Hostnames |
mail.ativbeneficios.com vmi1700012.contaboserver.net mail.quacks.site |
Domains | ativbeneficios.com contaboserver.net quacks.site |
Country | Germany |
City | Nürnberg |
Organization | Contabo GmbH |
ISP | Contabo GmbH |
ASN | AS51167 |
Operating System | Linux |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
CVE-2023-51766 | Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not. |
-1617473428 | 2024-05-11T14:29:12.04600222 / tcp
SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2 Key type: ecdsa-sha2-nistp256 Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBD4tl9PU1mhcniqmChYiSuCe KpPSEJl0vLNYBcJ4lCiSC1zjq6bcfOTTeoNcs5Zdj/Yk91w+k7Ysq/M5FudH8uo= Fingerprint: 93:de:5f:cc:72:07:35:ef:46:9d:3c:e0:ca:0e:59:bb Kex Algorithms: sntrup761x25519-sha512@openssh.com curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 kex-strict-s-v00@openssh.com Server Host Key Algorithms: rsa-sha2-512 rsa-sha2-256 ecdsa-sha2-nistp256 ssh-ed25519 Encryption Algorithms: chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com MAC Algorithms: umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha1-etm@openssh.com umac-64@openssh.com umac-128@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha1 Compression Algorithms: none zlib@openssh.com
-1023216268 | 2024-05-07T20:46:47.52877025 / tcp
220 vmi1700012.contaboserver.net ESMTP Exim 4.96 Tue, 07 May 2024 17:46:40 -0300 250-vmi1700012.contaboserver.net Hello 224.222.24.236 [224.222.24.236] 250-SIZE 52428800 250-8BITMIME 250-PIPELINING 250-PIPECONNECT 250-AUTH LOGIN PLAIN 250-CHUNKING 250-STARTTLS 250-SMTPUTF8 250 HELP
Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C=EE, ST=Tallinn, L=Tallinn, O=CompanyName, OU=User, CN=etc Validity Not Before: Apr 23 02:34:37 2024 GMT Not After : Apr 23 02:34:37 2025 GMT Subject: C=EE, ST=Tallinn, L=Tallinn, O=CompanyName, OU=User, CN=etc Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d1:4f:9c:75:0a:cd:d4:1e:de:dc:96:71:a5:96: ae:72:c8:4d:21:3b:10:ae:d7:2b:fb:af:9e:7f:02: 04:06:ae:ac:c0:cb:cf:26:a7:d0:d5:54:2d:d7:0f: cc:f6:99:c1:e3:df:08:48:40:44:ce:d6:cc:8b:c7: cd:40:84:a8:46:1a:21:75:7f:80:96:90:e3:50:5f: e1:20:6a:a6:3a:0c:3a:a3:fe:b3:50:df:af:92:6f: dd:39:81:c9:76:6e:2e:2a:b4:f9:75:46:2b:eb:52: 0c:fd:7e:15:c3:14:d1:d8:8d:3c:57:fa:a3:60:5c: 5b:65:fc:9c:12:85:ba:ca:13:db:3c:df:fc:f8:fc: ed:fa:80:63:3b:45:34:ee:88:04:b9:26:49:75:9a: e5:55:19:59:5f:af:26:84:5b:b0:b4:d4:31:80:ed: d0:0f:14:b9:85:c2:6b:c5:ad:c4:8e:f5:b8:85:ec: 14:a2:65:24:5b:99:90:a0:c0:42:64:95:30:4f:fa: df:f5:91:a6:e3:06:6d:f4:55:de:9c:2e:4b:72:ce: d4:9d:a8:88:7a:e1:c6:22:d1:dd:7f:c7:f0:03:e3: dd:ab:43:97:95:de:dd:f9:bc:c2:38:02:80:a4:4d: 26:dc:79:1a:dd:10:f3:8d:f5:0f:cb:bb:66:f7:dd: 61:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE Signature Algorithm: sha256WithRSAEncryption Signature Value: bc:37:25:45:97:f8:11:f6:0f:ef:34:2b:2e:57:e4:53:df:60: 20:4e:b3:13:c1:4a:66:30:2b:e2:f5:4e:32:3d:29:c3:ac:e3: eb:fc:2a:e5:94:72:25:c4:2e:37:de:f2:3e:b1:32:a8:63:a8: a1:d9:d4:ae:3c:03:04:2c:70:6b:6c:56:6a:67:1f:c9:e0:b7: 9e:da:6e:1e:42:1d:2b:6c:78:97:a5:ce:89:20:fd:0a:71:0b: 65:86:52:3e:f3:41:0e:05:56:b8:c4:49:e9:05:cb:3b:82:24: 09:db:c5:6e:b5:0e:da:c4:ab:55:89:94:00:27:e8:c6:57:c3: 23:fb:31:96:93:68:b5:a2:1f:a4:6c:1f:68:85:fd:04:5c:81: a0:92:99:d9:2c:68:e2:36:84:b8:31:9f:5c:9a:7e:40:89:63: e3:6d:ba:79:96:7d:66:a0:e3:cb:9c:88:36:a4:ce:8d:99:91: bd:1d:ed:10:8b:fd:d6:c4:2b:f4:a5:6f:a4:13:8f:87:13:6f: 4f:6e:c2:d7:f1:bd:68:d3:8d:48:d9:47:ba:35:1d:9e:20:12: 53:09:93:3c:50:b7:11:c3:13:e4:f4:91:43:e3:bb:11:b9:a0: 16:df:b0:23:f8:9f:b4:6c:89:4a:80:2c:3b:fc:82:35:5b:21: 8a:4c:84:ac
234041667 | 2024-05-10T08:10:14.48962280 / tcp
HTTP/1.1 200 OK Server: nginx/1.24.0 Date: Fri, 10 May 2024 08:10:13 GMT Content-Type: text/html Content-Length: 15793 Last-Modified: Mon, 22 Apr 2024 08:58:06 GMT Connection: keep-alive ETag: "6626269e-3db1" Accept-Ranges: bytes
1957077569 | 2024-04-16T04:22:32.305753143 / tcp
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS LOGINDISABLED] Dovecot (Debian) ready. * CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS LOGINDISABLED A001 OK Pre-login capabilities listed, post-login capabilities have more. * ID ("name" "Dovecot") A002 OK ID completed. A003 BAD Error in IMAP command received by server. * BYE Logging out A004 OK Logout completed.
Certificate: Data: Version: 3 (0x2) Serial Number: 04:27:16:3b:82:39:c4:6b:fa:c8:16:31:2d:75:8e:d8:62:4d Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R3 Validity Not Before: Mar 5 23:48:16 2024 GMT Not After : Jun 3 23:48:15 2024 GMT Subject: CN=mail.ativbeneficios.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:e0:a2:a3:7a:cf:1e:bb:bb:30:d9:ff:2b:b4:af: c2:85:57:02:d7:0a:65:3d:0c:e3:e6:7f:d2:fa:a7: 6d:21:ca:49:71:85:34:13:f0:65:8b:81:8c:b5:1b: d0:26:3c:de:4c:d4:44:f8:04:3b:fa:d5:e3:55:ce: b7:3f:b2:a7:67:25:b5:d7:61:14:06:79:7a:b1:7a: 74:e9:60:5c:64:f4:35:92:6f:f7:f6:b2:6c:8a:5d: 05:49:33:ac:65:48:ca:3c:7f:d3:76:cd:a4:b5:29: 6f:80:2d:61:f8:f3:03:9d:66:a0:92:2f:13:d7:92: 78:ef:89:52:52:03:40:36:bf:68:66:86:09:0c:b3: 3b:ac:d4:fa:8c:6e:fb:08:a8:00:bb:2f:fa:3f:df: d1:97:57:25:0c:68:70:17:a7:77:f7:5d:c9:1d:5c: d4:ff:dd:07:1a:91:b0:de:08:14:e5:3a:1f:f2:cd: 6f:bb:0d:08:cf:bf:bb:1e:d4:ba:1b:24:ea:15:61: ab:4d:8b:e4:4f:e2:51:fb:1b:46:4f:48:78:2b:10: e9:08:3d:b8:4c:94:7e:3c:0a:31:bc:4a:5b:52:52: 5d:5c:89:0a:71:3d:21:ab:fe:21:70:cd:1f:1c:d2: 6c:aa:5b:45:d6:67:65:ba:ca:a2:15:71:4f:c2:89: 7f:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: A3:97:C1:D9:48:FC:AA:87:29:9C:91:BA:EC:6F:97:C7:2D:7E:14:46 X509v3 Authority Key Identifier: 14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6 Authority Information Access: OCSP - URI:http://r3.o.lencr.org CA Issuers - URI:http://r3.i.lencr.org/ X509v3 Subject Alternative Name: DNS:mail.ativbeneficios.com, DNS:mail.quacks.site X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Mar 6 00:48:16.287 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:2B:F2:DE:E4:BE:F9:61:EF:F2:37:9B:4C: 18:D8:6F:F1:7B:65:6C:43:28:DD:59:4F:2F:27:06:26: 5F:72:02:74:02:20:03:23:78:40:F8:3A:A7:34:B8:ED: 11:8C:EF:D9:E5:3A:B1:17:FA:81:F4:67:46:12:61:81: A6:DD:96:78:DA:59 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC: 65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8 Timestamp : Mar 6 00:48:16.317 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:B5:1C:B2:9B:5D:2C:9A:FB:CF:FC:DC: DE:EF:7E:17:C5:11:C9:B3:F6:93:D7:6F:C1:E0:79:32: 39:BA:E5:80:51:02:20:41:B6:C1:48:0A:E5:E1:4D:CD: 6E:80:6E:1C:64:F3:AA:9C:2D:0C:24:72:64:3E:81:72: B8:19:60:41:B3:EF:D3 Signature Algorithm: sha256WithRSAEncryption Signature Value: 11:fc:b6:e7:7b:63:94:78:8d:6d:c4:30:03:a0:68:21:46:3a: b3:a6:ec:ef:83:00:6a:cb:d3:49:98:8d:cf:1d:63:aa:ea:2a: dd:2d:56:19:df:67:01:e2:43:da:79:3b:bc:a0:16:0a:d3:ba: 7d:40:b9:17:71:5f:55:6c:ea:67:6f:23:52:33:5d:2c:59:77: 5f:97:52:4a:70:20:22:b3:45:5a:03:e5:1e:c4:fb:7e:09:25: 86:78:ad:64:55:82:86:13:3f:dd:cd:58:0e:ff:e3:4a:16:96: 40:f4:4c:b5:0a:6c:13:b5:f8:7e:7c:36:5e:f2:58:d7:97:1c: 80:99:71:d5:14:00:c9:20:b7:42:7c:48:ba:4f:3e:b5:6f:b2: ae:7d:a9:aa:df:25:2f:69:4c:b8:82:ad:a8:7e:68:bf:6b:ad: 71:1e:78:18:4f:37:5e:f0:90:f7:0d:64:8b:04:77:a1:21:e4: 0e:e4:b9:ce:64:1b:5f:42:5d:c0:0f:f9:d5:ba:fc:7a:c1:d7: cc:d8:8c:11:45:ad:f1:07:ad:63:4c:86:bc:ff:76:05:4b:35: 81:43:2b:e8:4d:41:b4:6f:ce:8b:6f:1e:3b:a6:6e:4d:ff:8c: c8:3a:20:53:ee:87:0b:63:06:04:1f:46:83:0d:fd:92:23:14: 94:fa:45:c4
234041667 | 2024-05-11T02:09:07.788191443 / tcp
HTTP/1.1 200 OK Server: nginx/1.24.0 Date: Sat, 11 May 2024 02:09:06 GMT Content-Type: text/html Content-Length: 15793 Last-Modified: Mon, 22 Apr 2024 08:58:06 GMT Connection: keep-alive ETag: "6626269e-3db1" Accept-Ranges: bytes
Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C=, ST=, L=, O=FASTPANEL, OU=, CN=parking Validity Not Before: Apr 23 02:34:07 2024 GMT Not After : Apr 23 02:34:07 2025 GMT Subject: C=, ST=, L=, O=FASTPANEL, OU=, CN=parking Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c9:3b:bd:ef:5b:07:6c:69:78:10:12:4f:87:9e: 80:70:45:9c:5a:f6:c3:8a:f7:62:69:41:92:09:60: e1:33:37:c3:cd:55:5d:ee:08:04:d7:7b:31:1f:d3: 36:f2:bb:ec:bd:70:a2:6f:d5:47:98:fa:0b:ce:f4: 71:19:17:1c:90:ad:a5:77:92:b4:71:40:0f:de:4c: 82:04:cf:5e:c1:cf:91:b9:37:f6:e7:e8:73:fa:0c: ee:1c:77:01:79:b7:58:7f:40:4b:75:d3:14:26:f8: 06:05:b8:e2:dc:06:04:bf:3d:db:83:a0:49:b8:d9: e2:ea:57:08:50:8f:9a:d9:42:bb:a4:44:1c:69:d2: 5a:26:04:97:ec:9e:e1:ac:6f:c8:6e:c3:7f:f3:8f: 95:43:2f:ae:97:68:14:29:ea:c0:19:ef:8d:92:2a: 79:68:50:0d:19:78:df:9f:e7:dd:f6:16:51:e6:d0: 82:cb:eb:a0:37:87:a9:b8:87:8c:4e:65:fb:58:e7: 8d:15:11:bf:b1:bc:63:44:85:2c:40:85:24:76:63: 4c:ac:95:b6:cf:0e:2c:32:ca:e1:bd:df:72:b2:60: 0c:4b:d4:a6:f5:2a:8c:c7:b9:a3:03:ae:d3:70:81: cd:c1:46:cc:e8:0e:71:8a:57:df:f2:2e:6c:31:90: ee:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE Signature Algorithm: sha256WithRSAEncryption Signature Value: b0:f8:3d:8c:d3:0b:55:55:9b:78:be:ea:bf:b4:b7:08:82:50: 58:10:28:e9:13:d7:fc:5e:1b:4d:ce:24:e1:13:53:e0:d9:b0: 77:bd:9b:69:d1:98:3e:f0:85:28:96:2b:1b:3b:bb:52:3c:79: fa:8d:ec:ec:29:94:b8:3f:1e:df:ea:87:2e:f1:25:96:c1:e8: 14:f5:fe:4a:ec:22:14:b5:30:f5:01:66:31:66:41:85:a9:1c: b2:81:a3:55:f8:4e:2d:25:02:0d:55:3b:a3:4b:27:ae:f6:fa: 88:b7:d8:86:6f:cf:de:80:b6:75:2b:bb:74:75:85:6b:08:28: 42:b0:02:fb:66:a7:56:91:75:bb:e8:56:29:7d:5f:2f:02:dd: dd:8f:37:8b:af:4a:11:d4:b7:57:93:27:9d:26:67:b8:37:47: c9:3a:35:bf:30:b5:e8:ad:32:e2:19:e2:6e:00:49:a6:6e:a2: f0:5a:03:94:3c:98:cb:09:42:a0:9d:e1:da:de:51:da:a1:e3: af:a3:bc:86:df:9f:c0:b8:f5:f8:c5:43:ac:7c:8d:c6:f9:a5: ad:2e:bc:90:c2:8b:62:f4:8e:6f:77:94:ff:65:b6:6e:13:9d: 47:da:e9:10:2c:21:b3:65:53:09:2e:e0:d8:23:19:96:9b:b8: f7:b2:a6:e5
440764872 | 2024-05-04T14:41:17.479285465 / tcp
220 vmi1700012.contaboserver.net ESMTP Exim 4.96 Sat, 04 May 2024 11:40:50 -0300 250-vmi1700012.contaboserver.net Hello tvxd1dtsbm0rw.org [224.161.150.0] 250-SIZE 52428800 250-8BITMIME 250-PIPELINING 250-PIPECONNECT 250-AUTH LOGIN PLAIN 250-CHUNKING 250-SMTPUTF8 250 HELP
Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C=EE, ST=Tallinn, L=Tallinn, O=CompanyName, OU=User, CN=etc Validity Not Before: Apr 23 02:34:37 2024 GMT Not After : Apr 23 02:34:37 2025 GMT Subject: C=EE, ST=Tallinn, L=Tallinn, O=CompanyName, OU=User, CN=etc Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d1:4f:9c:75:0a:cd:d4:1e:de:dc:96:71:a5:96: ae:72:c8:4d:21:3b:10:ae:d7:2b:fb:af:9e:7f:02: 04:06:ae:ac:c0:cb:cf:26:a7:d0:d5:54:2d:d7:0f: cc:f6:99:c1:e3:df:08:48:40:44:ce:d6:cc:8b:c7: cd:40:84:a8:46:1a:21:75:7f:80:96:90:e3:50:5f: e1:20:6a:a6:3a:0c:3a:a3:fe:b3:50:df:af:92:6f: dd:39:81:c9:76:6e:2e:2a:b4:f9:75:46:2b:eb:52: 0c:fd:7e:15:c3:14:d1:d8:8d:3c:57:fa:a3:60:5c: 5b:65:fc:9c:12:85:ba:ca:13:db:3c:df:fc:f8:fc: ed:fa:80:63:3b:45:34:ee:88:04:b9:26:49:75:9a: e5:55:19:59:5f:af:26:84:5b:b0:b4:d4:31:80:ed: d0:0f:14:b9:85:c2:6b:c5:ad:c4:8e:f5:b8:85:ec: 14:a2:65:24:5b:99:90:a0:c0:42:64:95:30:4f:fa: df:f5:91:a6:e3:06:6d:f4:55:de:9c:2e:4b:72:ce: d4:9d:a8:88:7a:e1:c6:22:d1:dd:7f:c7:f0:03:e3: dd:ab:43:97:95:de:dd:f9:bc:c2:38:02:80:a4:4d: 26:dc:79:1a:dd:10:f3:8d:f5:0f:cb:bb:66:f7:dd: 61:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE Signature Algorithm: sha256WithRSAEncryption Signature Value: bc:37:25:45:97:f8:11:f6:0f:ef:34:2b:2e:57:e4:53:df:60: 20:4e:b3:13:c1:4a:66:30:2b:e2:f5:4e:32:3d:29:c3:ac:e3: eb:fc:2a:e5:94:72:25:c4:2e:37:de:f2:3e:b1:32:a8:63:a8: a1:d9:d4:ae:3c:03:04:2c:70:6b:6c:56:6a:67:1f:c9:e0:b7: 9e:da:6e:1e:42:1d:2b:6c:78:97:a5:ce:89:20:fd:0a:71:0b: 65:86:52:3e:f3:41:0e:05:56:b8:c4:49:e9:05:cb:3b:82:24: 09:db:c5:6e:b5:0e:da:c4:ab:55:89:94:00:27:e8:c6:57:c3: 23:fb:31:96:93:68:b5:a2:1f:a4:6c:1f:68:85:fd:04:5c:81: a0:92:99:d9:2c:68:e2:36:84:b8:31:9f:5c:9a:7e:40:89:63: e3:6d:ba:79:96:7d:66:a0:e3:cb:9c:88:36:a4:ce:8d:99:91: bd:1d:ed:10:8b:fd:d6:c4:2b:f4:a5:6f:a4:13:8f:87:13:6f: 4f:6e:c2:d7:f1:bd:68:d3:8d:48:d9:47:ba:35:1d:9e:20:12: 53:09:93:3c:50:b7:11:c3:13:e4:f4:91:43:e3:bb:11:b9:a0: 16:df:b0:23:f8:9f:b4:6c:89:4a:80:2c:3b:fc:82:35:5b:21: 8a:4c:84:ac
1851833712 | 2024-05-09T22:18:38.733059587 / tcp
220 vmi1700012.contaboserver.net ESMTP Exim 4.96 Thu, 09 May 2024 19:18:33 -0300 250-vmi1700012.contaboserver.net Hello 224.149.84.158 [224.149.84.158] 250-SIZE 52428800 250-8BITMIME 250-PIPELINING 250-PIPECONNECT 250-AUTH LOGIN PLAIN 250-CHUNKING 250-STARTTLS 250-SMTPUTF8 250 HELP
Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C=EE, ST=Tallinn, L=Tallinn, O=CompanyName, OU=User, CN=etc Validity Not Before: Apr 23 02:34:37 2024 GMT Not After : Apr 23 02:34:37 2025 GMT Subject: C=EE, ST=Tallinn, L=Tallinn, O=CompanyName, OU=User, CN=etc Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d1:4f:9c:75:0a:cd:d4:1e:de:dc:96:71:a5:96: ae:72:c8:4d:21:3b:10:ae:d7:2b:fb:af:9e:7f:02: 04:06:ae:ac:c0:cb:cf:26:a7:d0:d5:54:2d:d7:0f: cc:f6:99:c1:e3:df:08:48:40:44:ce:d6:cc:8b:c7: cd:40:84:a8:46:1a:21:75:7f:80:96:90:e3:50:5f: e1:20:6a:a6:3a:0c:3a:a3:fe:b3:50:df:af:92:6f: dd:39:81:c9:76:6e:2e:2a:b4:f9:75:46:2b:eb:52: 0c:fd:7e:15:c3:14:d1:d8:8d:3c:57:fa:a3:60:5c: 5b:65:fc:9c:12:85:ba:ca:13:db:3c:df:fc:f8:fc: ed:fa:80:63:3b:45:34:ee:88:04:b9:26:49:75:9a: e5:55:19:59:5f:af:26:84:5b:b0:b4:d4:31:80:ed: d0:0f:14:b9:85:c2:6b:c5:ad:c4:8e:f5:b8:85:ec: 14:a2:65:24:5b:99:90:a0:c0:42:64:95:30:4f:fa: df:f5:91:a6:e3:06:6d:f4:55:de:9c:2e:4b:72:ce: d4:9d:a8:88:7a:e1:c6:22:d1:dd:7f:c7:f0:03:e3: dd:ab:43:97:95:de:dd:f9:bc:c2:38:02:80:a4:4d: 26:dc:79:1a:dd:10:f3:8d:f5:0f:cb:bb:66:f7:dd: 61:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE Signature Algorithm: sha256WithRSAEncryption Signature Value: bc:37:25:45:97:f8:11:f6:0f:ef:34:2b:2e:57:e4:53:df:60: 20:4e:b3:13:c1:4a:66:30:2b:e2:f5:4e:32:3d:29:c3:ac:e3: eb:fc:2a:e5:94:72:25:c4:2e:37:de:f2:3e:b1:32:a8:63:a8: a1:d9:d4:ae:3c:03:04:2c:70:6b:6c:56:6a:67:1f:c9:e0:b7: 9e:da:6e:1e:42:1d:2b:6c:78:97:a5:ce:89:20:fd:0a:71:0b: 65:86:52:3e:f3:41:0e:05:56:b8:c4:49:e9:05:cb:3b:82:24: 09:db:c5:6e:b5:0e:da:c4:ab:55:89:94:00:27:e8:c6:57:c3: 23:fb:31:96:93:68:b5:a2:1f:a4:6c:1f:68:85:fd:04:5c:81: a0:92:99:d9:2c:68:e2:36:84:b8:31:9f:5c:9a:7e:40:89:63: e3:6d:ba:79:96:7d:66:a0:e3:cb:9c:88:36:a4:ce:8d:99:91: bd:1d:ed:10:8b:fd:d6:c4:2b:f4:a5:6f:a4:13:8f:87:13:6f: 4f:6e:c2:d7:f1:bd:68:d3:8d:48:d9:47:ba:35:1d:9e:20:12: 53:09:93:3c:50:b7:11:c3:13:e4:f4:91:43:e3:bb:11:b9:a0: 16:df:b0:23:f8:9f:b4:6c:89:4a:80:2c:3b:fc:82:35:5b:21: 8a:4c:84:ac
1664207957 | 2024-05-07T06:42:27.122874993 / tcp
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Debian) ready. * CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN A001 OK Pre-login capabilities listed, post-login capabilities have more. * ID ("name" "Dovecot") A002 OK ID completed. A003 BAD Error in IMAP command received by server. * BYE Logging out A004 OK Logout completed.
Certificate: Data: Version: 3 (0x2) Serial Number: 6b:17:43:57:bc:4f:74:9b:18:2d:01:2d:1e:9e:fd:cb:63:1b:57:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=vmi1700012.contaboserver.net Validity Not Before: Apr 23 02:33:51 2024 GMT Not After : Apr 21 02:33:51 2034 GMT Subject: CN=vmi1700012.contaboserver.net Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:f9:50:8c:6f:0d:fa:2d:75:81:ad:60:eb:9f:2c: 95:82:1b:4b:fa:5f:7e:99:88:f2:1b:23:99:47:51: 5a:74:dc:e3:a9:e4:e8:a4:43:75:42:fe:e2:64:6c: 0d:e6:eb:b4:fb:41:60:0c:d0:b3:05:94:b6:5a:44: 4c:d2:06:25:a4:cb:47:3c:16:3c:e1:d5:2e:32:7d: 97:1a:ce:d2:2b:70:a5:e2:4a:75:bb:f9:3c:ac:0b: bc:72:57:da:94:b9:93:bd:05:6d:85:25:fc:fc:52: 41:9d:35:1a:bf:57:27:9c:ed:4c:08:50:be:c6:d1: 32:23:bc:c2:23:e6:9c:b9:b5:da:c6:fb:6a:ba:c3: fc:42:fd:4d:9c:11:97:f1:38:93:98:55:db:22:67: 65:6e:fd:a5:cd:6a:4a:0f:39:b0:a4:ac:ed:10:37: 8b:60:d7:52:db:af:33:64:0d:d1:10:3b:76:11:a9: 34:29:5c:58:55:c4:32:c1:d7:e8:06:b6:ad:1d:86: 2a:c1:a0:90:33:76:20:ad:7c:a9:d2:4e:cb:73:db: 52:eb:6a:82:56:f1:02:91:43:02:99:55:f1:19:1b: d3:01:7e:5b:f9:17:2d:07:5a:52:9d:a7:94:db:29: d8:a1:9a:77:9f:0d:26:2d:a5:15:75:ff:d7:0f:e7: 96:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Subject Alternative Name: DNS:vmi1700012.contaboserver.net X509v3 Subject Key Identifier: 32:3C:B7:4B:E6:38:DA:93:5C:7D:93:74:56:8F:18:55:5A:70:8A:6A Signature Algorithm: sha256WithRSAEncryption Signature Value: 37:a2:76:bc:7d:90:43:5a:40:e5:bf:24:0e:e1:0e:b6:cc:ff: 5d:68:ab:55:69:1a:ba:1b:64:c4:01:44:95:b7:76:24:da:89: 53:ae:8f:6d:75:50:e7:53:6c:ad:9c:77:c4:f0:ea:ec:1f:e5: cd:51:0d:a9:63:5a:2a:77:f3:51:af:26:7c:55:77:2d:9f:8f: fd:86:7e:0c:df:7d:aa:46:3e:e2:3a:47:04:e5:bd:cc:58:ef: d3:b2:27:b5:74:92:d6:21:90:55:be:13:f0:ae:e9:44:8d:56: 62:99:47:08:f2:c0:1b:43:0a:ed:88:1c:c5:2f:80:cf:1e:4e: b2:13:10:ab:9d:f5:0e:cf:5e:1c:cf:bf:8d:75:1f:73:10:7a: 8b:07:37:14:4f:30:17:6c:ce:79:68:f1:5b:80:16:8a:e5:5f: 78:a5:c4:8e:50:4e:d9:e0:74:ab:c1:45:d0:a3:d8:1c:c4:bd: 05:12:cf:5e:42:7b:68:1b:6b:55:f5:da:01:26:e7:86:59:08: 2e:6b:5c:3a:ef:4f:db:21:5c:fb:07:99:6d:c2:4d:90:a5:b9: ec:ae:92:92:74:9f:48:63:27:e2:72:aa:d7:86:03:bd:2c:fe: bd:c5:23:f3:dc:74:8e:55:cd:3b:ff:10:d3:d4:2e:e6:cb:71: 45:14:8c:fa
127848054 | 2024-05-05T07:41:36.933617995 / tcp
+OK Dovecot (Debian) ready. +OK CAPA TOP UIDL RESP-CODES PIPELINING AUTH-RESP-CODE USER SASL PLAIN LOGIN .
Certificate: Data: Version: 3 (0x2) Serial Number: 6b:17:43:57:bc:4f:74:9b:18:2d:01:2d:1e:9e:fd:cb:63:1b:57:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=vmi1700012.contaboserver.net Validity Not Before: Apr 23 02:33:51 2024 GMT Not After : Apr 21 02:33:51 2034 GMT Subject: CN=vmi1700012.contaboserver.net Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:f9:50:8c:6f:0d:fa:2d:75:81:ad:60:eb:9f:2c: 95:82:1b:4b:fa:5f:7e:99:88:f2:1b:23:99:47:51: 5a:74:dc:e3:a9:e4:e8:a4:43:75:42:fe:e2:64:6c: 0d:e6:eb:b4:fb:41:60:0c:d0:b3:05:94:b6:5a:44: 4c:d2:06:25:a4:cb:47:3c:16:3c:e1:d5:2e:32:7d: 97:1a:ce:d2:2b:70:a5:e2:4a:75:bb:f9:3c:ac:0b: bc:72:57:da:94:b9:93:bd:05:6d:85:25:fc:fc:52: 41:9d:35:1a:bf:57:27:9c:ed:4c:08:50:be:c6:d1: 32:23:bc:c2:23:e6:9c:b9:b5:da:c6:fb:6a:ba:c3: fc:42:fd:4d:9c:11:97:f1:38:93:98:55:db:22:67: 65:6e:fd:a5:cd:6a:4a:0f:39:b0:a4:ac:ed:10:37: 8b:60:d7:52:db:af:33:64:0d:d1:10:3b:76:11:a9: 34:29:5c:58:55:c4:32:c1:d7:e8:06:b6:ad:1d:86: 2a:c1:a0:90:33:76:20:ad:7c:a9:d2:4e:cb:73:db: 52:eb:6a:82:56:f1:02:91:43:02:99:55:f1:19:1b: d3:01:7e:5b:f9:17:2d:07:5a:52:9d:a7:94:db:29: d8:a1:9a:77:9f:0d:26:2d:a5:15:75:ff:d7:0f:e7: 96:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Subject Alternative Name: DNS:vmi1700012.contaboserver.net X509v3 Subject Key Identifier: 32:3C:B7:4B:E6:38:DA:93:5C:7D:93:74:56:8F:18:55:5A:70:8A:6A Signature Algorithm: sha256WithRSAEncryption Signature Value: 37:a2:76:bc:7d:90:43:5a:40:e5:bf:24:0e:e1:0e:b6:cc:ff: 5d:68:ab:55:69:1a:ba:1b:64:c4:01:44:95:b7:76:24:da:89: 53:ae:8f:6d:75:50:e7:53:6c:ad:9c:77:c4:f0:ea:ec:1f:e5: cd:51:0d:a9:63:5a:2a:77:f3:51:af:26:7c:55:77:2d:9f:8f: fd:86:7e:0c:df:7d:aa:46:3e:e2:3a:47:04:e5:bd:cc:58:ef: d3:b2:27:b5:74:92:d6:21:90:55:be:13:f0:ae:e9:44:8d:56: 62:99:47:08:f2:c0:1b:43:0a:ed:88:1c:c5:2f:80:cf:1e:4e: b2:13:10:ab:9d:f5:0e:cf:5e:1c:cf:bf:8d:75:1f:73:10:7a: 8b:07:37:14:4f:30:17:6c:ce:79:68:f1:5b:80:16:8a:e5:5f: 78:a5:c4:8e:50:4e:d9:e0:74:ab:c1:45:d0:a3:d8:1c:c4:bd: 05:12:cf:5e:42:7b:68:1b:6b:55:f5:da:01:26:e7:86:59:08: 2e:6b:5c:3a:ef:4f:db:21:5c:fb:07:99:6d:c2:4d:90:a5:b9: ec:ae:92:92:74:9f:48:63:27:e2:72:aa:d7:86:03:bd:2c:fe: bd:c5:23:f3:dc:74:8e:55:cd:3b:ff:10:d3:d4:2e:e6:cb:71: 45:14:8c:fa
-1039577738 | 2024-04-13T15:11:38.3200384190 / tcp
"IMPLEMENTATION" "Dovecot (Debian) Pigeonhole"\r\n"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext"\r\n"NOTIFY" "mailto"\r\n"SASL" ""\r\n"STARTTLS"\r\n"VERSION" "1.0"\r\nOK "Dovecot (Debian) ready."\r\n
1637199859 | 2024-05-10T20:53:22.7231677777 / tcp
HTTP/1.1 200 OK Server: nginx Date: Fri, 10 May 2024 20:53:22 GMT Content-Type: text/html Content-Length: 615 Last-Modified: Mon, 06 May 2024 12:07:55 GMT Connection: keep-alive ETag: "6638c81b-267" Accept-Ranges: bytes
-23674247 | 2024-05-10T19:11:39.4309148888 / tcp
HTTP/1.1 302 Moved Temporarily Server: nginx Date: Fri, 10 May 2024 19:11:39 GMT Content-Type: text/html Content-Length: 138 Connection: close Location: https://5.189.148.47:8888/