GeneralInformation

Hostnames	new.kimo.ru
Domains	kimo.ru
Country	Russian Federation
City	Moscow
Organization	JSC Datacenter
ISP	JSC IOT
ASN	AS29182

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51766	5.3Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
CVE-2022-37452	9.8Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
CVE-2022-37451	7.5Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.
CVE-2021-38371	7.5The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.
CVE-2021-27216	6.3Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options.
CVE-2020-28026	9.8Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary commands as root.
CVE-2020-28025	7.5Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory.
CVE-2020-28024	9.8Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.
CVE-2020-28023	7.5Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client.
CVE-2020-28022	9.8Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
CVE-2020-28021	8.8Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command.
CVE-2020-28019	7.5Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA.
CVE-2020-28018	9.8Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.
CVE-2020-28017	9.8Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.
CVE-2020-28016	7.8Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parse_fix_phrase.
CVE-2020-28015	7.8Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character.
CVE-2020-28014	6.1Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.
CVE-2020-28013	7.8Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.
CVE-2020-28012	7.8Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rda_interpret uses a privileged pipe that lacks a close-on-exec flag.
CVE-2020-28011	7.8Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S. This may cause privilege escalation from exim to root.
CVE-2020-28010	7.8Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small (on some common platforms).
CVE-2020-28009	7.8Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because get_stdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow (multiple days).
CVE-2020-28008	7.8Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory (owned by a non-root user), an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution.
CVE-2020-28007	7.8Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem.

OpenPorts

21 25 80 110 443 465 587 993 995 3306

-321291637 | 2024-04-22T23:30:14.643833

21 / tcp

220 FTP Server ready.
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
 CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
 EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
 XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
 NOOP    FEAT    OPTS    AUTH    CCC*    CONF*   ENC*    MIC*    
 PBSZ    PROT    TYPE    STRU    MODE    RETR    STOR    STOU    
 APPE    REST    ABOR    USER    PASS    ACCT*   REIN*   LIST    
 NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@localhost
211-Features:
 MDTM
 SSCN
 TVFS
 MFMT
 SIZE
 PROT
 CCC
 PBSZ
 AUTH TLS
 MFF modify;UNIX.group;UNIX.mode;
 REST STREAM
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
 UTF8
 EPRT
 EPSV
 LANG zh-CN;zh-TW;bg-BG;en-US;es-ES;fr-FR;it-IT;ja-JP;ko-KR;ru-RU
211 End

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            c1:6b:0b:0e:14:a2:f3:cf
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=example.com/emailAddress=root@dom-parfuma.ru
        Validity
            Not Before: Jan 28 12:15:18 2019 GMT
            Not After : Jan 25 12:15:18 2029 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=example.com/emailAddress=root@dom-parfuma.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:ba:8a:b7:0c:15:9f:51:96:a1:a2:c8:89:47:29:
                    b9:ba:03:fb:66:cb:00:7c:d0:29:65:df:38:ec:1d:
                    6d:a0:ed:f3:29:76:0c:ff:56:d5:de:3c:59:87:75:
                    40:11:ba:eb:1c:63:b5:2f:aa:32:18:93:ba:ab:46:
                    8f:46:89:63:bd:d8:0d:6d:b2:83:28:c3:59:52:e7:
                    87:45:10:9c:25:2a:c8:89:34:00:a0:a7:67:af:21:
                    aa:37:41:55:7a:1e:24:6a:d6:48:5d:d8:59:72:fd:
                    0d:6f:eb:55:72:03:b8:3c:bd:a1:be:61:b7:12:86:
                    a0:20:87:9d:f0:ef:95:98:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A0:73:D6:1A:B6:A8:05:74:D8:32:70:36:08:17:9C:A4:64:8B:16:04
            X509v3 Authority Key Identifier: 
                A0:73:D6:1A:B6:A8:05:74:D8:32:70:36:08:17:9C:A4:64:8B:16:04
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        40:6d:64:fc:f5:d4:7e:3d:44:8f:16:19:65:fa:ab:ca:52:c0:
        1f:4d:37:d0:68:0b:33:13:02:29:9f:60:7b:f9:e0:26:cf:38:
        d4:2d:10:b9:28:82:1e:b7:f2:ac:da:47:98:2f:28:c4:74:0a:
        94:ff:59:4f:31:74:20:b9:05:f5:80:51:74:8f:b1:41:4e:0a:
        21:dd:7c:c0:5d:22:63:05:76:d7:df:14:2e:30:b4:44:3b:bb:
        6f:09:29:c7:06:8f:6a:05:a2:41:c9:87:4e:c1:ec:92:70:f9:
        21:a6:e8:e7:5b:cb:f4:c5:57:2a:ed:a4:e0:05:23:1f:d6:38:
        1a:3e

1619414638 | 2024-04-17T16:36:25.229847

25 / tcp

220 dom-parfuma.ru ESMTP Exim 4.94 Wed, 17 Apr 2024 19:35:43 +0300
250-dom-parfuma.ru Hello 224.158.162.84 [224.158.162.84]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-X_PIPE_CONNECT
250-AUTH PLAIN LOGIN CRAM-MD5
250-CHUNKING
250-STARTTLS
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            84:25:29:28:4f:ed:c3:2c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Validity
            Not Before: Jan 28 12:11:24 2019 GMT
            Not After : Jan 25 12:11:24 2029 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:d2:01:85:2d:35:8d:97:4d:76:73:59:7e:6d:7c:
                    b9:e7:50:56:fe:31:93:13:98:4c:8a:b9:b6:95:ae:
                    33:39:f7:f0:c8:fb:64:92:f0:0a:b4:b4:bb:8b:83:
                    27:b5:b5:3d:e3:12:d1:46:87:a3:b9:92:60:36:41:
                    40:d0:1b:8e:dc:d7:cb:ab:c7:b8:6f:c7:9f:72:f8:
                    de:dd:ca:22:df:32:df:70:af:7d:f1:fb:77:9a:3e:
                    e4:16:eb:06:cf:ce:68:31:44:8c:85:af:20:03:4e:
                    3e:48:6e:61:ef:fd:9a:98:37:5e:c2:48:d3:e6:b4:
                    b0:90:c2:8c:d0:66:8c:f7:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Authority Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6d:bf:ab:03:7d:6a:f4:cf:66:1a:2d:ff:a3:4f:ba:2c:b0:27:
        eb:48:3f:bc:92:e1:55:25:4e:1b:d1:66:4b:f8:c7:fb:00:41:
        a3:6c:6b:4e:7e:90:b3:c9:7a:34:0d:ca:02:fe:cd:98:bf:c9:
        a6:d2:05:07:6f:d5:cd:a9:a1:a8:9c:41:24:b6:bf:78:fa:59:
        82:61:68:b4:db:81:8f:33:ab:a3:f4:49:25:b7:1a:32:02:88:
        08:9c:5a:bd:aa:da:1a:df:fa:4f:35:b9:e4:b1:71:b4:f6:56:
        62:25:35:04:2e:c3:10:e7:51:04:ca:13:5c:a7:20:8c:00:35:
        83:3b

-811173839 | 2024-04-22T03:06:57.796589

80 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Date: Mon, 22 Apr 2024 03:06:57 GMT
Content-Type: text/html
Content-Length: 1289
Connection: keep-alive
ETag: "60d9be41-509"

-57774420 | 2024-04-13T17:25:01.909941

110 / tcp

+OK Dovecot ready.
+OK
CAPA
TOP
UIDL
RESP-CODES
PIPELINING
AUTH-RESP-CODE
STLS
USER
SASL PLAIN LOGIN CRAM-MD5
.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            84:25:29:28:4f:ed:c3:2c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Validity
            Not Before: Jan 28 12:11:24 2019 GMT
            Not After : Jan 25 12:11:24 2029 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:d2:01:85:2d:35:8d:97:4d:76:73:59:7e:6d:7c:
                    b9:e7:50:56:fe:31:93:13:98:4c:8a:b9:b6:95:ae:
                    33:39:f7:f0:c8:fb:64:92:f0:0a:b4:b4:bb:8b:83:
                    27:b5:b5:3d:e3:12:d1:46:87:a3:b9:92:60:36:41:
                    40:d0:1b:8e:dc:d7:cb:ab:c7:b8:6f:c7:9f:72:f8:
                    de:dd:ca:22:df:32:df:70:af:7d:f1:fb:77:9a:3e:
                    e4:16:eb:06:cf:ce:68:31:44:8c:85:af:20:03:4e:
                    3e:48:6e:61:ef:fd:9a:98:37:5e:c2:48:d3:e6:b4:
                    b0:90:c2:8c:d0:66:8c:f7:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Authority Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6d:bf:ab:03:7d:6a:f4:cf:66:1a:2d:ff:a3:4f:ba:2c:b0:27:
        eb:48:3f:bc:92:e1:55:25:4e:1b:d1:66:4b:f8:c7:fb:00:41:
        a3:6c:6b:4e:7e:90:b3:c9:7a:34:0d:ca:02:fe:cd:98:bf:c9:
        a6:d2:05:07:6f:d5:cd:a9:a1:a8:9c:41:24:b6:bf:78:fa:59:
        82:61:68:b4:db:81:8f:33:ab:a3:f4:49:25:b7:1a:32:02:88:
        08:9c:5a:bd:aa:da:1a:df:fa:4f:35:b9:e4:b1:71:b4:f6:56:
        62:25:35:04:2e:c3:10:e7:51:04:ca:13:5c:a7:20:8c:00:35:
        83:3b

-811173839 | 2024-04-23T05:22:15.357125

443 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Date: Tue, 23 Apr 2024 05:22:15 GMT
Content-Type: text/html
Content-Length: 1289
Connection: keep-alive
ETag: "60d9be41-509"

SSL Certificate

Certificate:
    Data:
        Version: 1 (0x0)
        Serial Number:
            f9:ba:b7:6b:a9:7a:1b:38
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, CN=domain.com, L=XX, O=XX, OU=XX, ST=XX/emailAddress=webmaster@domain.com
        Validity
            Not Before: Nov 17 13:38:27 2020 GMT
            Not After : Nov 16 13:38:27 2021 GMT
        Subject: C=XX, CN=domain.com, L=XX, O=XX, OU=XX, ST=XX/emailAddress=webmaster@domain.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a3:04:4f:c9:e0:96:f0:1d:0e:04:70:16:7c:d2:
                    fd:7f:1c:be:fa:4a:f3:2e:dd:34:6b:5f:3b:78:d2:
                    a0:17:21:45:d2:0a:65:c6:2a:46:bd:66:f1:1a:7a:
                    b9:ca:b8:ea:1e:39:51:b8:54:ba:b7:b2:92:d1:cb:
                    4f:13:23:5a:75:64:eb:14:14:c2:98:e2:62:e8:6b:
                    2c:66:98:b0:b0:91:d2:c6:1a:40:83:aa:b9:7f:69:
                    22:53:29:46:7e:a4:12:5d:bf:c2:91:90:76:b8:fc:
                    b0:c0:e1:c1:67:3b:d5:fb:49:7a:ed:21:27:8d:39:
                    fd:b4:36:36:55:67:ee:9f:2f:62:ca:f7:70:34:a5:
                    13:e3:a7:82:7a:74:9f:9e:05:06:97:46:d2:9c:07:
                    28:40:8e:bd:b2:28:c3:f4:0e:8f:78:ad:7c:9b:61:
                    7a:41:97:68:e9:15:7b:fc:35:f3:d4:52:28:16:94:
                    72:a5:20:d5:76:30:76:da:f2:da:4b:5d:f4:a8:f2:
                    dc:16:9e:7e:bb:d2:68:e1:89:77:a8:42:e2:25:5a:
                    61:ac:2c:7e:57:64:d3:87:1a:da:a5:35:ce:37:19:
                    ac:4b:58:10:85:50:fb:3d:7c:aa:58:23:82:45:a7:
                    0e:27:80:75:c2:ae:5d:26:cb:06:0c:8c:20:b3:91:
                    ba:37
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        8d:e2:8a:20:f5:77:ed:07:70:06:0e:96:3b:9d:d5:83:4b:6d:
        da:32:09:8f:84:a2:68:e1:0b:d6:5c:87:9c:b2:6e:32:3c:f5:
        0b:a6:8e:30:a7:f9:e9:47:b8:2e:26:75:8b:fb:ae:da:a6:9f:
        6a:32:18:09:54:76:5a:c6:21:c5:56:c9:79:e2:03:d6:c9:cd:
        1b:3d:54:30:05:0c:14:b9:e5:ea:7f:94:a8:fa:a8:4d:98:0b:
        c8:8d:ab:ea:7d:04:12:84:30:e1:5f:5f:47:87:fd:b6:9b:ac:
        57:fb:e3:92:57:c9:58:b0:59:75:a0:c3:8b:42:cb:cf:49:64:
        cc:a4:8a:c8:25:25:31:7b:41:5c:0c:73:bd:1a:bb:1d:0e:3d:
        0e:75:54:d3:5d:a0:c9:b9:7e:57:34:0c:36:50:1c:4a:03:e9:
        c7:7b:da:2e:a3:0f:d7:f5:df:ee:27:59:5e:09:10:ba:61:15:
        69:b9:a0:12:b4:27:37:09:d7:5a:a5:7d:b5:4b:39:79:a6:2e:
        df:1c:b4:c8:30:20:ff:4f:05:b6:25:c2:37:36:32:9c:5f:4f:
        85:d2:32:e2:0f:54:b6:5f:be:94:16:92:e8:70:ea:99:5b:87:
        a0:62:83:e6:d6:5c:4d:18:ad:ec:0f:4e:5c:e6:6e:e7:b5:84:
        d0:ac:74:b2

-1631382350 | 2024-04-19T06:47:27.082726

465 / tcp

220 dom-parfuma.ru ESMTP Exim 4.94 Fri, 19 Apr 2024 09:47:07 +0300
250-dom-parfuma.ru Hello 224.56.57.182 [224.56.57.182]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-X_PIPE_CONNECT
250-AUTH PLAIN LOGIN CRAM-MD5
250-CHUNKING
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            84:25:29:28:4f:ed:c3:2c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Validity
            Not Before: Jan 28 12:11:24 2019 GMT
            Not After : Jan 25 12:11:24 2029 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:d2:01:85:2d:35:8d:97:4d:76:73:59:7e:6d:7c:
                    b9:e7:50:56:fe:31:93:13:98:4c:8a:b9:b6:95:ae:
                    33:39:f7:f0:c8:fb:64:92:f0:0a:b4:b4:bb:8b:83:
                    27:b5:b5:3d:e3:12:d1:46:87:a3:b9:92:60:36:41:
                    40:d0:1b:8e:dc:d7:cb:ab:c7:b8:6f:c7:9f:72:f8:
                    de:dd:ca:22:df:32:df:70:af:7d:f1:fb:77:9a:3e:
                    e4:16:eb:06:cf:ce:68:31:44:8c:85:af:20:03:4e:
                    3e:48:6e:61:ef:fd:9a:98:37:5e:c2:48:d3:e6:b4:
                    b0:90:c2:8c:d0:66:8c:f7:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Authority Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6d:bf:ab:03:7d:6a:f4:cf:66:1a:2d:ff:a3:4f:ba:2c:b0:27:
        eb:48:3f:bc:92:e1:55:25:4e:1b:d1:66:4b:f8:c7:fb:00:41:
        a3:6c:6b:4e:7e:90:b3:c9:7a:34:0d:ca:02:fe:cd:98:bf:c9:
        a6:d2:05:07:6f:d5:cd:a9:a1:a8:9c:41:24:b6:bf:78:fa:59:
        82:61:68:b4:db:81:8f:33:ab:a3:f4:49:25:b7:1a:32:02:88:
        08:9c:5a:bd:aa:da:1a:df:fa:4f:35:b9:e4:b1:71:b4:f6:56:
        62:25:35:04:2e:c3:10:e7:51:04:ca:13:5c:a7:20:8c:00:35:
        83:3b

1869375103 | 2024-04-19T16:46:43.670065

587 / tcp

220 dom-parfuma.ru ESMTP Exim 4.94 Fri, 19 Apr 2024 19:45:57 +0300
250-dom-parfuma.ru Hello 224.239.209.78 [224.239.209.78]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-X_PIPE_CONNECT
250-AUTH PLAIN LOGIN CRAM-MD5
250-CHUNKING
250-STARTTLS
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            84:25:29:28:4f:ed:c3:2c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Validity
            Not Before: Jan 28 12:11:24 2019 GMT
            Not After : Jan 25 12:11:24 2029 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:d2:01:85:2d:35:8d:97:4d:76:73:59:7e:6d:7c:
                    b9:e7:50:56:fe:31:93:13:98:4c:8a:b9:b6:95:ae:
                    33:39:f7:f0:c8:fb:64:92:f0:0a:b4:b4:bb:8b:83:
                    27:b5:b5:3d:e3:12:d1:46:87:a3:b9:92:60:36:41:
                    40:d0:1b:8e:dc:d7:cb:ab:c7:b8:6f:c7:9f:72:f8:
                    de:dd:ca:22:df:32:df:70:af:7d:f1:fb:77:9a:3e:
                    e4:16:eb:06:cf:ce:68:31:44:8c:85:af:20:03:4e:
                    3e:48:6e:61:ef:fd:9a:98:37:5e:c2:48:d3:e6:b4:
                    b0:90:c2:8c:d0:66:8c:f7:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Authority Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6d:bf:ab:03:7d:6a:f4:cf:66:1a:2d:ff:a3:4f:ba:2c:b0:27:
        eb:48:3f:bc:92:e1:55:25:4e:1b:d1:66:4b:f8:c7:fb:00:41:
        a3:6c:6b:4e:7e:90:b3:c9:7a:34:0d:ca:02:fe:cd:98:bf:c9:
        a6:d2:05:07:6f:d5:cd:a9:a1:a8:9c:41:24:b6:bf:78:fa:59:
        82:61:68:b4:db:81:8f:33:ab:a3:f4:49:25:b7:1a:32:02:88:
        08:9c:5a:bd:aa:da:1a:df:fa:4f:35:b9:e4:b1:71:b4:f6:56:
        62:25:35:04:2e:c3:10:e7:51:04:ca:13:5c:a7:20:8c:00:35:
        83:3b

-1708341480 | 2024-03-31T01:03:53.004127

993 / tcp

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready.
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5
A001 OK Pre-login capabilities listed, post-login capabilities have more.
* ID ("name" "Dovecot")
A002 OK ID completed.
A003 BAD Error in IMAP command received by server.
* BYE Logging out
A004 OK Logout completed.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            84:25:29:28:4f:ed:c3:2c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Validity
            Not Before: Jan 28 12:11:24 2019 GMT
            Not After : Jan 25 12:11:24 2029 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:d2:01:85:2d:35:8d:97:4d:76:73:59:7e:6d:7c:
                    b9:e7:50:56:fe:31:93:13:98:4c:8a:b9:b6:95:ae:
                    33:39:f7:f0:c8:fb:64:92:f0:0a:b4:b4:bb:8b:83:
                    27:b5:b5:3d:e3:12:d1:46:87:a3:b9:92:60:36:41:
                    40:d0:1b:8e:dc:d7:cb:ab:c7:b8:6f:c7:9f:72:f8:
                    de:dd:ca:22:df:32:df:70:af:7d:f1:fb:77:9a:3e:
                    e4:16:eb:06:cf:ce:68:31:44:8c:85:af:20:03:4e:
                    3e:48:6e:61:ef:fd:9a:98:37:5e:c2:48:d3:e6:b4:
                    b0:90:c2:8c:d0:66:8c:f7:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Authority Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6d:bf:ab:03:7d:6a:f4:cf:66:1a:2d:ff:a3:4f:ba:2c:b0:27:
        eb:48:3f:bc:92:e1:55:25:4e:1b:d1:66:4b:f8:c7:fb:00:41:
        a3:6c:6b:4e:7e:90:b3:c9:7a:34:0d:ca:02:fe:cd:98:bf:c9:
        a6:d2:05:07:6f:d5:cd:a9:a1:a8:9c:41:24:b6:bf:78:fa:59:
        82:61:68:b4:db:81:8f:33:ab:a3:f4:49:25:b7:1a:32:02:88:
        08:9c:5a:bd:aa:da:1a:df:fa:4f:35:b9:e4:b1:71:b4:f6:56:
        62:25:35:04:2e:c3:10:e7:51:04:ca:13:5c:a7:20:8c:00:35:
        83:3b

-1830824801 | 2024-04-21T05:02:52.486034

995 / tcp

+OK Dovecot ready.
+OK
CAPA
TOP
UIDL
RESP-CODES
PIPELINING
AUTH-RESP-CODE
USER
SASL PLAIN LOGIN CRAM-MD5
.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            84:25:29:28:4f:ed:c3:2c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Validity
            Not Before: Jan 28 12:11:24 2019 GMT
            Not After : Jan 25 12:11:24 2029 GMT
        Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=dom-parfuma.ru/emailAddress=root@dom-parfuma.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:d2:01:85:2d:35:8d:97:4d:76:73:59:7e:6d:7c:
                    b9:e7:50:56:fe:31:93:13:98:4c:8a:b9:b6:95:ae:
                    33:39:f7:f0:c8:fb:64:92:f0:0a:b4:b4:bb:8b:83:
                    27:b5:b5:3d:e3:12:d1:46:87:a3:b9:92:60:36:41:
                    40:d0:1b:8e:dc:d7:cb:ab:c7:b8:6f:c7:9f:72:f8:
                    de:dd:ca:22:df:32:df:70:af:7d:f1:fb:77:9a:3e:
                    e4:16:eb:06:cf:ce:68:31:44:8c:85:af:20:03:4e:
                    3e:48:6e:61:ef:fd:9a:98:37:5e:c2:48:d3:e6:b4:
                    b0:90:c2:8c:d0:66:8c:f7:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Authority Key Identifier: 
                05:11:CE:62:45:51:FF:8A:62:D3:06:4C:2F:D6:A7:1A:88:97:AD:BE
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6d:bf:ab:03:7d:6a:f4:cf:66:1a:2d:ff:a3:4f:ba:2c:b0:27:
        eb:48:3f:bc:92:e1:55:25:4e:1b:d1:66:4b:f8:c7:fb:00:41:
        a3:6c:6b:4e:7e:90:b3:c9:7a:34:0d:ca:02:fe:cd:98:bf:c9:
        a6:d2:05:07:6f:d5:cd:a9:a1:a8:9c:41:24:b6:bf:78:fa:59:
        82:61:68:b4:db:81:8f:33:ab:a3:f4:49:25:b7:1a:32:02:88:
        08:9c:5a:bd:aa:da:1a:df:fa:4f:35:b9:e4:b1:71:b4:f6:56:
        62:25:35:04:2e:c3:10:e7:51:04:ca:13:5c:a7:20:8c:00:35:
        83:3b

1499949834 | 2024-04-21T22:28:35.110038

3306 / tcp

MariaDB:
  Protocol Version: 10
  Version: 10.1.47-MariaDB
  Capabilities: 63487
  Server Language: 33
  Server Status: 2
  Extended Server Capabilities: 41023
  Authentication Plugin: mysql_native_password

77.246.157.75

Last Seen: 2024-04-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-321291637 | 2024-04-22T23:30:14.643833
21 / tcp

1619414638 | 2024-04-17T16:36:25.229847
25 / tcp

Exim smtpd4.94

-811173839 | 2024-04-22T03:06:57.796589
80 / tcp

nginx

-57774420 | 2024-04-13T17:25:01.909941
110 / tcp

-811173839 | 2024-04-23T05:22:15.357125
443 / tcp

nginx

-1631382350 | 2024-04-19T06:47:27.082726
465 / tcp

Exim smtpd4.94

1869375103 | 2024-04-19T16:46:43.670065
587 / tcp

Exim smtpd4.94

-1708341480 | 2024-03-31T01:03:53.004127
993 / tcp

-1830824801 | 2024-04-21T05:02:52.486034
995 / tcp

1499949834 | 2024-04-21T22:28:35.110038
3306 / tcp

MariaDB10.1.47-MariaDB

Products

Pricing

Contact Us

77.246.157.75

Last Seen: 2024-04-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-321291637 | 2024-04-22T23:30:14.643833 21 / tcp

1619414638 | 2024-04-17T16:36:25.229847 25 / tcp

Exim smtpd4.94

-811173839 | 2024-04-22T03:06:57.796589 80 / tcp

nginx

-57774420 | 2024-04-13T17:25:01.909941 110 / tcp

-811173839 | 2024-04-23T05:22:15.357125 443 / tcp

nginx

-1631382350 | 2024-04-19T06:47:27.082726 465 / tcp

Exim smtpd4.94

1869375103 | 2024-04-19T16:46:43.670065 587 / tcp

Exim smtpd4.94

-1708341480 | 2024-03-31T01:03:53.004127 993 / tcp

-1830824801 | 2024-04-21T05:02:52.486034 995 / tcp

1499949834 | 2024-04-21T22:28:35.110038 3306 / tcp

MariaDB10.1.47-MariaDB

Products

Pricing

Contact Us

-321291637 | 2024-04-22T23:30:14.643833
21 / tcp

1619414638 | 2024-04-17T16:36:25.229847
25 / tcp

-811173839 | 2024-04-22T03:06:57.796589
80 / tcp

-57774420 | 2024-04-13T17:25:01.909941
110 / tcp

-811173839 | 2024-04-23T05:22:15.357125
443 / tcp

-1631382350 | 2024-04-19T06:47:27.082726
465 / tcp

1869375103 | 2024-04-19T16:46:43.670065
587 / tcp

-1708341480 | 2024-03-31T01:03:53.004127
993 / tcp

-1830824801 | 2024-04-21T05:02:52.486034
995 / tcp

1499949834 | 2024-04-21T22:28:35.110038
3306 / tcp