:14:11:33:7d:a4:0c:d3:51:69:41:8f:4a:4b:53:97:fd:ab:
        a7:ba:48:5c:d7:8c:c3:86:75:c2:db:d3:56:b0:ad:74:42:38:
        ee:3a:75:db:b1:4c:eb:2c:b8:b2:2a:2e:9e:f3:bc:ee:e0:a3:
        46:fd:0c:8d:68:25:d5:d2:e9:c5:c5:b7:db:b8:68:2a:0d:e8:
        38:e7:ec:5a

254971486 | 2024-04-15T04:32:55.082997

587 / tcp

554 abc-jp.info ESMTP not accepting messages
250-abc-jp.info Hello 224.113.111.174 [224.113.111.174], pleased to meet you
250 ENHANCEDSTATUSCODES

-1893515987 | 2024-04-08T04:43:04.086427

993 / tcp

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready.
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS AUTH=PLAIN
A001 OK Capability completed.
* ID NIL
A002 OK ID completed.
A003 BAD Error in IMAP command received by server.
* BYE Logging out
A004 OK Logout completed.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
        Signature Algorithm: md5WithRSAEncryption
        Issuer: OU=IMAP server, CN=imap.example.com/emailAddress=postmaster@example.com
        Validity
            Not Before: Sep  8 07:19:09 2015 GMT
            Not After : Sep  7 07:19:09 2016 GMT
        Subject: OU=IMAP server, CN=imap.example.com/emailAddress=postmaster@example.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:c4:00:17:2c:3f:b6:dc:ee:4c:9f:b9:c6:98:2d:
                    57:6e:cc:87:d7:f2:7a:95:45:06:47:af:cb:18:4a:
                    b0:11:cf:10:67:0f:0a:0a:88:77:b1:83:98:7a:41:
                    8d:32:f3:5c:c7:0d:2f:60:29:9b:93:bf:62:f0:48:
                    b3:3b:5c:ef:71:09:b6:3c:5e:d2:15:9b:bc:b0:23:
                    68:28:96:45:55:59:60:d5:60:ba:16:fa:a9:81:5d:
                    6d:45:8f:ff:e8:c6:c9:49:a6:51:8c:28:4b:94:bd:
                    27:b4:c1:b6:eb:8a:07:c8:a7:dd:aa:65:70:71:dd:
                    e4:d7:5c:b9:6f:dd:5b:fa:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            Netscape Cert Type: 
                SSL Server
    Signature Algorithm: md5WithRSAEncryption
    Signature Value:
        39:48:ef:8e:3c:80:d7:f5:ec:32:f6:b5:19:f4:48:82:75:bd:
        e4:77:33:5f:80:6a:0f:f6:d9:f6:f9:a3:00:76:c5:9c:6f:4f:
        54:1e:09:84:74:10:cb:d7:87:e1:5b:46:e2:4c:08:68:45:9f:
        87:8f:bb:3d:5d:95:50:1a:65:1f:e6:f0:ba:74:81:39:6e:43:
        2a:5d:0c:f1:6b:3e:75:10:6d:d1:12:2e:f0:53:d1:f7:0c:82:
        83:21:ba:00:80:23:19:54:ff:77:29:73:f2:25:b4:6f:74:37:
        71:7c:05:02:8b:b2:71:29:0a:35:93:ce:a7:99:48:a5:70:bb:
        cd:6a

627680598 | 2024-04-16T09:18:20.507047

995 / tcp

+OK Dovecot ready.
+OK
CAPA
TOP
UIDL
RESP-CODES
PIPELINING
USER
SASL PLAIN
.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
        Signature Algorithm: md5WithRSAEncryption
        Issuer: OU=IMAP server, CN=imap.example.com/emailAddress=postmaster@example.com
        Validity
            Not Before: Sep  8 07:19:09 2015 GMT
            Not After : Sep  7 07:19:09 2016 GMT
        Subject: OU=IMAP server, CN=imap.example.com/emailAddress=postmaster@example.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:c4:00:17:2c:3f:b6:dc:ee:4c:9f:b9:c6:98:2d:
                    57:6e:cc:87:d7:f2:7a:95:45:06:47:af:cb:18:4a:
                    b0:11:cf:10:67:0f:0a:0a:88:77:b1:83:98:7a:41:
                    8d:32:f3:5c:c7:0d:2f:60:29:9b:93:bf:62:f0:48:
                    b3:3b:5c:ef:71:09:b6:3c:5e:d2:15:9b:bc:b0:23:
                    68:28:96:45:55:59:60:d5:60:ba:16:fa:a9:81:5d:
                    6d:45:8f:ff:e8:c6:c9:49:a6:51:8c:28:4b:94:bd:
                    27:b4:c1:b6:eb:8a:07:c8:a7:dd:aa:65:70:71:dd:
                    e4:d7:5c:b9:6f:dd:5b:fa:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            Netscape Cert Type: 
                SSL Server
    Signature Algorithm: md5WithRSAEncryption
    Signature Value:
        39:48:ef:8e:3c:80:d7:f5:ec:32:f6:b5:19:f4:48:82:75:bd:
        e4:77:33:5f:80:6a:0f:f6:d9:f6:f9:a3:00:76:c5:9c:6f:4f:
        54:1e:09:84:74:10:cb:d7:87:e1:5b:46:e2:4c:08:68:45:9f:
        87:8f:bb:3d:5d:95:50:1a:65:1f:e6:f0:ba:74:81:39:6e:43:
        2a:5d:0c:f1:6b:3e:75:10:6d:d1:12:2e:f0:53:d1:f7:0c:82:
        83:21:ba:00:80:23:19:54:ff:77:29:73:f2:25:b4:6f:74:37:
        71:7c:05:02:8b:b2:71:29:0a:35:93:ce:a7:99:48:a5:70:bb:
        cd:6a

153.122.143.28

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1065236375 | 2024-03-27T04:52:24.899573
21 / tcp

1044474323 | 2024-04-18T01:51:05.452960
25 / tcp

Sendmail

720305818 | 2024-04-16T00:40:21.941071
80 / tcp

Apache httpd2.0.64

720305818 | 2024-04-16T06:57:12.234378
443 / tcp

Apache httpd2.0.64

254971486 | 2024-04-15T04:32:55.082997
587 / tcp

Sendmail

-1893515987 | 2024-04-08T04:43:04.086427
993 / tcp

627680598 | 2024-04-16T09:18:20.507047
995 / tcp

Products

Pricing

Contact Us

153.122.143.28

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1065236375 | 2024-03-27T04:52:24.899573 21 / tcp

1044474323 | 2024-04-18T01:51:05.452960 25 / tcp

Sendmail

720305818 | 2024-04-16T00:40:21.941071 80 / tcp

Apache httpd2.0.64

720305818 | 2024-04-16T06:57:12.234378 443 / tcp

Apache httpd2.0.64

254971486 | 2024-04-15T04:32:55.082997 587 / tcp

Sendmail

-1893515987 | 2024-04-08T04:43:04.086427 993 / tcp

627680598 | 2024-04-16T09:18:20.507047 995 / tcp

Products

Pricing

Contact Us

-1065236375 | 2024-03-27T04:52:24.899573
21 / tcp

1044474323 | 2024-04-18T01:51:05.452960
25 / tcp

720305818 | 2024-04-16T00:40:21.941071
80 / tcp

720305818 | 2024-04-16T06:57:12.234378
443 / tcp

254971486 | 2024-04-15T04:32:55.082997
587 / tcp

-1893515987 | 2024-04-08T04:43:04.086427
993 / tcp

627680598 | 2024-04-16T09:18:20.507047
995 / tcp