GeneralInformation

Hostnames	on-line.ru
Domains	on-line.ru
Country	Russian Federation
City	Moscow
Organization	1C-RARUS LTD
ISP	JSC Macomnet
ASN	AS8470

Vulnerabilities

CVE-2015-0204

4.3The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.

OpenPorts

22 25 53 80 106 110 143 389 443 465 636 993 995 3306 5222 8010 10000

121770892 | 2024-04-29T05:45:30.109231

22 / tcp

SSH-1.99-OpenSSH_3.9p1
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAABIwAAAIEAw8b+YhwQjp7SVqoYpZPuaavLMhw7wJJ+BXxrc+6EzjbwGBk4
NCBwNh5BdUwWnoeOtJCBMjeulynQXHfX6+EYlV4dMsbFQambJsH6G3oHblR14nbpOfBycmetmJEw
PWhYywnb1VocMnK11XWQiy8MzURmfbWDyspn6xNpwWySOus=
Fingerprint: ea:ac:1d:7c:55:49:af:c1:3f:e1:ac:2c:80:13:b0:53

Kex Algorithms:
	diffie-hellman-group-exchange-sha1
	diffie-hellman-group14-sha1
	diffie-hellman-group1-sha1

Server Host Key Algorithms:
	ssh-rsa
	ssh-dss

Encryption Algorithms:
	aes128-cbc
	3des-cbc
	blowfish-cbc
	cast128-cbc
	arcfour
	aes192-cbc
	aes256-cbc
	rijndael-cbc@lysator.liu.se
	aes128-ctr
	aes192-ctr
	aes256-ctr

MAC Algorithms:
	hmac-md5
	hmac-sha1
	hmac-ripemd160
	hmac-ripemd160@openssh.com
	hmac-sha1-96
	hmac-md5-96

Compression Algorithms:
	none
	zlib

249353395 | 2024-05-01T15:15:50.417533

25 / tcp

220 on-line.ru ESMTP CommuniGate Pro 5.1.13
250-on-line.ru we trust you 5i8wtwb3jq.com
250-DSN
250-SIZE 0
250-STARTTLS
250-AUTH LOGIN PLAIN
250-ETRN
250-TURN
250-ATRN
250-NO-SOLICITING
250-8BITMIME
250-HELP
250-PIPELINING
250 EHLO

-1325313417 | 2024-05-09T14:31:57.645608

53 / tcp

9.3.1
Resolver name: zaslon.rarus.ru

-1325313417 | 2024-05-02T22:59:31.479015

53 / udp

9.3.1
Resolver name: zaslon.rarus.ru

-1684685264 | 2024-05-12T01:00:28.071709

80 / tcp

HTTP/1.1 200 OK
Content-Length: 6172
Connection: close
Date: Sun, 12 May 2024 01:00:19 GMT
Content-Type: text/html;charset=iso-8859-1
Server: CommuniGatePro/5.1.13

-1258588596 | 2024-05-08T10:12:10.729692

106 / tcp

200 CommuniGate Pro PWD Server 5.1.13 ready \r\n

-1167695353 | 2024-05-07T13:27:30.341316

110 / tcp

+OK CommuniGate Pro POP3 Server 5.1.13 ready 
+OK capability list follows

1144853944 | 2024-05-07T00:48:16.262822

143 / tcp

* OK CommuniGate Pro IMAP Server 5.1.13 at on-line.ru ready
* CAPABILITY IMAP4 IMAP4REV1 ACL NAMESPACE UIDPLUS IDLE LITERAL+ QUOTA ID MULTIAPPEND LISTEXT CHILDREN BINARY LOGIN-REFERRALS UNSELECT STARTTLS AUTH=LOGIN AUTH=PLAIN
A001 OK completed
* ID ("name" "CommuniGate Pro" "version" "5.1.13" "support-url" "mailto:support@communigate.com")
A002 OK completed
A003 BAD not logged in
* BYE CommuniGate Pro IMAP closing connection
A004 OK completed

1945596979 | 2024-04-16T22:02:44.341368

389 / tcp

0\t\x02\x01\x02d\x04\x04\x000\x00

997305571 | 2024-05-13T14:30:19.475219

443 / tcp

HTTP/1.1 200 OK
Content-Length: 6170
Connection: close
Date: Mon, 13 May 2024 14:30:09 GMT
Content-Type: text/html;charset=iso-8859-1
Server: CommuniGatePro/5.1.13

1929562971 | 2024-05-13T16:11:02.791131

465 / tcp

220 on-line.ru ESMTP CommuniGate Pro 5.1.13
250-on-line.ru we trust you tcr9wl1wutfr.com
250-DSN
250-SIZE 0
250-AUTH LOGIN PLAIN
250-ETRN
250-TURN
250-ATRN
250-NO-SOLICITING
250-8BITMIME
250-HELP
250-PIPELINING
250 EHLO

1945596979 | 2024-05-13T00:40:01.835034

636 / tcp

0\t\x02\x01\x02d\x04\x04\x000\x00

-1752423841 | 2024-05-13T12:29:09.196292

993 / tcp

* OK CommuniGate Pro IMAP Server 5.1.13 at on-line.ru ready
* CAPABILITY IMAP4 IMAP4REV1 ACL NAMESPACE UIDPLUS IDLE LITERAL+ QUOTA ID MULTIAPPEND LISTEXT CHILDREN BINARY LOGIN-REFERRALS UNSELECT AUTH=LOGIN AUTH=PLAIN
A001 OK completed
* ID ("name" "CommuniGate Pro" "version" "5.1.13" "support-url" "mailto:support@communigate.com")
A002 OK completed
A003 BAD not logged in
* BYE CommuniGate Pro IMAP closing connection
A004 OK completed

-1167695353 | 2024-05-14T00:22:20.641948

995 / tcp

+OK CommuniGate Pro POP3 Server 5.1.13 ready 
+OK capability list follows

368454099 | 2024-05-06T04:15:12.098496

3306 / tcp

MySQL:
  Error Message: Host '224.181.167.219' is not allowed to connect to this MySQL server
  Error Code: 1130

1961787822 | 2024-05-05T16:06:27.175684

5222 / tcp

<?xml version='1.0'?><stream:stream version="1.0" from="213.247.194.65" id="6008" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams"><stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>LOGIN</mechanism><mechanism>PLAIN</mechanism></mechanisms><auth xmlns="http://jabber.org/features/iq-auth"/></stream:features>

-218128992 | 2024-04-22T13:40:37.452208

8010 / tcp

HTTP/1.1 200 OK
Content-Length: 3072
Connection: close
Date: Mon, 22 Apr 2024 13:40:16 GMT
Content-Type: text/html;charset=iso-8859-1
Server: CommuniGatePro/5.1.13

579740523 | 2024-04-29T21:26:05.902572

10000 / tcp

\x80\x00\x00$\x00\x00\x00\x01f0\x10c\x00\x00\x00\x00\x00\x00\x05\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00

213.247.194.65

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

121770892 | 2024-04-29T05:45:30.109231
22 / tcp

OpenSSH3.9p1

249353395 | 2024-05-01T15:15:50.417533
25 / tcp

Communigate Pro SMTP5.1.13

-1325313417 | 2024-05-09T14:31:57.645608
53 / tcp

-1325313417 | 2024-05-02T22:59:31.479015
53 / udp

-1684685264 | 2024-05-12T01:00:28.071709
80 / tcp

CommuniGate Pro httpd5.1.13

-1258588596 | 2024-05-08T10:12:10.729692
106 / tcp

-1167695353 | 2024-05-07T13:27:30.341316
110 / tcp

CommuniGate Pro5.1.13

1144853944 | 2024-05-07T00:48:16.262822
143 / tcp

1945596979 | 2024-04-16T22:02:44.341368
389 / tcp

997305571 | 2024-05-13T14:30:19.475219
443 / tcp

CommuniGate Pro httpd5.1.13

1929562971 | 2024-05-13T16:11:02.791131
465 / tcp

Communigate Pro SMTP5.1.13

1945596979 | 2024-05-13T00:40:01.835034
636 / tcp

-1752423841 | 2024-05-13T12:29:09.196292
993 / tcp

-1167695353 | 2024-05-14T00:22:20.641948
995 / tcp

CommuniGate Pro5.1.13

368454099 | 2024-05-06T04:15:12.098496
3306 / tcp

MySQL

1961787822 | 2024-05-05T16:06:27.175684
5222 / tcp

-218128992 | 2024-04-22T13:40:37.452208
8010 / tcp

CommuniGate Pro httpd5.1.13

579740523 | 2024-04-29T21:26:05.902572
10000 / tcp

Veritas Backup Exec ndmp9.0

Products

Pricing

Contact Us

213.247.194.65

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

121770892 | 2024-04-29T05:45:30.109231 22 / tcp

249353395 | 2024-05-01T15:15:50.417533 25 / tcp

-1325313417 | 2024-05-09T14:31:57.645608 53 / tcp

-1325313417 | 2024-05-02T22:59:31.479015 53 / udp

-1684685264 | 2024-05-12T01:00:28.071709 80 / tcp

-1258588596 | 2024-05-08T10:12:10.729692 106 / tcp

-1167695353 | 2024-05-07T13:27:30.341316 110 / tcp

1144853944 | 2024-05-07T00:48:16.262822 143 / tcp

1945596979 | 2024-04-16T22:02:44.341368 389 / tcp

997305571 | 2024-05-13T14:30:19.475219 443 / tcp

1929562971 | 2024-05-13T16:11:02.791131 465 / tcp

1945596979 | 2024-05-13T00:40:01.835034 636 / tcp

-1752423841 | 2024-05-13T12:29:09.196292 993 / tcp

-1167695353 | 2024-05-14T00:22:20.641948 995 / tcp

368454099 | 2024-05-06T04:15:12.098496 3306 / tcp

1961787822 | 2024-05-05T16:06:27.175684 5222 / tcp

-218128992 | 2024-04-22T13:40:37.452208 8010 / tcp

579740523 | 2024-04-29T21:26:05.902572 10000 / tcp

Products

Pricing

Contact Us

121770892 | 2024-04-29T05:45:30.109231
22 / tcp

249353395 | 2024-05-01T15:15:50.417533
25 / tcp

-1325313417 | 2024-05-09T14:31:57.645608
53 / tcp

-1325313417 | 2024-05-02T22:59:31.479015
53 / udp

-1684685264 | 2024-05-12T01:00:28.071709
80 / tcp

-1258588596 | 2024-05-08T10:12:10.729692
106 / tcp

-1167695353 | 2024-05-07T13:27:30.341316
110 / tcp

1144853944 | 2024-05-07T00:48:16.262822
143 / tcp

1945596979 | 2024-04-16T22:02:44.341368
389 / tcp

997305571 | 2024-05-13T14:30:19.475219
443 / tcp

1929562971 | 2024-05-13T16:11:02.791131
465 / tcp

1945596979 | 2024-05-13T00:40:01.835034
636 / tcp

-1752423841 | 2024-05-13T12:29:09.196292
993 / tcp

-1167695353 | 2024-05-14T00:22:20.641948
995 / tcp

368454099 | 2024-05-06T04:15:12.098496
3306 / tcp

1961787822 | 2024-05-05T16:06:27.175684
5222 / tcp

-218128992 | 2024-04-22T13:40:37.452208
8010 / tcp

579740523 | 2024-04-29T21:26:05.902572
10000 / tcp