GeneralInformation

Hostnames	ban-host.ru www.ban-host.ru host.135.dynamic1.l2tp.subnets.svg.ttkdv.ru
Domains	ban-host.ru ttkdv.ru
Country	Russian Federation
City	Komsomolsk-on-Amur
Organization	Joint Stock Company TransTeleCom
ISP	Joint Stock Company TransTeleCom
ASN	AS20485

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51766	5.3Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
CVE-2023-51713	7.5make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics.
CVE-2023-48795	5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2022-37452	9.8Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
CVE-2022-37451	7.5Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.
CVE-2021-46854	7.5mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters.
CVE-2021-38371	7.5The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.
CVE-2021-27216	6.3Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options.
CVE-2020-9272	7.5ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
CVE-2020-8015	7.8A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.
CVE-2020-28026	9.8Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary commands as root.
CVE-2020-28025	7.5Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory.
CVE-2020-28024	9.8Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.
CVE-2020-28023	7.5Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client.
CVE-2020-28022	9.8Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
CVE-2020-28021	8.8Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command.
CVE-2020-28020	9.8Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction.
CVE-2020-28019	7.5Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA.
CVE-2020-28017	9.8Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.
CVE-2020-28016	7.8Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parse_fix_phrase.
CVE-2020-28015	7.8Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character.
CVE-2020-28014	6.1Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.
CVE-2020-28013	7.8Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.
CVE-2020-28012	7.8Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rda_interpret uses a privileged pipe that lacks a close-on-exec flag.
CVE-2020-28011	7.8Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S. This may cause privilege escalation from exim to root.
CVE-2020-28010	7.8Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small (on some common platforms).
CVE-2020-28009	7.8Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because get_stdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow (multiple days).
CVE-2020-28008	7.8Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory (owned by a non-root user), an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution.
CVE-2020-28007	7.8Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem.
CVE-2020-12783	7.5Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.
CVE-2019-19272	7.5An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
CVE-2019-19271	7.5An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been revoked to proceed with a connection to the server.
CVE-2019-19269	4.9An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
CVE-2019-15846	9.8Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
CVE-2019-13917	9.8Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
CVE-2019-12815	9.8An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CVE-2019-10149	9.0A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
CVE-2018-6789	9.8An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
CVE-2017-16944	7.5The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the bdat_getc function.
CVE-2017-16943	9.8The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.
CVE-2017-1000369	4.0Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.

OpenPorts

21 22 25 53 80 110 123 143 443 465 587 993 995 1500 1701

-1200370764 | 2024-04-11T10:17:11.344405

21 / tcp

220 ProFTPD 1.3.5b Server (Debian) [::ffff:62.249.138.135]
530 Некорректные данные аутентификации.
214-Следующие команды были распознаны (* => не реализовано):
214-CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
214-EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
214-XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
214-NOOP    FEAT    OPTS    AUTH    CCC*    CONF*   ENC*    MIC*    
214-PBSZ    PROT    TYPE    STRU    MODE    RETR    STOR    STOU    
214-APPE    REST    ABOR    USER    PASS    ACCT*   REIN*   LIST    
214-NLST    STAT    SITE    MLSD    MLST    
214 Прямой комментарий для root@server-rus.ru
211-Features:
 UTF8
 EPRT
 SITE SYMLINK
 EPSV
 SITE UTIME
 MDTM
 SITE RMDIR
 SSCN
 TVFS
 SITE COPY
 MFMT
 SIZE
 PROT
 CCC
 SITE MKDIR
 PBSZ
 LANG ru-RU.UTF-8*;ru-RU
 AUTH TLS
 MFF modify;UNIX.group;UNIX.mode;
 REST STREAM
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
211 Конец

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            c6:de:79:51:8a:20:56:5d
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Validity
            Not Before: Jul 28 22:11:52 2021 GMT
            Not After : Jul 26 22:11:52 2031 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:af:ef:ea:a5:a2:c6:39:9c:c7:9d:32:a9:ea:06:
                    9d:5e:7c:1b:07:ea:ec:ad:1c:df:10:f8:0f:42:1f:
                    f5:c0:e4:32:11:8f:7c:54:06:c5:99:3f:9c:30:b3:
                    35:b0:2a:8f:50:e0:54:d1:db:b2:c1:c8:c1:7d:3c:
                    27:2b:c2:3d:4f:f1:f0:47:3c:f7:46:42:ce:b7:cf:
                    99:36:cc:af:09:27:29:cc:08:79:a4:d7:77:62:be:
                    f4:e8:71:ed:bd:43:d2:ca:22:99:1d:0a:1e:34:b3:
                    31:50:1b:89:78:83:d9:31:9b:0a:c6:6d:a4:08:13:
                    de:1a:d3:47:d9:1e:21:d3:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E2:B7:D0:84:93:9F:A3:B7:D5:CF:BE:2E:67:5D:CD:47:29:FD:12:13
            X509v3 Authority Key Identifier: 
                E2:B7:D0:84:93:9F:A3:B7:D5:CF:BE:2E:67:5D:CD:47:29:FD:12:13
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        af:bc:43:52:de:09:1c:4e:95:47:0f:75:1f:e5:4d:ef:83:f3:
        c7:92:ae:34:e1:fe:91:4b:6f:b8:ca:c8:f9:02:c8:9e:53:98:
        fa:9f:5f:ef:cb:1d:54:f2:18:41:3e:cd:cb:3d:05:61:6b:29:
        0e:70:4b:37:c6:ea:5b:8b:58:1b:d0:7d:57:76:16:f9:8d:23:
        af:1a:ea:45:58:a9:7b:e9:76:63:e7:4c:3b:04:dc:aa:e2:3b:
        95:07:ba:c2:b6:6a:f2:c8:e6:3d:7b:80:10:cb:e6:83:08:8e:
        51:08:81:ac:22:29:fb:fa:e6:cf:c7:e0:cf:1f:8f:5b:d6:94:
        ac:d8

-219281135 | 2024-04-15T04:59:53.565954

22 / tcp

SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCwAdsW62r6wbBf3/166E1gqFd3CrD/HBxg+jBtYRxUCvjH
sNWBDV6uLsqWSMEnBZ8c8NswgdzccayMn8wRxdw9qkV8XCtEEKoe8obFeangj6upCTn8iZ4iC47D
/JI6bel6YIxwRcXCg2wK23vbOiUvfkU0JlERRDN4B78C9ivGcJw4Ly7fiKXDQ5ptnNJN7xADIWw+
WjKXUvG7MwwI0My3ikTZEFItMoTnABDqVvsN8O4kY1krvY7Y7Mg/71xZ2hArDVbtrtXnRpPdRBH3
Naf8YcXnEO+4U2HMuKyBYsT42HsWQ1UYsTm8GFE2gc1ac5X29LmAvhEZyj63amFBJLfB
Fingerprint: f1:0d:3c:39:10:6a:3a:40:24:c7:5e:fa:05:76:4b:37

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1546509149 | 2024-04-17T15:19:45.786603

25 / tcp

220 server-rus.ru ESMTP Exim 4.89 Wed, 17 Apr 2024 18:19:07 +0300
250-server-rus.ru Hello 224.70.37.85 [224.70.37.85]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5
250-STARTTLS
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e0:e6:36:03:41:e4:49:3e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Validity
            Not Before: Jul 28 22:10:20 2021 GMT
            Not After : Jul 26 22:10:20 2031 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:b4:f1:b8:35:a6:12:4c:83:ac:30:7b:5d:75:98:
                    9a:8c:ed:bc:31:3a:9d:98:a1:db:d6:29:b5:e6:c8:
                    27:3e:1d:4f:37:26:f5:2a:b9:fc:3e:bc:69:4f:06:
                    54:02:59:94:b7:15:31:0a:00:03:fd:ce:57:2e:db:
                    82:bc:26:09:d0:14:e6:91:f0:c7:eb:cc:e5:15:7a:
                    c5:3b:4c:9b:85:3d:72:2d:2b:2c:5b:32:8e:e5:d6:
                    f5:08:89:07:7c:1b:1b:6a:8d:38:85:fa:e6:2d:eb:
                    00:97:a1:14:a7:f0:61:f4:5f:0f:ca:26:21:55:2e:
                    88:d1:d0:26:71:16:2b:44:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Authority Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4c:da:3e:9c:2c:86:95:29:35:19:8b:4b:98:b7:47:59:97:a8:
        43:3e:a0:6c:05:6a:75:cf:8f:3a:2c:ca:b0:ba:8a:7b:28:f3:
        80:9b:1d:b5:be:7d:3f:42:25:80:c1:b0:fc:1a:c5:65:2a:35:
        79:b6:22:27:8c:9a:f4:5c:bf:fd:32:55:a2:70:ac:71:87:ea:
        e9:8a:c0:ad:e3:33:65:ea:76:3c:e1:0c:06:7a:04:d8:3c:86:
        8d:f1:47:79:54:a9:72:a0:da:db:ae:35:6b:e6:7f:f0:9f:bd:
        84:e0:b6:12:ac:91:d9:8a:77:e5:ee:ac:80:b1:3e:54:8d:4b:
        17:a4

-96214290 | 2024-04-13T14:04:18.016308

53 / tcp

9.10.3-P4-Debian
Resolver name: server-rus

-96214290 | 2024-04-19T05:34:09.239843

53 / udp

9.10.3-P4-Debian
Resolver name: server-rus

650231679 | 2024-04-17T23:02:59.663375

80 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Date: Wed, 17 Apr 2024 23:02:59 GMT
Content-Type: text/html
Content-Length: 3850
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6101c5c3-f0a"

97492738 | 2024-04-13T16:35:04.308640

110 / tcp

+OK Dovecot ready.
+OK
CAPA
TOP
UIDL
RESP-CODES
PIPELINING
AUTH-RESP-CODE
STLS
USER
SASL PLAIN LOGIN DIGEST-MD5 CRAM-MD5
.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e0:e6:36:03:41:e4:49:3e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Validity
            Not Before: Jul 28 22:10:20 2021 GMT
            Not After : Jul 26 22:10:20 2031 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:b4:f1:b8:35:a6:12:4c:83:ac:30:7b:5d:75:98:
                    9a:8c:ed:bc:31:3a:9d:98:a1:db:d6:29:b5:e6:c8:
                    27:3e:1d:4f:37:26:f5:2a:b9:fc:3e:bc:69:4f:06:
                    54:02:59:94:b7:15:31:0a:00:03:fd:ce:57:2e:db:
                    82:bc:26:09:d0:14:e6:91:f0:c7:eb:cc:e5:15:7a:
                    c5:3b:4c:9b:85:3d:72:2d:2b:2c:5b:32:8e:e5:d6:
                    f5:08:89:07:7c:1b:1b:6a:8d:38:85:fa:e6:2d:eb:
                    00:97:a1:14:a7:f0:61:f4:5f:0f:ca:26:21:55:2e:
                    88:d1:d0:26:71:16:2b:44:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Authority Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4c:da:3e:9c:2c:86:95:29:35:19:8b:4b:98:b7:47:59:97:a8:
        43:3e:a0:6c:05:6a:75:cf:8f:3a:2c:ca:b0:ba:8a:7b:28:f3:
        80:9b:1d:b5:be:7d:3f:42:25:80:c1:b0:fc:1a:c5:65:2a:35:
        79:b6:22:27:8c:9a:f4:5c:bf:fd:32:55:a2:70:ac:71:87:ea:
        e9:8a:c0:ad:e3:33:65:ea:76:3c:e1:0c:06:7a:04:d8:3c:86:
        8d:f1:47:79:54:a9:72:a0:da:db:ae:35:6b:e6:7f:f0:9f:bd:
        84:e0:b6:12:ac:91:d9:8a:77:e5:ee:ac:80:b1:3e:54:8d:4b:
        17:a4

-2037328890 | 2024-04-11T11:33:37.008555

123 / udp

NTP
protocolversion: 3
stratum: 0
leap: 3
precision: 0
rootdelay: 0.0
rootdisp: 0.0
refid: 1380013125
reftime: 0.0
poll: 3

115487969 | 2024-04-15T16:57:52.128846

143 / tcp

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5
A001 OK Pre-login capabilities listed, post-login capabilities have more.
* ID ("name" "Dovecot")
A002 OK ID completed.
A003 BAD Error in IMAP command received by server.
* BYE Logging out
A004 OK Logout completed.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e0:e6:36:03:41:e4:49:3e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Validity
            Not Before: Jul 28 22:10:20 2021 GMT
            Not After : Jul 26 22:10:20 2031 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:b4:f1:b8:35:a6:12:4c:83:ac:30:7b:5d:75:98:
                    9a:8c:ed:bc:31:3a:9d:98:a1:db:d6:29:b5:e6:c8:
                    27:3e:1d:4f:37:26:f5:2a:b9:fc:3e:bc:69:4f:06:
                    54:02:59:94:b7:15:31:0a:00:03:fd:ce:57:2e:db:
                    82:bc:26:09:d0:14:e6:91:f0:c7:eb:cc:e5:15:7a:
                    c5:3b:4c:9b:85:3d:72:2d:2b:2c:5b:32:8e:e5:d6:
                    f5:08:89:07:7c:1b:1b:6a:8d:38:85:fa:e6:2d:eb:
                    00:97:a1:14:a7:f0:61:f4:5f:0f:ca:26:21:55:2e:
                    88:d1:d0:26:71:16:2b:44:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Authority Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4c:da:3e:9c:2c:86:95:29:35:19:8b:4b:98:b7:47:59:97:a8:
        43:3e:a0:6c:05:6a:75:cf:8f:3a:2c:ca:b0:ba:8a:7b:28:f3:
        80:9b:1d:b5:be:7d:3f:42:25:80:c1:b0:fc:1a:c5:65:2a:35:
        79:b6:22:27:8c:9a:f4:5c:bf:fd:32:55:a2:70:ac:71:87:ea:
        e9:8a:c0:ad:e3:33:65:ea:76:3c:e1:0c:06:7a:04:d8:3c:86:
        8d:f1:47:79:54:a9:72:a0:da:db:ae:35:6b:e6:7f:f0:9f:bd:
        84:e0:b6:12:ac:91:d9:8a:77:e5:ee:ac:80:b1:3e:54:8d:4b:
        17:a4

650231679 | 2024-04-17T17:35:01.268859

443 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Date: Wed, 17 Apr 2024 17:35:00 GMT
Content-Type: text/html
Content-Length: 3850
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6101c5c3-f0a"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:d8:69:56:1d:a4:c1:92:5a:82:94:3d:f4:19:1f:da:88:70
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Dec 19 13:53:39 2023 GMT
            Not After : Mar 18 13:53:38 2024 GMT
        Subject: CN=ban-host.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:dd:50:1b:0c:4f:f3:96:c3:ad:56:31:54:e4:3e:
                    d5:b7:e6:8d:d7:1e:28:cf:7d:e7:6d:82:04:ea:6c:
                    f7:e5:c7:0e:4d:69:86:18:8f:92:80:55:02:2b:d8:
                    2c:9b:60:d8:e8:2f:83:18:1f:5e:52:ef:15:34:b0:
                    4b:81:c2:45:19:5c:c6:e8:9d:1f:e9:57:e2:81:67:
                    22:a5:df:14:a2:55:73:ef:62:b1:75:54:10:c0:16:
                    d0:4a:6d:10:81:25:d4:11:e5:33:13:bb:cf:23:15:
                    e3:36:0f:5f:b1:86:a9:ee:c3:9b:d8:11:fa:67:b3:
                    cd:2c:58:bf:59:cc:a8:b5:25:fb:8a:46:90:55:c5:
                    eb:ee:ce:1a:7d:f9:62:9e:64:eb:63:9e:a3:0c:71:
                    1d:2c:e1:e9:ff:a6:aa:5e:ff:8a:5a:a9:33:e1:e6:
                    54:2e:5b:37:44:34:68:44:72:02:ee:94:cb:ca:70:
                    f2:9d:e8:3c:76:ee:84:65:f3:e6:81:ed:88:7f:26:
                    ff:81:88:d6:c5:26:30:6a:83:cb:90:99:d2:6c:68:
                    08:00:c3:8a:c9:99:b4:7c:a3:2a:bc:70:e2:8a:b8:
                    b7:8c:ed:cf:44:e4:a4:a9:41:31:ad:4f:60:30:4f:
                    6b:75:b4:ae:0a:65:d8:20:80:4b:37:63:53:70:ff:
                    da:40:6a:25:4e:13:54:d1:1d:e5:e7:d2:b1:c4:f3:
                    77:c3:b9:23:eb:3a:59:00:60:e3:2d:04:76:2c:83:
                    49:4f:f7:6e:67:86:1f:9a:8c:d5:fc:93:2b:64:a7:
                    b2:72:6f:1f:76:3c:97:a8:5e:c9:be:b9:91:0f:8e:
                    17:c7:d0:c2:b7:5f:62:ff:5a:28:57:7d:a4:1b:3e:
                    e7:ef:60:57:41:5a:5a:a8:61:ef:cd:32:ac:1a:e9:
                    49:b4:57:fa:12:b8:84:c2:0f:fe:40:3c:0c:49:8c:
                    ff:26:c0:01:60:3a:5f:a4:ef:47:b8:32:d1:55:89:
                    23:4b:70:a8:56:b6:32:e1:c4:74:f7:42:29:ef:3d:
                    b8:01:f0:7a:e9:8e:64:c8:20:cc:5b:b0:e3:91:50:
                    26:66:13:55:2c:e3:45:0d:93:36:72:52:54:87:aa:
                    02:b7:09:10:05:20:f1:fd:3e:78:cb:55:63:ab:0c:
                    4b:2e:74:f3:b1:fa:14:75:cd:99:f4:c6:55:d0:0c:
                    7b:7a:8e:ab:16:ef:e4:67:ab:68:a7:90:94:33:ef:
                    4c:18:5d:f0:d5:2e:73:48:6c:8b:a6:2e:5a:c1:a0:
                    f9:6a:c2:45:98:94:8c:e3:4c:d2:c8:06:cf:83:c7:
                    66:32:85:24:48:63:6a:00:c8:80:c4:3d:7e:cb:4a:
                    19:13:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                70:3A:9E:BB:25:11:9C:AA:91:29:FE:1E:19:37:01:6A:44:4D:1A:B4
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:ban-host.ru, DNS:www.ban-host.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Dec 19 14:53:40.276 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:4B:0E:6D:D6:C2:79:67:1D:3A:03:B7:4F:
                                FA:8E:27:CA:C6:6E:66:AD:C1:8D:FF:CF:DC:D3:FB:34:
                                88:E3:A2:94:02:21:00:AA:CB:8B:DC:C0:45:52:99:C8:
                                0A:80:37:7C:E9:E9:E2:DE:3E:35:92:16:7B:8D:06:30:
                                57:F8:F8:55:A6:52:FD
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Dec 19 14:53:40.279 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6C:BF:37:61:95:E1:9B:41:35:5F:54:D6:
                                17:D9:0A:BC:A9:1E:02:57:1A:47:62:E4:4F:7D:6C:59:
                                B2:15:51:C4:02:20:31:17:98:96:07:BA:C5:33:EC:15:
                                9C:9B:CE:B9:5E:87:CC:DF:3C:9C:A2:D1:91:F0:A7:B2:
                                D0:D5:79:B1:93:38
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        3e:a9:f6:2e:1a:b7:fb:cf:82:5c:c0:76:f9:0a:51:95:5a:d7:
        ab:26:31:a1:57:f0:0c:20:dc:22:08:29:fd:86:68:36:6a:27:
        c6:46:ff:a7:62:eb:3e:a5:f8:e7:1a:ed:30:97:72:59:5f:b9:
        65:b6:01:e9:5f:66:39:5f:e3:ea:82:18:e4:41:61:f2:56:da:
        3a:0a:1a:b6:7f:39:5c:a1:55:ee:f7:bb:98:50:92:a3:e9:d4:
        62:0b:18:93:b3:7d:18:98:b1:d6:79:5c:45:98:d7:ce:75:d3:
        5f:68:ad:e7:34:c6:89:e4:ac:34:66:0b:bb:0a:b3:9d:cc:68:
        34:54:92:c8:11:7d:b0:e2:8b:37:1f:a8:a9:e9:62:88:fe:07:
        ad:be:96:85:97:06:83:62:25:8e:97:0a:ab:d4:ee:53:f3:f3:
        c4:d9:6f:61:b0:ac:cc:c3:04:0f:49:e2:e3:6b:d2:2c:9e:81:
        76:18:6d:6c:c2:91:fa:cd:84:d0:4d:28:4c:63:0f:85:62:c3:
        df:46:12:e6:87:3b:8d:fd:30:78:5d:fe:00:63:7b:e0:67:48:
        64:1c:a5:77:6c:2f:95:5f:88:28:49:8f:e7:a1:00:89:9c:41:
        92:aa:59:03:62:cd:d2:4d:f6:3c:d0:c9:e1:68:4f:1d:ee:f4:
        80:97:69:24

-148668125 | 2024-04-14T02:29:35.516258

465 / tcp

220 server-rus.ru ESMTP Exim 4.89 Sun, 14 Apr 2024 05:28:57 +0300
250-server-rus.ru Hello 224.229.126.152 [224.229.126.152]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e0:e6:36:03:41:e4:49:3e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Validity
            Not Before: Jul 28 22:10:20 2021 GMT
            Not After : Jul 26 22:10:20 2031 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:b4:f1:b8:35:a6:12:4c:83:ac:30:7b:5d:75:98:
                    9a:8c:ed:bc:31:3a:9d:98:a1:db:d6:29:b5:e6:c8:
                    27:3e:1d:4f:37:26:f5:2a:b9:fc:3e:bc:69:4f:06:
                    54:02:59:94:b7:15:31:0a:00:03:fd:ce:57:2e:db:
                    82:bc:26:09:d0:14:e6:91:f0:c7:eb:cc:e5:15:7a:
                    c5:3b:4c:9b:85:3d:72:2d:2b:2c:5b:32:8e:e5:d6:
                    f5:08:89:07:7c:1b:1b:6a:8d:38:85:fa:e6:2d:eb:
                    00:97:a1:14:a7:f0:61:f4:5f:0f:ca:26:21:55:2e:
                    88:d1:d0:26:71:16:2b:44:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Authority Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4c:da:3e:9c:2c:86:95:29:35:19:8b:4b:98:b7:47:59:97:a8:
        43:3e:a0:6c:05:6a:75:cf:8f:3a:2c:ca:b0:ba:8a:7b:28:f3:
        80:9b:1d:b5:be:7d:3f:42:25:80:c1:b0:fc:1a:c5:65:2a:35:
        79:b6:22:27:8c:9a:f4:5c:bf:fd:32:55:a2:70:ac:71:87:ea:
        e9:8a:c0:ad:e3:33:65:ea:76:3c:e1:0c:06:7a:04:d8:3c:86:
        8d:f1:47:79:54:a9:72:a0:da:db:ae:35:6b:e6:7f:f0:9f:bd:
        84:e0:b6:12:ac:91:d9:8a:77:e5:ee:ac:80:b1:3e:54:8d:4b:
        17:a4

-1227101888 | 2024-04-18T19:43:29.791582

587 / tcp

220 server-rus.ru ESMTP Exim 4.89 Thu, 18 Apr 2024 22:43:15 +0300
250-server-rus.ru Hello 224.206.165.50 [224.206.165.50]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5
250-STARTTLS
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e0:e6:36:03:41:e4:49:3e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Validity
            Not Before: Jul 28 22:10:20 2021 GMT
            Not After : Jul 26 22:10:20 2031 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:b4:f1:b8:35:a6:12:4c:83:ac:30:7b:5d:75:98:
                    9a:8c:ed:bc:31:3a:9d:98:a1:db:d6:29:b5:e6:c8:
                    27:3e:1d:4f:37:26:f5:2a:b9:fc:3e:bc:69:4f:06:
                    54:02:59:94:b7:15:31:0a:00:03:fd:ce:57:2e:db:
                    82:bc:26:09:d0:14:e6:91:f0:c7:eb:cc:e5:15:7a:
                    c5:3b:4c:9b:85:3d:72:2d:2b:2c:5b:32:8e:e5:d6:
                    f5:08:89:07:7c:1b:1b:6a:8d:38:85:fa:e6:2d:eb:
                    00:97:a1:14:a7:f0:61:f4:5f:0f:ca:26:21:55:2e:
                    88:d1:d0:26:71:16:2b:44:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Authority Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4c:da:3e:9c:2c:86:95:29:35:19:8b:4b:98:b7:47:59:97:a8:
        43:3e:a0:6c:05:6a:75:cf:8f:3a:2c:ca:b0:ba:8a:7b:28:f3:
        80:9b:1d:b5:be:7d:3f:42:25:80:c1:b0:fc:1a:c5:65:2a:35:
        79:b6:22:27:8c:9a:f4:5c:bf:fd:32:55:a2:70:ac:71:87:ea:
        e9:8a:c0:ad:e3:33:65:ea:76:3c:e1:0c:06:7a:04:d8:3c:86:
        8d:f1:47:79:54:a9:72:a0:da:db:ae:35:6b:e6:7f:f0:9f:bd:
        84:e0:b6:12:ac:91:d9:8a:77:e5:ee:ac:80:b1:3e:54:8d:4b:
        17:a4

1055293435 | 2024-03-28T02:28:45.309887

993 / tcp

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5
A001 OK Pre-login capabilities listed, post-login capabilities have more.
* ID ("name" "Dovecot")
A002 OK ID completed.
A003 BAD Error in IMAP command received by server.
* BYE Logging out
A004 OK Logout completed.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e0:e6:36:03:41:e4:49:3e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Validity
            Not Before: Jul 28 22:10:20 2021 GMT
            Not After : Jul 26 22:10:20 2031 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:b4:f1:b8:35:a6:12:4c:83:ac:30:7b:5d:75:98:
                    9a:8c:ed:bc:31:3a:9d:98:a1:db:d6:29:b5:e6:c8:
                    27:3e:1d:4f:37:26:f5:2a:b9:fc:3e:bc:69:4f:06:
                    54:02:59:94:b7:15:31:0a:00:03:fd:ce:57:2e:db:
                    82:bc:26:09:d0:14:e6:91:f0:c7:eb:cc:e5:15:7a:
                    c5:3b:4c:9b:85:3d:72:2d:2b:2c:5b:32:8e:e5:d6:
                    f5:08:89:07:7c:1b:1b:6a:8d:38:85:fa:e6:2d:eb:
                    00:97:a1:14:a7:f0:61:f4:5f:0f:ca:26:21:55:2e:
                    88:d1:d0:26:71:16:2b:44:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Authority Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4c:da:3e:9c:2c:86:95:29:35:19:8b:4b:98:b7:47:59:97:a8:
        43:3e:a0:6c:05:6a:75:cf:8f:3a:2c:ca:b0:ba:8a:7b:28:f3:
        80:9b:1d:b5:be:7d:3f:42:25:80:c1:b0:fc:1a:c5:65:2a:35:
        79:b6:22:27:8c:9a:f4:5c:bf:fd:32:55:a2:70:ac:71:87:ea:
        e9:8a:c0:ad:e3:33:65:ea:76:3c:e1:0c:06:7a:04:d8:3c:86:
        8d:f1:47:79:54:a9:72:a0:da:db:ae:35:6b:e6:7f:f0:9f:bd:
        84:e0:b6:12:ac:91:d9:8a:77:e5:ee:ac:80:b1:3e:54:8d:4b:
        17:a4

2062522430 | 2024-03-29T00:01:12.694147

995 / tcp

+OK Dovecot ready.
+OK
CAPA
TOP
UIDL
RESP-CODES
PIPELINING
AUTH-RESP-CODE
USER
SASL PLAIN LOGIN DIGEST-MD5 CRAM-MD5
.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e0:e6:36:03:41:e4:49:3e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Validity
            Not Before: Jul 28 22:10:20 2021 GMT
            Not After : Jul 26 22:10:20 2031 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=server-rus/emailAddress=root@server-rus
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:b4:f1:b8:35:a6:12:4c:83:ac:30:7b:5d:75:98:
                    9a:8c:ed:bc:31:3a:9d:98:a1:db:d6:29:b5:e6:c8:
                    27:3e:1d:4f:37:26:f5:2a:b9:fc:3e:bc:69:4f:06:
                    54:02:59:94:b7:15:31:0a:00:03:fd:ce:57:2e:db:
                    82:bc:26:09:d0:14:e6:91:f0:c7:eb:cc:e5:15:7a:
                    c5:3b:4c:9b:85:3d:72:2d:2b:2c:5b:32:8e:e5:d6:
                    f5:08:89:07:7c:1b:1b:6a:8d:38:85:fa:e6:2d:eb:
                    00:97:a1:14:a7:f0:61:f4:5f:0f:ca:26:21:55:2e:
                    88:d1:d0:26:71:16:2b:44:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Authority Key Identifier: 
                4E:0D:02:52:9A:6A:9E:58:2E:C4:2E:14:46:CF:32:C1:53:9F:55:9B
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4c:da:3e:9c:2c:86:95:29:35:19:8b:4b:98:b7:47:59:97:a8:
        43:3e:a0:6c:05:6a:75:cf:8f:3a:2c:ca:b0:ba:8a:7b:28:f3:
        80:9b:1d:b5:be:7d:3f:42:25:80:c1:b0:fc:1a:c5:65:2a:35:
        79:b6:22:27:8c:9a:f4:5c:bf:fd:32:55:a2:70:ac:71:87:ea:
        e9:8a:c0:ad:e3:33:65:ea:76:3c:e1:0c:06:7a:04:d8:3c:86:
        8d:f1:47:79:54:a9:72:a0:da:db:ae:35:6b:e6:7f:f0:9f:bd:
        84:e0:b6:12:ac:91:d9:8a:77:e5:ee:ac:80:b1:3e:54:8d:4b:
        17:a4

1949845764 | 2024-03-27T00:33:58.660796

1500 / tcp

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Location: https://62.249.138.135/
Date: Wed, 27 Mar 2024 00:33:58 GMT

-2129060956 | 2024-04-13T23:56:30.731164

1701 / udp

\xc8\x02\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x01

62.249.138.135

Last Seen: 2024-04-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1200370764 | 2024-04-11T10:17:11.344405
21 / tcp

ProFTPD1.3.5b

-219281135 | 2024-04-15T04:59:53.565954
22 / tcp

OpenSSH7.4p1 Debian 10+deb9u7

1546509149 | 2024-04-17T15:19:45.786603
25 / tcp

Exim smtpd4.89

-96214290 | 2024-04-13T14:04:18.016308
53 / tcp

-96214290 | 2024-04-19T05:34:09.239843
53 / udp

650231679 | 2024-04-17T23:02:59.663375
80 / tcp

nginx

97492738 | 2024-04-13T16:35:04.308640
110 / tcp

-2037328890 | 2024-04-11T11:33:37.008555
123 / udp

115487969 | 2024-04-15T16:57:52.128846
143 / tcp

650231679 | 2024-04-17T17:35:01.268859
443 / tcp

nginx

-148668125 | 2024-04-14T02:29:35.516258
465 / tcp

Exim smtpd4.89

-1227101888 | 2024-04-18T19:43:29.791582
587 / tcp

Exim smtpd4.89

1055293435 | 2024-03-28T02:28:45.309887
993 / tcp

2062522430 | 2024-03-29T00:01:12.694147
995 / tcp

1949845764 | 2024-03-27T00:33:58.660796
1500 / tcp

-2129060956 | 2024-04-13T23:56:30.731164
1701 / udp

Products

Pricing

Contact Us

62.249.138.135

Last Seen: 2024-04-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1200370764 | 2024-04-11T10:17:11.344405 21 / tcp

ProFTPD1.3.5b

-219281135 | 2024-04-15T04:59:53.565954 22 / tcp

OpenSSH7.4p1 Debian 10+deb9u7

1546509149 | 2024-04-17T15:19:45.786603 25 / tcp

Exim smtpd4.89

-96214290 | 2024-04-13T14:04:18.016308 53 / tcp

-96214290 | 2024-04-19T05:34:09.239843 53 / udp

650231679 | 2024-04-17T23:02:59.663375 80 / tcp

nginx

97492738 | 2024-04-13T16:35:04.308640 110 / tcp

-2037328890 | 2024-04-11T11:33:37.008555 123 / udp

115487969 | 2024-04-15T16:57:52.128846 143 / tcp

650231679 | 2024-04-17T17:35:01.268859 443 / tcp

nginx

-148668125 | 2024-04-14T02:29:35.516258 465 / tcp

Exim smtpd4.89

-1227101888 | 2024-04-18T19:43:29.791582 587 / tcp

Exim smtpd4.89

1055293435 | 2024-03-28T02:28:45.309887 993 / tcp

2062522430 | 2024-03-29T00:01:12.694147 995 / tcp

1949845764 | 2024-03-27T00:33:58.660796 1500 / tcp

-2129060956 | 2024-04-13T23:56:30.731164 1701 / udp

Products

Pricing

Contact Us

-1200370764 | 2024-04-11T10:17:11.344405
21 / tcp

-219281135 | 2024-04-15T04:59:53.565954
22 / tcp

1546509149 | 2024-04-17T15:19:45.786603
25 / tcp

-96214290 | 2024-04-13T14:04:18.016308
53 / tcp

-96214290 | 2024-04-19T05:34:09.239843
53 / udp

650231679 | 2024-04-17T23:02:59.663375
80 / tcp

97492738 | 2024-04-13T16:35:04.308640
110 / tcp

-2037328890 | 2024-04-11T11:33:37.008555
123 / udp

115487969 | 2024-04-15T16:57:52.128846
143 / tcp

650231679 | 2024-04-17T17:35:01.268859
443 / tcp

-148668125 | 2024-04-14T02:29:35.516258
465 / tcp

-1227101888 | 2024-04-18T19:43:29.791582
587 / tcp

1055293435 | 2024-03-28T02:28:45.309887
993 / tcp

2062522430 | 2024-03-29T00:01:12.694147
995 / tcp

1949845764 | 2024-03-27T00:33:58.660796
1500 / tcp

-2129060956 | 2024-04-13T23:56:30.731164
1701 / udp