GeneralInformation

Hostnames	best-trailer.ru partnerki2.ru
Domains	best-trailer.ru partnerki2.ru
Country	Russian Federation
City	Moscow
Organization	JSC Datacenter
ISP	JSC IOT
ASN	AS29182

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51713	make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2021-46854	mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-9272	5.0ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
CVE-2019-19272	5.0An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
CVE-2019-19271	5.0An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been revoked to proceed with a connection to the server.
CVE-2019-19270	5.0An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.
CVE-2019-19269	4.0An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
CVE-2019-18217	5.0ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
CVE-2019-12815	7.5An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CVE-2018-16845	5.8nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.
CVE-2017-7529	5.0Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
CVE-2017-20005	7.5NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered by the autoindex module.
CVE-2016-4450	5.0os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file.
CVE-2016-3125	5.0The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.
CVE-2016-1247	7.2The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access to the web server user account to gain root privileges via a symlink attack on the error log.
CVE-2016-0747	5.0The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution.
CVE-2016-0746	7.5Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.
CVE-2016-0742	5.0The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.
CVE-2015-3306	10.0The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
CVE-2013-4359	5.0Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation.

OpenPorts

21 22 25 53 80 110 111 123 143 443 465 587 3306 4949

1660225550 | 2024-04-21T06:37:09.333070

21 / tcp

220 ProFTPD 1.3.5 Server (Debian) [::ffff:212.109.216.181]
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
214-CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
214-EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
214-XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
214-NOOP    FEAT    OPTS    AUTH    CCC*    CONF*   ENC*    MIC*    
214-PBSZ    PROT    TYPE    STRU    MODE    RETR    STOR    STOU    
214-APPE    REST    ABOR    USER    PASS    ACCT*   REIN*   LIST    
214-NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@127.0.0.1
211-Features:
 SITE COPY
 SIZE
 PROT
 CCC
 SITE MKDIR
 PBSZ
 AUTH TLS
 REST STREAM
 UTF8
 EPRT
 SITE SYMLINK
 EPSV
 LANG en-US.UTF-8*;en-US;ru-RU.UTF-8;ru-RU
 SITE UTIME
 MDTM
 SITE RMDIR
 SSCN
211 End

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ee:d7:a5:f0:8d:42:31:34
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=example.com/emailAddress=root@partnerki
        Validity
            Not Before: Nov 30 10:21:14 2015 GMT
            Not After : Nov 27 10:21:14 2025 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=example.com/emailAddress=root@partnerki
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:ce:af:7a:bf:44:9c:0c:83:39:f4:8f:22:85:eb:
                    a9:29:67:1c:8d:da:c4:12:d7:2f:71:5b:fe:12:0c:
                    44:55:35:27:7a:e3:03:20:52:2a:1b:39:62:7f:ea:
                    b5:9a:09:27:9f:e1:23:c8:bd:69:ce:d8:a6:74:43:
                    f4:54:1b:55:e0:7e:06:68:79:cd:01:b5:02:0f:75:
                    ea:78:5b:ff:c2:9e:17:e6:7d:41:0e:e5:70:89:16:
                    da:58:c8:b1:3b:c2:d0:76:59:60:a6:e7:1e:93:c3:
                    f8:6e:4c:91:b8:d0:70:f4:db:f1:29:4a:1f:22:1c:
                    b9:d0:6d:cc:ad:99:ad:47:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                41:2A:29:27:21:63:01:0B:B1:BE:06:4F:D6:94:66:51:E7:44:AE:00
            X509v3 Authority Key Identifier: 
                41:2A:29:27:21:63:01:0B:B1:BE:06:4F:D6:94:66:51:E7:44:AE:00
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4e:7a:d9:eb:1e:c9:69:3e:6e:d6:c5:51:2f:9c:cb:78:7d:cb:
        bc:eb:12:30:f7:d6:2f:8e:3c:59:34:4e:47:d5:d6:2e:18:84:
        ca:be:4d:ab:a0:79:36:0a:8a:27:f4:b4:7c:44:0f:44:b8:92:
        18:8b:7e:cb:e0:b5:3d:aa:9f:d9:14:2b:d0:ec:6e:64:63:29:
        aa:86:93:ee:b4:e0:75:e7:8c:fd:e3:7c:9e:aa:b4:59:5f:05:
        0f:f2:43:4f:97:9e:f3:c0:bf:f5:2b:97:9e:c1:7e:63:54:40:
        db:ca:23:7d:0d:90:67:3a:4d:f2:ae:3d:57:ef:9f:8d:38:80:
        6a:18

-540170047 | 2024-04-25T05:49:24.233775

22 / tcp

SSH-2.0-OpenSSH_6.7p1 Debian-5
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCqGtPPyj4RMwUHGuO28Ahvc9Uddz21jQ1EyMJU3eaGyy+3
ZNwjlMGKyI+W2NoWS/xyIZlixTWUguHTUqCatdtA0GQj7pJP6d3vrpUFRbWkxMRRCxQAAN01THNB
pPCgSl4KQfeLO+IOjvGyUFSGQFPqy9ncxBeEtfDX8FzQ9WztL7qNQEWTOSuJVZBIsrILQltJy++b
6PuECfVyTYCM+UluIV7FppRehwJWNG3pSt84L5qN28RwVjLFABbYG0hbHt+GZQbA4+ONdFyVwOrM
dgt5yoozO5OMSaCBMTdTWnejlVKrPGpaDHCGMX7BeFOuzpFmZfTjR3tz4bVi/jweIleN
Fingerprint: 01:60:d2:f7:79:b9:e8:4b:da:9e:e2:35:2f:8b:ae:1a

Kex Algorithms:
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	ssh-dss
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com
	chacha20-poly1305@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-2090354207 | 2024-04-25T03:37:19.024649

25 / tcp

220 partnerki.ru ESMTP Exim 4.84 Thu, 25 Apr 2024 06:36:51 +0300
250-partnerki.ru Hello s2ceb9ntagd.org [224.76.122.226]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5
250-STARTTLS
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ae:2a:13:8f:6a:c1:87:5c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=partnerki/emailAddress=root@partnerki.ru
        Validity
            Not Before: Nov 30 10:20:41 2015 GMT
            Not After : Nov 27 10:20:41 2025 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=partnerki/emailAddress=root@partnerki.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:cc:11:02:9a:eb:0f:e1:39:bf:d9:bf:6a:70:59:
                    dd:98:af:c3:cc:6c:ef:d6:0e:0b:ad:a7:87:b2:58:
                    73:aa:8d:35:31:cc:53:a7:27:6e:d3:9c:3a:a2:67:
                    77:e2:c9:71:76:53:69:18:7b:b0:d0:88:73:c4:30:
                    e5:56:b6:9f:1e:f3:6b:de:2b:3a:ac:fe:e2:82:ed:
                    ab:af:a7:71:6e:85:2b:d1:c5:22:2b:ac:e5:ee:94:
                    16:d6:45:aa:65:71:39:fc:16:0e:6c:47:65:44:49:
                    2f:93:23:cf:6c:ae:61:0c:88:fa:9a:20:93:f8:bf:
                    31:cf:34:96:95:38:92:69:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:12:6E:F5:AB:6C:55:94:98:0D:D5:4C:CC:BB:10:5F:C1:8C:9F:3B
            X509v3 Authority Key Identifier: 
                4E:12:6E:F5:AB:6C:55:94:98:0D:D5:4C:CC:BB:10:5F:C1:8C:9F:3B
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5c:7b:f3:e5:7c:5e:8f:b5:da:ea:ae:a9:da:d3:84:0e:e3:3d:
        14:48:d2:40:35:3b:94:21:70:1c:2b:d7:5b:f1:6a:56:f8:58:
        a2:90:59:75:1a:03:aa:73:07:8b:5f:21:16:d0:db:0c:93:8b:
        53:c0:88:de:a3:86:79:ed:72:55:46:ae:d6:c0:d8:e4:3a:1d:
        ce:dc:33:5f:42:16:a2:96:13:19:1c:f8:54:26:e9:79:c3:b7:
        48:47:26:8d:3a:75:ea:46:e3:64:94:b2:89:eb:7d:44:a3:59:
        4b:1d:ef:c2:71:09:90:f7:46:77:5b:bb:4a:56:56:33:ba:e8:
        bb:b9

448048727 | 2024-04-28T07:52:51.215545

53 / tcp

9.9.5-9+deb8u3-Debian
Resolver name: partnerki

448048727 | 2024-04-23T03:25:02.140383

53 / udp

9.9.5-9+deb8u3-Debian
Resolver name: partnerki

-1672215810 | 2024-04-26T04:55:26.874794

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.8.0
Date: Fri, 26 Apr 2024 04:55:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Fri, 03 May 2024 04:55:26 GMT
Cache-Control: max-age=604800

2062522430 | 2024-04-16T19:18:40.218106

110 / tcp

+OK Dovecot ready.
+OK
CAPA
TOP
UIDL
RESP-CODES
PIPELINING
AUTH-RESP-CODE
USER
SASL PLAIN LOGIN DIGEST-MD5 CRAM-MD5
.

-2059964656 | 2024-04-28T02:56:48.348745

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	41923
status	1	tcp	43901

-2059964656 | 2024-04-24T00:37:52.686183

111 / udp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	41923
status	1	tcp	43901

1173637138 | 2024-04-25T23:11:59.249290

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -23
rootdelay: 0.0325012207031
rootdisp: 0.0543060302734
refid: 1540231171
reftime: 3923074757.82
poll: 3

1055293435 | 2024-04-23T07:40:00.387934

143 / tcp

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5
A001 OK Pre-login capabilities listed, post-login capabilities have more.
* ID ("name" "Dovecot")
A002 OK ID completed.
A003 BAD Error in IMAP command received by server.
* BYE Logging out
A004 OK Logout completed.

339753777 | 2024-04-15T11:45:52.448015

443 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.8.0
Date: Mon, 15 Apr 2024 11:45:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:23:aa:5a:ad:ee:a8:bf:e8:5f:c7:dc
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
        Validity
            Not Before: Dec 25 08:50:20 2023 GMT
            Not After : Jan 25 08:50:19 2025 GMT
        Subject: CN=*.best-trailer.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:99:0f:c7:43:86:84:00:00:62:17:2b:28:50:89:
                    e0:4d:b4:9a:4c:b9:c5:c5:08:a4:60:4d:e8:c0:48:
                    56:38:dc:7f:1d:4c:0a:d8:5b:58:83:17:25:fa:fd:
                    d4:7b:38:d8:ab:e3:41:8a:a1:1f:bb:4c:10:8e:8d:
                    e8:55:a6:b5:f5:b3:aa:86:2d:f3:b3:ee:8d:7e:7f:
                    66:d7:b2:1e:b9:23:4e:3c:d9:51:81:b4:5a:20:2e:
                    ba:1b:a2:f0:b4:9a:db:91:57:56:43:09:9a:8d:18:
                    51:0f:69:f7:14:7a:5c:9f:e6:e8:d2:6c:09:62:17:
                    6f:60:2b:02:aa:d0:ea:60:4a:ad:fc:1c:ce:e2:a0:
                    33:cd:d0:66:44:de:a7:ad:32:9c:23:8c:a0:b6:a9:
                    d1:af:f5:3d:84:ea:f7:cf:42:c8:c4:97:c4:73:6f:
                    5b:08:f3:e9:be:50:2b:a7:e0:37:f5:1b:d1:cd:33:
                    f8:a5:06:8f:d2:52:fe:25:77:87:da:d4:34:b0:6c:
                    ab:c0:b1:85:02:c3:eb:6e:e6:84:f8:01:20:9a:15:
                    cb:47:d2:a7:f0:eb:78:4d:2d:0c:f4:d0:2c:ac:21:
                    86:47:30:b6:63:bb:5f:52:5c:9e:2e:e4:6c:94:94:
                    b2:69:44:f6:8d:62:7f:1b:a6:99:59:6d:5c:71:f5:
                    55:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/alphasslcasha256g4.crt
                OCSP - URI:http://ocsp.globalsign.com/alphasslcasha256g4
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.4146.10.1.3
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/alphasslcasha256g4.crl
            X509v3 Subject Alternative Name: 
                DNS:*.best-trailer.ru, DNS:best-trailer.ru
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                4F:CB:AC:A8:C2:EF:AB:DD:83:6F:6B:BF:CE:98:3D:5C:58:25:76:15
            X509v3 Subject Key Identifier: 
                3E:FB:20:49:EF:69:CF:3F:3E:34:86:C5:FA:20:C2:5F:93:D6:B2:AA
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Dec 25 08:50:24.114 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D6:A2:3C:DD:C5:10:C4:6B:9E:98:8D:
                                6F:28:6F:DE:7F:F8:8C:E3:6F:A2:55:E4:05:A5:D2:C3:
                                33:A5:E4:DA:C6:02:21:00:A8:87:B9:C2:CF:18:84:F4:
                                57:D2:A9:05:D4:08:71:C1:DF:28:4C:F6:31:57:99:92:
                                A9:D5:D7:7B:DF:26:A0:2E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Dec 25 08:50:24.107 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:91:A7:09:A3:B6:18:EC:07:B8:8C:20:
                                B1:24:9B:58:9E:D3:92:7B:E3:61:E8:13:86:BD:05:D1:
                                2E:95:2F:31:41:02:21:00:DD:64:7E:56:1F:FE:85:7A:
                                C5:B5:6D:07:97:C9:5C:D7:2A:EE:1F:7B:13:BA:3B:10:
                                31:FB:86:71:7C:AD:C1:93
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Dec 25 08:50:24.065 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:53:CE:49:78:FE:EF:A0:05:73:2D:3C:5A:
                                94:31:E8:4E:A0:95:91:77:B1:25:9C:DC:B7:F6:AB:B8:
                                BB:80:81:09:02:21:00:AB:94:40:26:99:7D:A1:4E:FD:
                                5B:C0:1A:DE:43:1B:35:01:54:7F:77:E1:49:CD:01:DC:
                                7E:7C:26:9A:DC:16:E9
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        97:28:fc:5c:ba:5e:b6:12:2b:c3:b6:57:49:14:e4:b4:27:3d:
        67:11:37:1a:a9:5e:d1:8f:ee:96:22:83:d9:81:4c:4c:01:fc:
        72:d7:b7:75:b1:d8:82:87:7e:c6:48:7b:7d:9f:67:20:9a:52:
        3c:08:37:52:7d:f6:2a:c1:1c:41:42:dd:dd:5d:c0:07:57:c3:
        1c:bf:14:be:39:a6:f5:e4:68:dc:c0:d9:5a:d2:5a:f9:74:c1:
        85:e9:d0:d1:66:32:9c:9f:42:34:af:1e:46:40:83:e3:e8:9b:
        1f:d1:48:07:f9:e8:04:bb:a6:7c:33:4d:40:35:4e:07:36:4c:
        b1:f6:c7:58:9d:e8:f1:8d:5c:89:0a:4d:f8:97:fc:ac:69:de:
        a3:88:d2:bd:a7:51:a1:b4:28:3b:2b:ce:e2:ae:53:84:73:63:
        68:50:c2:ba:22:b4:f3:e8:23:86:02:51:10:4e:85:b6:d4:cb:
        05:a3:7d:03:b3:cc:f4:20:bb:9e:8c:15:11:2f:19:0c:14:41:
        52:e7:fa:0d:aa:4f:25:87:59:61:bc:d2:ea:28:45:5e:a2:27:
        e5:96:27:df:c8:24:5f:b0:86:65:49:1c:d7:14:92:28:df:14:
        5e:0c:a5:be:7e:66:22:86:18:d9:73:4e:dc:07:d8:e8:b5:28:
        6d:cc:8e:16

-221121573 | 2024-04-17T12:54:47.044201

465 / tcp

220 partnerki.ru ESMTP Exim 4.84 Wed, 17 Apr 2024 15:54:29 +0300
250-partnerki.ru Hello 92qj522mtixcd.net [224.247.177.18]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ae:2a:13:8f:6a:c1:87:5c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=partnerki/emailAddress=root@partnerki.ru
        Validity
            Not Before: Nov 30 10:20:41 2015 GMT
            Not After : Nov 27 10:20:41 2025 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=partnerki/emailAddress=root@partnerki.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:cc:11:02:9a:eb:0f:e1:39:bf:d9:bf:6a:70:59:
                    dd:98:af:c3:cc:6c:ef:d6:0e:0b:ad:a7:87:b2:58:
                    73:aa:8d:35:31:cc:53:a7:27:6e:d3:9c:3a:a2:67:
                    77:e2:c9:71:76:53:69:18:7b:b0:d0:88:73:c4:30:
                    e5:56:b6:9f:1e:f3:6b:de:2b:3a:ac:fe:e2:82:ed:
                    ab:af:a7:71:6e:85:2b:d1:c5:22:2b:ac:e5:ee:94:
                    16:d6:45:aa:65:71:39:fc:16:0e:6c:47:65:44:49:
                    2f:93:23:cf:6c:ae:61:0c:88:fa:9a:20:93:f8:bf:
                    31:cf:34:96:95:38:92:69:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:12:6E:F5:AB:6C:55:94:98:0D:D5:4C:CC:BB:10:5F:C1:8C:9F:3B
            X509v3 Authority Key Identifier: 
                4E:12:6E:F5:AB:6C:55:94:98:0D:D5:4C:CC:BB:10:5F:C1:8C:9F:3B
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5c:7b:f3:e5:7c:5e:8f:b5:da:ea:ae:a9:da:d3:84:0e:e3:3d:
        14:48:d2:40:35:3b:94:21:70:1c:2b:d7:5b:f1:6a:56:f8:58:
        a2:90:59:75:1a:03:aa:73:07:8b:5f:21:16:d0:db:0c:93:8b:
        53:c0:88:de:a3:86:79:ed:72:55:46:ae:d6:c0:d8:e4:3a:1d:
        ce:dc:33:5f:42:16:a2:96:13:19:1c:f8:54:26:e9:79:c3:b7:
        48:47:26:8d:3a:75:ea:46:e3:64:94:b2:89:eb:7d:44:a3:59:
        4b:1d:ef:c2:71:09:90:f7:46:77:5b:bb:4a:56:56:33:ba:e8:
        bb:b9

555111684 | 2024-04-26T02:50:40.289702

587 / tcp

220 partnerki.ru ESMTP Exim 4.84 Fri, 26 Apr 2024 05:50:17 +0300
250-partnerki.ru Hello 224.10.189.212 [224.10.189.212]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5
250-STARTTLS
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ae:2a:13:8f:6a:c1:87:5c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=partnerki/emailAddress=root@partnerki.ru
        Validity
            Not Before: Nov 30 10:20:41 2015 GMT
            Not After : Nov 27 10:20:41 2025 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=partnerki/emailAddress=root@partnerki.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:cc:11:02:9a:eb:0f:e1:39:bf:d9:bf:6a:70:59:
                    dd:98:af:c3:cc:6c:ef:d6:0e:0b:ad:a7:87:b2:58:
                    73:aa:8d:35:31:cc:53:a7:27:6e:d3:9c:3a:a2:67:
                    77:e2:c9:71:76:53:69:18:7b:b0:d0:88:73:c4:30:
                    e5:56:b6:9f:1e:f3:6b:de:2b:3a:ac:fe:e2:82:ed:
                    ab:af:a7:71:6e:85:2b:d1:c5:22:2b:ac:e5:ee:94:
                    16:d6:45:aa:65:71:39:fc:16:0e:6c:47:65:44:49:
                    2f:93:23:cf:6c:ae:61:0c:88:fa:9a:20:93:f8:bf:
                    31:cf:34:96:95:38:92:69:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:12:6E:F5:AB:6C:55:94:98:0D:D5:4C:CC:BB:10:5F:C1:8C:9F:3B
            X509v3 Authority Key Identifier: 
                4E:12:6E:F5:AB:6C:55:94:98:0D:D5:4C:CC:BB:10:5F:C1:8C:9F:3B
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5c:7b:f3:e5:7c:5e:8f:b5:da:ea:ae:a9:da:d3:84:0e:e3:3d:
        14:48:d2:40:35:3b:94:21:70:1c:2b:d7:5b:f1:6a:56:f8:58:
        a2:90:59:75:1a:03:aa:73:07:8b:5f:21:16:d0:db:0c:93:8b:
        53:c0:88:de:a3:86:79:ed:72:55:46:ae:d6:c0:d8:e4:3a:1d:
        ce:dc:33:5f:42:16:a2:96:13:19:1c:f8:54:26:e9:79:c3:b7:
        48:47:26:8d:3a:75:ea:46:e3:64:94:b2:89:eb:7d:44:a3:59:
        4b:1d:ef:c2:71:09:90:f7:46:77:5b:bb:4a:56:56:33:ba:e8:
        bb:b9

-252450389 | 2024-04-28T12:33:51.326007

3306 / tcp

MySQL:
  Error Message: Host '224.182.32.226' is not allowed to connect to this MySQL server
  Error Code: 1130

212.109.216.181

Last Seen: 2024-04-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1660225550 | 2024-04-21T06:37:09.333070
21 / tcp

ProFTPD1.3.5

-540170047 | 2024-04-25T05:49:24.233775
22 / tcp

OpenSSH6.7p1 Debian 5

-2090354207 | 2024-04-25T03:37:19.024649
25 / tcp

Exim smtpd4.84

448048727 | 2024-04-28T07:52:51.215545
53 / tcp

448048727 | 2024-04-23T03:25:02.140383
53 / udp

-1672215810 | 2024-04-26T04:55:26.874794
80 / tcp

nginx1.8.0

2062522430 | 2024-04-16T19:18:40.218106
110 / tcp

-2059964656 | 2024-04-28T02:56:48.348745
111 / tcp

-2059964656 | 2024-04-24T00:37:52.686183
111 / udp

1173637138 | 2024-04-25T23:11:59.249290
123 / udp

1055293435 | 2024-04-23T07:40:00.387934
143 / tcp

339753777 | 2024-04-15T11:45:52.448015
443 / tcp

nginx1.8.0

-221121573 | 2024-04-17T12:54:47.044201
465 / tcp

Exim smtpd4.84

555111684 | 2024-04-26T02:50:40.289702
587 / tcp

Exim smtpd4.84

-252450389 | 2024-04-28T12:33:51.326007
3306 / tcp

MySQL

Products

Pricing

Contact Us

212.109.216.181

Last Seen: 2024-04-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1660225550 | 2024-04-21T06:37:09.333070 21 / tcp

-540170047 | 2024-04-25T05:49:24.233775 22 / tcp

-2090354207 | 2024-04-25T03:37:19.024649 25 / tcp

448048727 | 2024-04-28T07:52:51.215545 53 / tcp

448048727 | 2024-04-23T03:25:02.140383 53 / udp

-1672215810 | 2024-04-26T04:55:26.874794 80 / tcp

2062522430 | 2024-04-16T19:18:40.218106 110 / tcp

-2059964656 | 2024-04-28T02:56:48.348745 111 / tcp

-2059964656 | 2024-04-24T00:37:52.686183 111 / udp

1173637138 | 2024-04-25T23:11:59.249290 123 / udp

1055293435 | 2024-04-23T07:40:00.387934 143 / tcp

339753777 | 2024-04-15T11:45:52.448015 443 / tcp

-221121573 | 2024-04-17T12:54:47.044201 465 / tcp

555111684 | 2024-04-26T02:50:40.289702 587 / tcp

-252450389 | 2024-04-28T12:33:51.326007 3306 / tcp

Products

Pricing

Contact Us

1660225550 | 2024-04-21T06:37:09.333070
21 / tcp

-540170047 | 2024-04-25T05:49:24.233775
22 / tcp

-2090354207 | 2024-04-25T03:37:19.024649
25 / tcp

448048727 | 2024-04-28T07:52:51.215545
53 / tcp

448048727 | 2024-04-23T03:25:02.140383
53 / udp

-1672215810 | 2024-04-26T04:55:26.874794
80 / tcp

2062522430 | 2024-04-16T19:18:40.218106
110 / tcp

-2059964656 | 2024-04-28T02:56:48.348745
111 / tcp

-2059964656 | 2024-04-24T00:37:52.686183
111 / udp

1173637138 | 2024-04-25T23:11:59.249290
123 / udp

1055293435 | 2024-04-23T07:40:00.387934
143 / tcp

339753777 | 2024-04-15T11:45:52.448015
443 / tcp

-221121573 | 2024-04-17T12:54:47.044201
465 / tcp

555111684 | 2024-04-26T02:50:40.289702
587 / tcp

-252450389 | 2024-04-28T12:33:51.326007
3306 / tcp