GeneralInformation

Hostnames	bisquit-mag.ru www.bisquit-mag.ru mail.new4.me salamander.one www.salamander.one
Domains	bisquit-mag.ru new4.me salamander.one
Country	Germany
City	Falkenstein
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940

WebTechnologies

JavaScript libraries

jQuery1.12.4

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-5824	Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.
CVE-2023-51713	make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics.
CVE-2023-50269	Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.
CVE-2023-49286	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-49285	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-46847	Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
CVE-2023-46846	SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
CVE-2023-46728	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggering this bug are possible to be received from any gopher server, even those without malicious intent. Gopher support has been removed in Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should reject all gopher URL requests.
CVE-2023-46724	Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.
CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2022-41318	A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
CVE-2021-46854	mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters.
CVE-2021-46784	In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-33620	4.0Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.
CVE-2021-31808	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.
CVE-2021-31807	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent.
CVE-2021-31806	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.
CVE-2021-28652	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query string. This attack is limited to clients with Cache Manager API access privilege.
CVE-2021-28651	5.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.
CVE-2021-28116	4.3Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-9272	5.0ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
CVE-2020-8517	5.0An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexpectedly. This leads to the Squid process also terminating and a denial of service for all clients using the proxy.
CVE-2020-8450	7.5An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
CVE-2020-8449	5.0An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
CVE-2020-25097	5.0An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
CVE-2020-24606	7.1Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.
CVE-2020-15811	4.0An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content from an arbitrary source. Squid uses a string search instead of parsing the Transfer-Encoding header to find chunked encoding. This allows an attacker to hide a second request inside Transfer-Encoding: it is interpreted by Squid as chunked and split out into a second request delivered upstream. Squid will then deliver two distinct responses to the client, corrupting any downstream caches.
CVE-2020-15810	3.5An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source. When configured for relaxed header parsing (the default), Squid relays headers containing whitespace characters to upstream servers. When this occurs as a prefix to a Content-Length header, the frame length specified will be ignored by Squid (allowing for a conflicting length to be used from another Content-Length header) but relayed upstream.
CVE-2020-15049	6.5An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.
CVE-2020-14058	5.0An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code expects that each error value is mapped to a valid error string.
CVE-2020-11945	7.5An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials).
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-9516	7.5Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.
CVE-2019-9513	7.5Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
CVE-2019-9511	7.5Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-20372	5.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
CVE-2019-19272	5.0An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
CVE-2019-19271	5.0An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been revoked to proceed with a connection to the server.
CVE-2019-19270	5.0An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.
CVE-2019-19269	4.0An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
CVE-2019-18860	4.3Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
CVE-2019-18679	5.0An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
CVE-2019-18678	5.0An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.
CVE-2019-18677	5.8An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.
CVE-2019-18676	5.0An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.
CVE-2019-18217	5.0ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
CVE-2019-13345	4.3The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
CVE-2019-12815	7.5An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CVE-2019-12529	4.3An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.
CVE-2019-12528	5.0An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
CVE-2019-12526	7.5An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.
CVE-2019-12525	7.5An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.
CVE-2019-12524	7.5An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.
CVE-2019-12523	6.4An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.
CVE-2019-12522	4.4An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
CVE-2019-12521	4.3An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.
CVE-2019-12520	5.0An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo (username and password) for certain protocols. This decoded info is prepended to the domain. This allows an attacker to provide a username that has special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a request to their domain using an encoded username, then when a request for the target domain comes in that decodes to the exact URL, it will serve the attacker's HTML instead of the real HTML. On Squid servers that also act as reverse proxies, this allows an attacker to gain access to features that only reverse proxies can use, such as ESI.
CVE-2019-12519	7.5An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2018-19132	4.3Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
CVE-2018-19131	4.3Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
CVE-2018-1000027	5.0The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.
CVE-2018-1000024	5.0The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.
CVE-2016-4556	5.0Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
CVE-2016-4555	5.0client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
CVE-2016-4554	5.0mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
CVE-2016-4553	5.0client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
CVE-2016-4054	6.8Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4053	4.3Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
CVE-2016-4052	6.8Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4051	6.8Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.
CVE-2016-3948	5.0Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
CVE-2016-3947	7.5Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet.
CVE-2016-3125	5.0The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.
CVE-2016-2571	5.0http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.
CVE-2016-2570	5.0The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h.
CVE-2016-2569	5.0Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header.
CVE-2016-2390	4.3The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service (application crash) via a plaintext HTTP message.
CVE-2016-10002	5.0Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2015-5400	6.8Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.
CVE-2015-3455	2.6Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.
CVE-2015-3306	10.0The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
CVE-2014-9749	4.0Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."
CVE-2013-4359	5.0Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation.

OpenPorts

21 22 25 53 80 110 123 143 443 465 587 1500 3128 3306 5432

997823010 | 2024-04-18T09:10:47.634991

21 / tcp

220 ProFTPD 1.3.5 Server (Debian) [::ffff:46.4.156.150]
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
214-CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
214-EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
214-XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
214-NOOP    FEAT    OPTS    AUTH    CCC*    CONF*   ENC*    MIC*    
214-PBSZ    PROT    TYPE    STRU    MODE    RETR    STOR    STOU    
214-APPE    REST    ABOR    USER    PASS    ACCT*   REIN*   LIST    
214-NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@server0.changeme.com
211-Features:
 SITE UTIME
 MDTM
 SITE RMDIR
 SSCN
 TVFS
 SITE COPY
 MFMT
 SIZE
 PROT
 CCC
 SITE MKDIR
 PBSZ
 AUTH TLS
 MFF modify;UNIX.group;UNIX.mode;
 REST STREAM
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
 UTF8
 EPRT
 SITE SYMLINK
 EPSV
 LANG en-US.UTF-8*;en-US;ru-RU.UTF-8;ru-RU
211 End

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            9e:0b:1a:e0:5c:02:d7:4e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=example.com/emailAddress=root@debian8
        Validity
            Not Before: Jul 31 17:01:52 2016 GMT
            Not After : Jul 29 17:01:52 2026 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=example.com/emailAddress=root@debian8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:cf:09:6b:14:d2:43:16:1a:54:b2:62:78:99:e9:
                    2e:4d:65:e8:dd:95:34:47:bd:c3:fc:79:70:68:36:
                    5d:e5:e9:98:eb:dc:61:f5:f2:e4:93:f4:82:61:be:
                    cd:45:c1:3f:bb:b0:01:f0:66:a1:39:39:f7:77:ef:
                    62:7f:7c:d0:bc:9d:1c:3d:e1:be:bb:62:98:03:84:
                    34:cf:48:fe:1f:b3:9f:7c:a6:39:88:d1:83:6b:12:
                    16:f7:7f:d9:a7:95:5d:15:39:69:ea:f1:87:d0:48:
                    33:eb:cf:f1:7a:00:2e:31:31:c8:60:a0:2b:52:32:
                    54:fe:2b:bc:75:ba:d0:11:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                31:4F:65:2C:5D:E0:E6:46:DA:B3:D2:DB:21:F8:9D:BD:EE:F1:C9:37
            X509v3 Authority Key Identifier: 
                31:4F:65:2C:5D:E0:E6:46:DA:B3:D2:DB:21:F8:9D:BD:EE:F1:C9:37
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        88:bb:4c:14:8d:a6:2f:cf:43:ef:ac:77:85:29:25:0c:eb:32:
        ef:3b:56:9a:07:be:1e:36:7d:e2:77:17:79:8f:6e:da:1b:fc:
        55:7e:35:b1:92:b9:a6:4b:d3:05:8d:1a:e6:07:12:a8:ed:37:
        e6:fa:df:c2:0a:84:97:08:27:de:2a:05:67:49:cf:c3:e5:5e:
        45:5c:45:e3:eb:83:a3:5b:5d:61:c7:ad:95:25:54:3e:11:c1:
        ea:98:93:28:eb:1c:9a:2a:5b:d1:32:1d:fb:dc:92:d8:73:9b:
        8e:3f:b4:03:f9:e6:33:b4:fb:7a:05:cc:c1:50:04:0f:d8:f7:
        08:d2

870311048 | 2024-04-15T03:14:13.918582

22 / tcp

SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u8
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDc3TV3lLQ1nXwKGPFxILmN2YpFuAPxyMD/PlAUoV+nvlWs
9r5A5j2BrjqFl2UvQMlArptcsYjsZypA9O9Kun5LSHXi5GVYIq86po/mV507KG05QmIT4aVsvnLx
8AIOLOJNO/v7fugmTz3WwmtK5eErwQ9xoVwUdHXTGCcFicu/c+kUMmn7wZhbYxW5Va/VmX7Olzlf
m5dg/GpZGqnfQWYG0G69qUkioN+auH5vy1lbmBxKqP/JkDdDcUI59tK9WC23/xnXYl4kMGAm/e69
hcLOXYsTLQNkDKOJrh654nBJ2jPVpT4Wd+jbolGHwUcPdzdNDdmM3GxGqquL7hYvQqE9
Fingerprint: 55:bf:39:09:83:d9:c2:7d:09:44:4e:0a:ec:08:0f:10

Kex Algorithms:
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	ssh-dss
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com
	chacha20-poly1305@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1834599848 | 2024-04-19T14:14:41.884039

25 / tcp

220 mail.new4.me ESMTP Exim 4.84_2 Fri, 19 Apr 2024 17:14:26 +0300
250-mail.new4.me Hello 224.239.209.78 [224.239.209.78]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5
250-STARTTLS
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:2d:80:2a:02:c2:ff:94:cf:83:38:61:c1:f5:b1:93:98:1f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Sep 17 23:23:22 2022 GMT
            Not After : Dec 16 23:23:21 2022 GMT
        Subject: CN=salamander.one
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d1:f1:51:b7:e9:96:62:60:34:8b:69:9b:26:78:
                    cb:2c:91:0b:20:a0:84:4f:f1:2f:6e:cd:af:99:f9:
                    e4:ae:35:42:df:94:d7:9a:e4:c1:82:c5:c2:e7:a9:
                    ad:89:ab:69:b8:5e:8e:8d:14:9d:f3:43:ae:40:d3:
                    1b:3e:d1:fb:73:10:3b:05:c5:7c:05:5b:98:b0:7e:
                    9d:79:bd:57:c5:e6:52:ff:6b:11:22:77:1b:27:56:
                    1e:e4:c1:80:83:43:94:68:e0:01:04:19:63:9e:eb:
                    bb:95:d6:ed:66:c7:45:3b:e3:78:75:cb:0a:e5:8f:
                    22:07:c1:22:6d:3c:d8:10:3e:68:0e:61:c8:a5:8d:
                    e0:d2:18:21:85:09:e9:0f:0d:29:f8:e8:70:91:ee:
                    e1:46:0a:63:68:19:c2:48:7a:30:c5:50:67:76:05:
                    6a:1b:39:ab:90:9d:8f:38:4f:c6:a0:72:7f:00:83:
                    92:a6:d7:ca:82:19:fa:ad:df:80:80:5f:25:e6:d1:
                    2d:9a:c2:73:a1:da:d9:f7:09:d5:26:25:77:ce:d6:
                    70:07:f6:09:33:cb:28:a8:bc:1f:cb:83:ce:47:ea:
                    9d:94:02:ed:ae:4c:f1:85:81:51:89:02:8f:4a:ce:
                    48:ad:36:07:64:95:c6:81:2d:8c:71:57:e2:b7:3d:
                    15:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                6A:80:68:C1:3A:CC:99:63:34:92:9E:98:02:31:49:39:A6:6E:F8:F2
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:salamander.one, DNS:www.salamander.one
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
                                4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
                    Timestamp : Sep 18 00:23:22.706 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:BC:39:9F:C6:C4:44:87:D4:E0:B1:CC:
                                1C:3B:91:E8:4B:E0:52:04:6D:4D:71:8E:62:9E:A3:63:
                                17:84:D3:40:90:02:21:00:DC:3A:BA:F9:8F:E7:CD:62:
                                9F:6B:D0:34:3B:F1:9E:37:86:77:8B:29:55:AF:25:69:
                                56:B2:3C:A2:E2:02:1F:F3
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 46:A5:55:EB:75:FA:91:20:30:B5:A2:89:69:F4:F3:7D:
                                11:2C:41:74:BE:FD:49:B8:85:AB:F2:FC:70:FE:6D:47
                    Timestamp : Sep 18 00:23:22.718 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:95:E4:C1:DF:DB:27:91:F5:FD:B9:85:
                                B0:73:20:41:81:C7:E4:5E:2C:30:73:F0:23:38:D2:EB:
                                4D:E2:E5:4C:82:02:20:16:C4:E0:0B:A4:68:FE:F2:D3:
                                04:EC:42:5F:A7:C5:DF:51:13:1F:02:42:50:1C:F2:7E:
                                EE:94:CB:23:B7:E1:1C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        45:8a:1f:44:3c:84:10:e8:6a:16:67:ed:98:69:be:b0:7a:26:
        8b:b4:9a:76:bc:e2:10:cf:a6:17:c2:f4:f2:16:73:46:6a:c3:
        a5:0f:7c:21:39:e3:04:1d:24:cd:55:d6:72:54:9d:10:bd:54:
        a0:e8:3e:51:96:32:2b:40:f7:b5:9e:a9:0d:1a:8f:4c:94:45:
        d3:fe:fd:9a:a8:1a:a8:6f:4e:2f:95:64:5b:c7:cb:a2:24:a8:
        01:34:df:19:2b:18:16:41:ae:6a:fd:45:41:c6:b4:04:a2:10:
        08:e2:c5:06:13:b7:08:d4:ef:ce:8b:2a:6b:d7:7f:24:fe:af:
        05:bc:f5:b8:19:22:52:56:f0:68:05:de:7f:c1:63:e3:d6:1f:
        90:0f:10:6e:e5:08:a0:3f:c1:d8:d9:1c:99:e0:76:8e:c6:27:
        7d:ca:f2:db:96:ea:0b:bc:f8:ce:cb:30:80:2a:ab:75:cb:7c:
        db:2a:0d:46:37:66:85:7e:5f:d5:9a:65:a5:ba:73:d9:2b:41:
        38:4f:58:e6:b4:15:2b:a5:1f:9a:3a:b0:bc:82:8c:47:0c:e4:
        5e:0d:6d:23:9c:cc:94:25:5d:fd:25:f4:96:5a:58:12:83:8b:
        20:e6:c9:3b:f6:4e:16:14:3d:d5:34:e8:58:1a:5c:a6:82:ea:
        e1:19:33:72

214968753 | 2024-04-13T08:26:01.911255

53 / tcp

9.9.5-9+deb8u19-Debian
Resolver name: mail.new4.me

214968753 | 2024-04-13T19:44:42.823569

53 / udp

9.9.5-9+deb8u19-Debian
Resolver name: mail.new4.me

-1865260013 | 2024-04-14T18:43:25.460799

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Sun, 14 Apr 2024 18:43:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

2062522430 | 2024-04-18T20:26:34.288130

110 / tcp

+OK Dovecot ready.
+OK
CAPA
TOP
UIDL
RESP-CODES
PIPELINING
AUTH-RESP-CODE
USER
SASL PLAIN LOGIN DIGEST-MD5 CRAM-MD5
.

-863650801 | 2024-04-11T18:52:50.205286

123 / udp

NTP
protocolversion: 3
stratum: 3
leap: 0
precision: -23
rootdelay: 0.0127258300781
rootdisp: 0.0373382568359
refid: 1311676149
reftime: 3921849512.51
poll: 3

1055293435 | 2024-04-17T17:11:15.834313

143 / tcp

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5
A001 OK Pre-login capabilities listed, post-login capabilities have more.
* ID ("name" "Dovecot")
A002 OK ID completed.
A003 BAD Error in IMAP command received by server.
* BYE Logging out
A004 OK Logout completed.

0 | 2024-04-19T10:40:54.120990

443 / tcp

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:24:90:82:0a:ec:af:f2:d8:22:70:43:11:0c:4a:cf:16:3f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
        Validity
            Not Before: Apr  6 11:02:33 2019 GMT
            Not After : Jul  5 11:02:33 2019 GMT
        Subject: CN=bisquit-mag.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:af:32:a9:78:d4:ec:e0:05:5b:f2:e2:c0:46:d4:
                    71:e2:c4:31:c9:37:25:d2:d8:e0:10:7a:4c:4e:87:
                    49:b8:0f:79:ec:f0:6f:f0:5f:af:9c:29:2d:e6:8f:
                    3b:1d:b5:d6:60:0d:fd:4b:11:71:5a:01:38:95:f2:
                    cf:29:04:be:d7:2a:1b:3d:40:3f:eb:7c:6d:9d:5d:
                    f8:8d:8d:15:b4:36:19:5d:91:0a:ac:81:37:d7:85:
                    3a:32:e2:e5:82:e8:db:ba:25:25:ac:16:46:6d:42:
                    fd:ad:73:5f:d6:70:ca:0f:62:f8:72:6d:af:49:98:
                    fa:f8:15:be:a0:df:07:a3:cb:67:2a:16:57:b4:ec:
                    d0:c2:27:c6:63:24:99:df:1d:a0:08:17:7f:cb:05:
                    60:5e:a3:77:cc:dd:b4:a8:6f:1f:79:e2:61:1a:e5:
                    19:75:91:52:40:35:d1:6d:60:f6:5a:a7:8e:14:bc:
                    e5:61:7e:c2:b3:06:a2:d5:41:c6:9f:c2:ec:a6:8e:
                    bf:ee:eb:24:c6:b9:9a:26:64:a0:16:15:be:ad:f9:
                    c9:e8:de:a6:5b:16:a7:03:10:e0:36:4a:84:9f:27:
                    53:39:08:8e:76:b9:c9:f1:d5:58:0b:aa:b9:27:c2:
                    ce:f9:3d:47:21:97:64:2b:a1:2f:18:00:3a:4e:6a:
                    0a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                9D:58:56:72:31:01:87:AC:F6:51:26:A6:34:35:77:59:5D:93:C2:50
            X509v3 Authority Key Identifier: 
                A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
            Authority Information Access: 
                OCSP - URI:http://ocsp.int-x3.letsencrypt.org
                CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
            X509v3 Subject Alternative Name: 
                DNS:bisquit-mag.ru, DNS:www.bisquit-mag.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E2:69:4B:AE:26:E8:E9:40:09:E8:86:1B:B6:3B:83:D4:
                                3E:E7:FE:74:88:FB:A4:8F:28:93:01:9D:DD:F1:DB:FE
                    Timestamp : Apr  6 12:02:33.313 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:84:8C:80:03:EC:91:7A:2B:27:FA:96:
                                15:6F:BF:A0:FF:F6:60:66:77:E6:83:7B:9E:C5:D0:87:
                                D2:8C:F9:F0:4E:02:21:00:8F:34:9C:75:08:14:C4:47:
                                6D:05:86:17:43:D6:7A:EA:D2:78:83:DC:87:3F:6E:A9:
                                98:F3:47:6B:E4:35:13:05
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 29:3C:51:96:54:C8:39:65:BA:AA:50:FC:58:07:D4:B7:
                                6F:BF:58:7A:29:72:DC:A4:C3:0C:F4:E5:45:47:F4:78
                    Timestamp : Apr  6 12:02:33.269 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E7:6B:D2:CB:89:E7:DB:E8:3B:2F:CE:
                                59:4E:AE:79:4B:04:E5:D3:CD:D9:D2:58:63:36:1A:87:
                                65:4D:BA:4C:F7:02:20:6E:C4:82:35:AD:1F:AB:B7:5C:
                                32:62:85:41:4A:F6:88:9C:B4:AD:2B:D9:AA:88:B9:78:
                                C4:DC:D1:43:AE:C4:DE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        71:67:e4:c6:23:98:95:ad:b9:c7:09:81:64:19:f8:92:b8:10:
        1c:c5:e9:0b:7e:d3:4b:a0:39:d5:8e:43:98:eb:b3:67:14:8a:
        2a:08:99:3e:27:a2:5c:03:e4:ab:51:87:9b:40:2a:43:79:c4:
        72:36:c1:b9:25:89:02:70:fa:30:1e:b7:88:cd:d5:2f:fa:93:
        05:f8:69:e6:e4:b4:92:52:8c:4d:a9:fb:66:be:e1:65:52:35:
        fc:e2:b5:3b:c5:9d:96:2d:8c:5c:70:db:c6:4b:0c:ad:56:6e:
        6c:c7:48:df:98:69:ff:17:b3:02:8a:3c:c0:cb:b2:3b:5a:13:
        fe:a0:a1:c2:df:4a:18:1d:e6:30:7e:a2:32:72:2b:3f:0e:99:
        7d:c0:05:c9:88:5e:10:f4:d1:71:6f:a5:d5:a3:0f:c5:35:53:
        6b:84:3c:10:8f:0a:af:2d:ab:ea:ff:01:12:a3:5c:f8:24:63:
        6d:a6:1d:b0:8e:e3:70:7f:0a:01:ae:ba:09:22:51:55:0f:17:
        32:86:32:07:95:19:6c:1f:5f:46:d1:73:8f:1e:2a:d5:66:e8:
        68:b5:55:cb:b6:7c:54:0c:bf:ae:c0:88:35:48:26:55:24:81:
        6e:81:2f:fc:af:fc:95:25:90:8f:51:41:29:c8:67:6d:67:f8:
        ec:a3:48:31

1923266811 | 2024-04-05T23:45:15.789481

465 / tcp

220 mail.new4.me ESMTP Exim 4.84_2 Sat, 06 Apr 2024 02:44:59 +0300
250-mail.new4.me Hello 224.189.22.132 [224.189.22.132]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:2d:80:2a:02:c2:ff:94:cf:83:38:61:c1:f5:b1:93:98:1f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Sep 17 23:23:22 2022 GMT
            Not After : Dec 16 23:23:21 2022 GMT
        Subject: CN=salamander.one
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d1:f1:51:b7:e9:96:62:60:34:8b:69:9b:26:78:
                    cb:2c:91:0b:20:a0:84:4f:f1:2f:6e:cd:af:99:f9:
                    e4:ae:35:42:df:94:d7:9a:e4:c1:82:c5:c2:e7:a9:
                    ad:89:ab:69:b8:5e:8e:8d:14:9d:f3:43:ae:40:d3:
                    1b:3e:d1:fb:73:10:3b:05:c5:7c:05:5b:98:b0:7e:
                    9d:79:bd:57:c5:e6:52:ff:6b:11:22:77:1b:27:56:
                    1e:e4:c1:80:83:43:94:68:e0:01:04:19:63:9e:eb:
                    bb:95:d6:ed:66:c7:45:3b:e3:78:75:cb:0a:e5:8f:
                    22:07:c1:22:6d:3c:d8:10:3e:68:0e:61:c8:a5:8d:
                    e0:d2:18:21:85:09:e9:0f:0d:29:f8:e8:70:91:ee:
                    e1:46:0a:63:68:19:c2:48:7a:30:c5:50:67:76:05:
                    6a:1b:39:ab:90:9d:8f:38:4f:c6:a0:72:7f:00:83:
                    92:a6:d7:ca:82:19:fa:ad:df:80:80:5f:25:e6:d1:
                    2d:9a:c2:73:a1:da:d9:f7:09:d5:26:25:77:ce:d6:
                    70:07:f6:09:33:cb:28:a8:bc:1f:cb:83:ce:47:ea:
                    9d:94:02:ed:ae:4c:f1:85:81:51:89:02:8f:4a:ce:
                    48:ad:36:07:64:95:c6:81:2d:8c:71:57:e2:b7:3d:
                    15:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                6A:80:68:C1:3A:CC:99:63:34:92:9E:98:02:31:49:39:A6:6E:F8:F2
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:salamander.one, DNS:www.salamander.one
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
                                4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
                    Timestamp : Sep 18 00:23:22.706 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:BC:39:9F:C6:C4:44:87:D4:E0:B1:CC:
                                1C:3B:91:E8:4B:E0:52:04:6D:4D:71:8E:62:9E:A3:63:
                                17:84:D3:40:90:02:21:00:DC:3A:BA:F9:8F:E7:CD:62:
                                9F:6B:D0:34:3B:F1:9E:37:86:77:8B:29:55:AF:25:69:
                                56:B2:3C:A2:E2:02:1F:F3
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 46:A5:55:EB:75:FA:91:20:30:B5:A2:89:69:F4:F3:7D:
                                11:2C:41:74:BE:FD:49:B8:85:AB:F2:FC:70:FE:6D:47
                    Timestamp : Sep 18 00:23:22.718 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:95:E4:C1:DF:DB:27:91:F5:FD:B9:85:
                                B0:73:20:41:81:C7:E4:5E:2C:30:73:F0:23:38:D2:EB:
                                4D:E2:E5:4C:82:02:20:16:C4:E0:0B:A4:68:FE:F2:D3:
                                04:EC:42:5F:A7:C5:DF:51:13:1F:02:42:50:1C:F2:7E:
                                EE:94:CB:23:B7:E1:1C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        45:8a:1f:44:3c:84:10:e8:6a:16:67:ed:98:69:be:b0:7a:26:
        8b:b4:9a:76:bc:e2:10:cf:a6:17:c2:f4:f2:16:73:46:6a:c3:
        a5:0f:7c:21:39:e3:04:1d:24:cd:55:d6:72:54:9d:10:bd:54:
        a0:e8:3e:51:96:32:2b:40:f7:b5:9e:a9:0d:1a:8f:4c:94:45:
        d3:fe:fd:9a:a8:1a:a8:6f:4e:2f:95:64:5b:c7:cb:a2:24:a8:
        01:34:df:19:2b:18:16:41:ae:6a:fd:45:41:c6:b4:04:a2:10:
        08:e2:c5:06:13:b7:08:d4:ef:ce:8b:2a:6b:d7:7f:24:fe:af:
        05:bc:f5:b8:19:22:52:56:f0:68:05:de:7f:c1:63:e3:d6:1f:
        90:0f:10:6e:e5:08:a0:3f:c1:d8:d9:1c:99:e0:76:8e:c6:27:
        7d:ca:f2:db:96:ea:0b:bc:f8:ce:cb:30:80:2a:ab:75:cb:7c:
        db:2a:0d:46:37:66:85:7e:5f:d5:9a:65:a5:ba:73:d9:2b:41:
        38:4f:58:e6:b4:15:2b:a5:1f:9a:3a:b0:bc:82:8c:47:0c:e4:
        5e:0d:6d:23:9c:cc:94:25:5d:fd:25:f4:96:5a:58:12:83:8b:
        20:e6:c9:3b:f6:4e:16:14:3d:d5:34:e8:58:1a:5c:a6:82:ea:
        e1:19:33:72

-1033918550 | 2024-04-11T23:59:13.499706

587 / tcp

220 mail.new4.me ESMTP Exim 4.84_2 Fri, 12 Apr 2024 02:58:48 +0300
250-mail.new4.me Hello 224.221.151.194 [224.221.151.194]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5
250-STARTTLS
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:2d:80:2a:02:c2:ff:94:cf:83:38:61:c1:f5:b1:93:98:1f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Sep 17 23:23:22 2022 GMT
            Not After : Dec 16 23:23:21 2022 GMT
        Subject: CN=salamander.one
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d1:f1:51:b7:e9:96:62:60:34:8b:69:9b:26:78:
                    cb:2c:91:0b:20:a0:84:4f:f1:2f:6e:cd:af:99:f9:
                    e4:ae:35:42:df:94:d7:9a:e4:c1:82:c5:c2:e7:a9:
                    ad:89:ab:69:b8:5e:8e:8d:14:9d:f3:43:ae:40:d3:
                    1b:3e:d1:fb:73:10:3b:05:c5:7c:05:5b:98:b0:7e:
                    9d:79:bd:57:c5:e6:52:ff:6b:11:22:77:1b:27:56:
                    1e:e4:c1:80:83:43:94:68:e0:01:04:19:63:9e:eb:
                    bb:95:d6:ed:66:c7:45:3b:e3:78:75:cb:0a:e5:8f:
                    22:07:c1:22:6d:3c:d8:10:3e:68:0e:61:c8:a5:8d:
                    e0:d2:18:21:85:09:e9:0f:0d:29:f8:e8:70:91:ee:
                    e1:46:0a:63:68:19:c2:48:7a:30:c5:50:67:76:05:
                    6a:1b:39:ab:90:9d:8f:38:4f:c6:a0:72:7f:00:83:
                    92:a6:d7:ca:82:19:fa:ad:df:80:80:5f:25:e6:d1:
                    2d:9a:c2:73:a1:da:d9:f7:09:d5:26:25:77:ce:d6:
                    70:07:f6:09:33:cb:28:a8:bc:1f:cb:83:ce:47:ea:
                    9d:94:02:ed:ae:4c:f1:85:81:51:89:02:8f:4a:ce:
                    48:ad:36:07:64:95:c6:81:2d:8c:71:57:e2:b7:3d:
                    15:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                6A:80:68:C1:3A:CC:99:63:34:92:9E:98:02:31:49:39:A6:6E:F8:F2
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:salamander.one, DNS:www.salamander.one
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
                                4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
                    Timestamp : Sep 18 00:23:22.706 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:BC:39:9F:C6:C4:44:87:D4:E0:B1:CC:
                                1C:3B:91:E8:4B:E0:52:04:6D:4D:71:8E:62:9E:A3:63:
                                17:84:D3:40:90:02:21:00:DC:3A:BA:F9:8F:E7:CD:62:
                                9F:6B:D0:34:3B:F1:9E:37:86:77:8B:29:55:AF:25:69:
                                56:B2:3C:A2:E2:02:1F:F3
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 46:A5:55:EB:75:FA:91:20:30:B5:A2:89:69:F4:F3:7D:
                                11:2C:41:74:BE:FD:49:B8:85:AB:F2:FC:70:FE:6D:47
                    Timestamp : Sep 18 00:23:22.718 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:95:E4:C1:DF:DB:27:91:F5:FD:B9:85:
                                B0:73:20:41:81:C7:E4:5E:2C:30:73:F0:23:38:D2:EB:
                                4D:E2:E5:4C:82:02:20:16:C4:E0:0B:A4:68:FE:F2:D3:
                                04:EC:42:5F:A7:C5:DF:51:13:1F:02:42:50:1C:F2:7E:
                                EE:94:CB:23:B7:E1:1C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        45:8a:1f:44:3c:84:10:e8:6a:16:67:ed:98:69:be:b0:7a:26:
        8b:b4:9a:76:bc:e2:10:cf:a6:17:c2:f4:f2:16:73:46:6a:c3:
        a5:0f:7c:21:39:e3:04:1d:24:cd:55:d6:72:54:9d:10:bd:54:
        a0:e8:3e:51:96:32:2b:40:f7:b5:9e:a9:0d:1a:8f:4c:94:45:
        d3:fe:fd:9a:a8:1a:a8:6f:4e:2f:95:64:5b:c7:cb:a2:24:a8:
        01:34:df:19:2b:18:16:41:ae:6a:fd:45:41:c6:b4:04:a2:10:
        08:e2:c5:06:13:b7:08:d4:ef:ce:8b:2a:6b:d7:7f:24:fe:af:
        05:bc:f5:b8:19:22:52:56:f0:68:05:de:7f:c1:63:e3:d6:1f:
        90:0f:10:6e:e5:08:a0:3f:c1:d8:d9:1c:99:e0:76:8e:c6:27:
        7d:ca:f2:db:96:ea:0b:bc:f8:ce:cb:30:80:2a:ab:75:cb:7c:
        db:2a:0d:46:37:66:85:7e:5f:d5:9a:65:a5:ba:73:d9:2b:41:
        38:4f:58:e6:b4:15:2b:a5:1f:9a:3a:b0:bc:82:8c:47:0c:e4:
        5e:0d:6d:23:9c:cc:94:25:5d:fd:25:f4:96:5a:58:12:83:8b:
        20:e6:c9:3b:f6:4e:16:14:3d:d5:34:e8:58:1a:5c:a6:82:ea:
        e1:19:33:72

904725977 | 2024-04-04T20:11:01.946350

1500 / tcp

HTTP/1.1 200 OK
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Set-Cookie: ispmgrses5=; path=/; HttpOnly; expires=Fri, 04 Apr 2025 23:11:01 MSK; Secure
Set-Cookie: ispmgrlang5=orion:en; path=/; expires=Fri, 04 Apr 2025 23:11:01 MSK; Secure
X-Frame-Options: SAMEORIGIN
Date: Thu, 04 Apr 2024 20:11:01 GMT

1845015982 | 2024-04-18T04:36:30.188196

3128 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.4.8
Mime-Version: 1.0
Date: Thu, 18 Apr 2024 04:36:30 GMT
Content-Type: text/html
Content-Length: 3153
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from mail.new4.me
X-Cache-Lookup: NONE from mail.new4.me:3128
Via: 1.1 mail.new4.me (squid/3.4.8)
Connection: close

-733209634 | 2024-04-18T17:04:11.581017

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 5.6.48
  Capabilities: 63487
  Server Language: 8
  Server Status: 2
  Extended Server Capabilities: 32895
  Authentication Plugin: mysql_native_password

424761010 | 2024-03-28T00:40:52.941244

5432 / tcp

PostgreSQL
FATAL:  no pg_hba.conf entry for host "224.180.18.74", user "postgres", database "template0", SSL on
FATAL:  no pg_hba.conf entry for host "224.180.18.74", user "postgres", database "template0", SSL off

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            8f:07:11:8d:26:3d:28:70
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=localhost
        Validity
            Not Before: Jul 31 17:05:15 2016 GMT
            Not After : Jul 29 17:05:15 2026 GMT
        Subject: CN=localhost
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cc:f1:91:60:e1:8f:84:a7:5c:4b:c6:b8:d0:c3:
                    3f:e5:4f:c9:ce:07:02:9f:0e:96:5a:4a:58:14:99:
                    5b:d8:cd:da:bf:c6:29:fc:31:5b:7e:3d:c9:16:9f:
                    a3:cc:05:f9:a7:4a:ce:eb:a0:80:31:e4:b1:ef:81:
                    fe:b9:8f:47:b6:10:b5:b6:8d:72:3a:dc:e9:ae:10:
                    87:a2:c2:cb:68:90:0c:aa:83:75:8c:e3:3a:bc:e9:
                    04:f7:6a:f0:36:9e:63:60:62:33:09:9e:cd:9a:78:
                    de:74:be:13:88:1d:63:b6:e5:96:eb:5f:ec:b5:d3:
                    40:e6:18:69:1d:2c:7f:84:b8:99:cf:66:92:29:ca:
                    fa:c2:b8:20:2e:e1:8d:59:7b:e8:68:43:01:4d:39:
                    f4:2a:cd:3f:0e:90:07:47:71:25:80:dd:e7:ca:1a:
                    6b:95:e2:5f:9f:3c:e4:e8:c2:be:54:2c:74:f3:57:
                    80:f2:7c:94:2b:4e:24:c2:34:41:de:8b:44:6e:36:
                    d4:dc:9e:06:09:e7:ea:60:48:8a:fd:69:f9:44:9d:
                    34:03:a0:e0:c1:ae:c5:d3:fe:c4:7e:05:94:33:d2:
                    29:40:ff:1a:4e:a7:1c:b5:b1:9f:5f:d9:14:26:82:
                    07:f6:d2:67:6a:75:ab:02:09:fc:8f:28:38:2c:54:
                    b3:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        40:f6:4a:8b:60:3e:17:ab:88:c7:c2:39:c6:01:6c:1e:1c:2e:
        28:41:ce:5d:4c:5c:74:6e:b5:8e:2e:7e:66:4b:5f:9a:34:5a:
        b5:a9:d0:c6:66:6c:c4:92:08:d6:7a:92:68:fb:bf:e0:9b:a7:
        3b:7c:ea:00:88:50:28:4a:50:c4:ab:55:b5:15:8a:bb:eb:22:
        f9:13:22:44:ab:d4:7d:37:58:1e:1e:c8:b9:48:02:60:83:f4:
        0f:d9:ca:1a:1a:e7:14:6b:bc:15:93:65:7a:bb:1b:2c:19:0e:
        70:70:f2:16:74:ad:6f:ef:ff:12:53:d2:9a:02:66:26:75:c8:
        24:76:0d:77:70:fe:39:0a:a7:4e:83:03:06:67:e1:48:18:7c:
        0b:90:0d:7a:5d:c7:62:8e:1f:62:da:76:42:e1:e3:f3:b7:13:
        cf:9e:3c:1e:fa:b4:c1:88:76:22:50:f1:2c:2e:9e:09:51:4d:
        57:51:58:79:59:26:03:f1:f1:b5:ab:0f:84:93:df:d0:74:8f:
        2f:79:5a:32:40:f4:d6:ac:4a:63:64:70:80:80:4f:37:38:f3:
        17:19:0e:cd:2b:42:43:fa:c4:eb:e7:90:55:1b:aa:85:e1:86:
        e2:d9:01:c1:91:db:fa:53:02:21:7d:ff:32:e1:97:9c:52:c5:
        3b:f9:6f:92

46.4.156.150

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

997823010 | 2024-04-18T09:10:47.634991
21 / tcp

ProFTPD1.3.5

870311048 | 2024-04-15T03:14:13.918582
22 / tcp

OpenSSH6.7p1 Debian 5+deb8u8

1834599848 | 2024-04-19T14:14:41.884039
25 / tcp

Exim smtpd4.84_2

214968753 | 2024-04-13T08:26:01.911255
53 / tcp

214968753 | 2024-04-13T19:44:42.823569
53 / udp

-1865260013 | 2024-04-14T18:43:25.460799
80 / tcp

nginx1.16.0

2062522430 | 2024-04-18T20:26:34.288130
110 / tcp

-863650801 | 2024-04-11T18:52:50.205286
123 / udp

1055293435 | 2024-04-17T17:11:15.834313
143 / tcp

0 | 2024-04-19T10:40:54.120990
443 / tcp

1923266811 | 2024-04-05T23:45:15.789481
465 / tcp

Exim smtpd4.84_2

-1033918550 | 2024-04-11T23:59:13.499706
587 / tcp

Exim smtpd4.84_2

904725977 | 2024-04-04T20:11:01.946350
1500 / tcp

1845015982 | 2024-04-18T04:36:30.188196
3128 / tcp

Squid http proxy3.4.8

-733209634 | 2024-04-18T17:04:11.581017
3306 / tcp

MySQL5.6.48

424761010 | 2024-03-28T00:40:52.941244
5432 / tcp

PostgreSQL9.4.13 - 9.4.15 or 9.4.22 - 9.4.26

Products

Pricing

Contact Us

46.4.156.150

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

997823010 | 2024-04-18T09:10:47.634991 21 / tcp

870311048 | 2024-04-15T03:14:13.918582 22 / tcp

1834599848 | 2024-04-19T14:14:41.884039 25 / tcp

214968753 | 2024-04-13T08:26:01.911255 53 / tcp

214968753 | 2024-04-13T19:44:42.823569 53 / udp

-1865260013 | 2024-04-14T18:43:25.460799 80 / tcp

2062522430 | 2024-04-18T20:26:34.288130 110 / tcp

-863650801 | 2024-04-11T18:52:50.205286 123 / udp

1055293435 | 2024-04-17T17:11:15.834313 143 / tcp

0 | 2024-04-19T10:40:54.120990 443 / tcp

1923266811 | 2024-04-05T23:45:15.789481 465 / tcp

-1033918550 | 2024-04-11T23:59:13.499706 587 / tcp

904725977 | 2024-04-04T20:11:01.946350 1500 / tcp

1845015982 | 2024-04-18T04:36:30.188196 3128 / tcp

-733209634 | 2024-04-18T17:04:11.581017 3306 / tcp

424761010 | 2024-03-28T00:40:52.941244 5432 / tcp

Products

Pricing

Contact Us

997823010 | 2024-04-18T09:10:47.634991
21 / tcp

870311048 | 2024-04-15T03:14:13.918582
22 / tcp

1834599848 | 2024-04-19T14:14:41.884039
25 / tcp

214968753 | 2024-04-13T08:26:01.911255
53 / tcp

214968753 | 2024-04-13T19:44:42.823569
53 / udp

-1865260013 | 2024-04-14T18:43:25.460799
80 / tcp

2062522430 | 2024-04-18T20:26:34.288130
110 / tcp

-863650801 | 2024-04-11T18:52:50.205286
123 / udp

1055293435 | 2024-04-17T17:11:15.834313
143 / tcp

0 | 2024-04-19T10:40:54.120990
443 / tcp

1923266811 | 2024-04-05T23:45:15.789481
465 / tcp

-1033918550 | 2024-04-11T23:59:13.499706
587 / tcp

904725977 | 2024-04-04T20:11:01.946350
1500 / tcp

1845015982 | 2024-04-18T04:36:30.188196
3128 / tcp

-733209634 | 2024-04-18T17:04:11.581017
3306 / tcp

424761010 | 2024-03-28T00:40:52.941244
5432 / tcp