Hostnames |
0370.ru mail.0370.ru |
Domains | 0370.ru |
Country | Russian Federation |
City | Tomsk |
Organization | JSC Avantel. Tomsk metropolitan network. |
ISP | JSC Avantel |
ASN | AS25549 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
CVE-2021-3618 | 5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. |
CVE-2021-23017 | 6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. |
778982793 | 2024-05-28T05:00:53.57141625 / tcp
220 mail.0370.ru ESMTP MTA 250-mail.0370.ru 250-PIPELINING 250-SIZE 20971520 250-STARTTLS 250-ENHANCEDSTATUSCODES 250 8BITMIME
Certificate: Data: Version: 1 (0x0) Serial Number: 1000 (0x3e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=mail.0370.ru Validity Not Before: Jun 6 10:32:41 2023 GMT Not After : Jun 5 10:32:41 2025 GMT Subject: CN=mail.0370.ru Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c0:54:42:8f:58:d1:c0:3b:93:46:30:4a:c1:5a: e7:dc:4e:cf:de:b0:9d:b4:63:89:d9:07:e1:52:e6: 78:38:63:a8:8a:3f:70:ad:58:41:62:13:ee:78:db: 35:f8:21:a0:5f:0a:b7:58:8e:38:be:6b:69:59:a5: 18:4e:6c:83:05:fd:df:af:4f:12:c6:89:32:51:25: 63:d9:cf:cd:9f:8d:24:3e:76:36:42:90:bc:51:0d: 47:08:fe:09:24:fc:1f:11:14:eb:af:98:57:76:06: ca:5c:63:6f:7f:54:c3:bf:bf:cd:fe:45:f3:df:b5: 87:29:58:60:11:fc:a3:89:eb:d6:3f:2f:56:5e:00: 74:12:73:25:f5:9a:0a:61:cb:f3:a4:31:6f:cd:1b: 36:1e:5d:4c:74:fd:54:1a:3c:83:f2:fb:34:ab:5f: 82:f4:dd:1d:59:02:7e:25:b9:c1:93:20:43:e7:75: 66:3f:4e:2c:6d:0e:39:2f:91:21:a6:27:c7:41:85: 95:ad:8b:20:fd:a8:d0:e8:db:a0:a7:b8:97:b5:d9: b7:ba:5c:98:62:a8:ed:99:42:3a:ce:05:fa:d5:aa: e6:5a:03:d2:55:e4:b8:2d:9a:a3:77:1b:7f:1b:fd: 79:20:62:43:14:aa:04:be:57:44:59:15:b8:58:48: 31:35 Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption Signature Value: a7:6b:0a:73:b2:d1:75:0b:43:ca:ec:49:71:8a:f9:0c:51:a4: 98:65:e9:cb:16:4a:21:92:09:e7:5f:45:f0:39:cf:45:10:7c: 29:15:4d:e9:19:17:5b:5b:f4:b3:52:d3:16:f0:de:e9:5d:0f: 93:7d:b9:bf:a6:a0:1d:b5:b7:37:f0:93:38:87:cd:2e:0d:10: 42:4b:6a:57:c0:76:8f:cd:22:87:b5:cd:ce:63:09:25:c3:a4: 06:72:1e:a4:e1:17:69:f5:1a:14:01:81:c4:65:84:d3:71:14: 62:99:51:a6:7f:64:fe:ae:05:f0:00:1e:3d:93:9d:cf:d6:58: fc:c4:74:cc:c5:c3:cc:4b:cb:70:fe:58:57:d8:30:10:e9:32: ad:5f:d9:37:50:b3:78:7f:87:82:0d:d4:7d:b3:cb:86:32:df: 9b:25:3c:0a:6a:9a:ce:d2:39:06:ff:79:c4:94:5f:03:44:15: 61:4c:c2:90:9c:2e:df:81:ff:2d:56:d5:56:03:0e:ea:4f:41: 0a:71:80:67:ec:47:18:0c:22:3f:e9:78:e0:76:4e:ec:d9:aa: 4c:c1:45:38:52:a2:1c:c5:13:74:54:42:7a:26:c6:8f:c8:78: 97:e3:a3:f4:62:e1:0f:03:97:37:a8:bc:03:51:ae:14:74:1d: 2f:58:f5:2a
-1160248403 | 2024-06-04T11:12:27.17809053 / tcp
9.8.4-rpz2+rl005.12-P1 Recursion: enabled Resolver name: main-gw-vzh
-1160248403 | 2024-05-21T02:34:27.29180253 / udp
9.8.4-rpz2+rl005.12-P1 Recursion: enabled Resolver name: main-gw-vzh
1584412971 | 2024-06-05T09:02:17.77514780 / tcp
HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 Date: Wed, 05 Jun 2024 09:02:17 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: https://95.170.156.101/
1314007586 | 2024-05-28T01:26:21.377945143 / tcp
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=NTLM AUTH=LOGIN] Dovecot ready. * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=NTLM AUTH=LOGIN A001 OK Pre-login capabilities listed, post-login capabilities have more. * ID ("name" "Dovecot") A002 OK ID completed. A003 BAD Error in IMAP command received by server. * BYE Logging out A004 OK Logout completed.
Certificate: Data: Version: 3 (0x2) Serial Number: 13:6e:57:d2:37:42:91:07:85:fb:4c:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4 Validity Not Before: Oct 16 09:44:56 2023 GMT Not After : Nov 16 09:44:55 2024 GMT Subject: CN=*.0370.ru Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (4096 bit) Modulus: 00:ec:a5:b2:80:cd:0e:51:83:24:46:d6:bf:1a:dc: f6:fa:4d:ea:58:da:0d:e9:2a:d6:27:f9:28:3c:22: c5:b4:e7:e8:cc:b0:55:8a:69:02:30:97:76:86:24: 00:91:96:64:96:26:69:5a:06:7a:4f:33:25:44:93: e5:86:51:76:12:2e:e9:0f:ab:ff:79:f2:20:4c:0d: 11:97:27:17:fb:56:58:82:68:8e:50:27:6a:66:c8: 02:d6:62:0d:75:a9:5f:a0:4e:2b:f7:13:d9:dc:fd: 6d:77:4c:2e:23:35:09:a2:19:c1:c7:12:b5:69:5e: c6:b6:95:f0:dc:c6:5d:52:07:f6:5a:49:4f:e2:64: 4e:f8:9d:22:69:55:42:62:dd:76:8d:52:f5:a9:1a: 6e:3a:92:77:df:67:ae:7d:d9:e8:0d:4d:f6:98:d6: 59:50:1e:85:bc:b6:ce:b9:1a:40:95:25:f7:40:7a: 18:7e:74:3f:49:01:50:b6:46:0b:f4:02:70:a6:02: 7d:64:46:fe:09:de:59:b7:c8:23:b3:b0:d6:bc:50: 6e:c4:54:14:d2:ca:31:8f:a8:65:65:98:2e:b3:a7: 0d:2b:99:8a:0e:10:ee:49:a5:12:20:83:49:57:8a: f2:b9:68:69:58:85:87:7e:27:19:89:16:9e:8d:6f: cd:be:63:e6:11:d0:97:ab:b8:85:c1:a1:11:27:28: a5:4b:90:6a:55:17:58:be:38:d0:42:d5:c3:d9:4f: 10:03:6c:f5:66:2d:a0:ac:ae:57:31:3e:95:bf:43: 50:28:34:ab:02:e7:9a:53:1b:d3:74:cb:22:d8:99: f9:e8:14:fe:ed:4d:eb:1b:f2:67:07:05:08:d6:bd: 10:42:51:1d:eb:a1:f7:af:34:b0:e2:54:79:ce:f2: ae:13:1a:ef:04:d1:5b:5e:e1:89:85:bb:ac:56:6c: 8e:c6:51:a3:6a:97:a7:f2:aa:b4:b3:42:d2:b6:03: ae:5f:83:b1:fb:6a:b0:45:82:e8:84:2b:5f:85:28: 25:bb:07:01:61:68:5c:53:79:ab:62:45:56:66:3c: 83:96:8f:e8:73:ac:ff:cf:e7:e0:33:22:82:df:72: f0:03:ca:ae:99:3f:27:bc:64:70:75:ed:97:5a:9c: bb:15:46:1a:b3:7a:a9:f1:69:7c:3c:dd:9c:25:6a: c2:b2:14:11:57:60:53:ca:2b:9b:c7:92:f2:f2:3d: 8d:24:fa:13:ef:89:9d:be:f1:08:f8:27:8e:49:6b: dd:a1:a3:95:e0:76:ff:dc:a3:7b:e7:cd:29:02:11: 8b:4b:1c:76:2d:7b:78:2f:cb:c1:d6:2c:2c:42:72: d3:f0:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE Authority Information Access: CA Issuers - URI:http://secure.globalsign.com/cacert/alphasslcasha256g4.crt OCSP - URI:http://ocsp.globalsign.com/alphasslcasha256g4 X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.4146.10.1.3 CPS: https://www.globalsign.com/repository/ X509v3 CRL Distribution Points: Full Name: URI:http://crl.globalsign.com/alphasslcasha256g4.crl X509v3 Subject Alternative Name: DNS:*.0370.ru, DNS:0370.ru X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Authority Key Identifier: 4F:CB:AC:A8:C2:EF:AB:DD:83:6F:6B:BF:CE:98:3D:5C:58:25:76:15 X509v3 Subject Key Identifier: 68:61:AD:5E:43:43:33:96:98:A8:53:7B:E8:F2:1F:7D:D2:68:E5:30 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Oct 16 09:44:58.217 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:21:50:25:C6:34:BA:FD:6A:F7:B0:F1:82: 5F:F5:49:5C:EC:4F:13:49:F4:73:A0:78:74:76:08:F7: E8:1B:D0:50:02:21:00:DD:E4:28:ED:C8:D2:FC:41:F9: E8:80:71:B0:B7:A2:AF:80:4B:CC:01:C5:9D:20:12:E7: 44:6B:AB:A3:BE:6D:B9 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB: 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73 Timestamp : Oct 16 09:44:58.235 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:E2:42:0D:89:DB:A2:26:FF:F7:A7:EA: 9A:07:DB:0F:86:F0:89:96:56:D4:78:5A:32:40:0B:6D: 44:8D:5B:CC:95:02:21:00:A0:83:CF:C0:6D:B0:0C:0C: AE:1A:F2:4B:92:41:6D:40:E9:95:DA:9F:FF:9D:2F:4A: 47:77:49:A9:AF:9D:DF:C8 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70: 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB Timestamp : Oct 16 09:44:58.248 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:F8:AB:1D:2E:9E:99:BD:32:7E:8E:0B: E1:3F:49:F9:7C:54:70:1C:FD:CF:EE:AB:D9:63:04:B2: BF:A1:37:F0:38:02:20:77:9A:97:61:CD:A9:37:87:1D: 9D:B2:C6:F2:5A:C8:5E:2B:83:7D:83:EE:03:D8:44:21: 2D:87:87:67:E4:40:FE Signature Algorithm: sha256WithRSAEncryption Signature Value: 44:21:39:3f:27:da:f4:09:66:47:a5:f8:2b:4d:ab:3e:f8:23: 6e:89:c1:b0:5c:a3:58:84:2a:ca:0b:47:fe:f2:65:1f:32:f5: 05:0d:0b:1f:28:08:ab:02:1f:61:5b:1c:29:ae:f9:9b:64:40: d3:46:1d:69:4b:69:77:75:fb:4a:ff:23:64:26:e9:b8:3d:8e: 3b:74:75:25:41:32:da:88:c7:74:54:76:41:e2:22:c3:a0:20: 29:d6:c3:2f:cd:24:8a:1b:f5:f6:36:34:72:40:fa:e1:83:9a: 6a:13:57:e7:b7:2d:f3:1c:27:56:c0:9a:2f:27:b1:8a:29:4d: 7c:09:be:78:65:27:08:3e:fd:36:f3:89:2a:d2:d7:6d:d3:57: bb:d7:56:7e:6c:2e:32:55:fd:2c:bd:26:8c:5b:f9:85:4a:e7: 91:d5:94:d7:c6:7b:89:9b:4d:7f:22:c7:15:38:a9:2f:f4:27: 27:72:9a:ce:72:3d:52:0c:8e:26:92:29:10:8e:5f:d4:ab:ef: bb:9e:cc:76:bf:9e:92:2a:38:22:25:ad:d9:68:ea:46:63:e3: 15:3e:87:fa:50:df:37:31:4f:b6:44:55:00:8c:7a:d8:c7:7e: e4:e1:82:cc:69:30:2f:3c:d2:92:77:93:be:eb:3d:57:de:54: 9b:e6:77:a9
906388357 | 2024-05-27T10:41:52.841002221 / tcp
220 (vsFTPd 3.0.3) 530 Login incorrect. 530 Please login with USER and PASS. 211-Features: EPRT EPSV MDTM PASV REST STREAM SIZE TVFS 211 End
-1196936736 | 2024-06-06T10:46:54.076031443 / tcp
HTTP/1.1 401 Unauthorized Server: nginx/1.18.0 Date: Thu, 06 Jun 2024 10:46:53 GMT Content-Type: text/html Content-Length: 581 Connection: keep-alive WWW-Authenticate: Basic realm="Restricted Area"
Certificate: Data: Version: 3 (0x2) Serial Number: 90:5b:7b:a2:1a:8a:e9:a5 Signature Algorithm: sha1WithRSAEncryption Issuer: C=RU, ST=Tomsk, L=Tomsk, O=CSM, OU=IT, CN=0370.ru/emailAddress=tcppmm@gmail.com Validity Not Before: Jun 17 04:43:33 2013 GMT Not After : Nov 1 04:43:33 2040 GMT Subject: C=RU, ST=Tomsk, L=Tomsk, O=CSM, OU=IT, CN=0370.ru/emailAddress=tcppmm@gmail.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:bd:29:42:1a:6a:9a:a1:f7:0c:73:a1:c1:2d:10: 07:6b:9f:8d:37:aa:3b:48:6e:06:90:98:09:ec:50: 46:e6:43:aa:63:dc:fe:ec:97:47:ba:74:20:c9:3e: 8a:99:92:56:c6:f6:fe:84:d3:0b:d2:01:96:2c:7f: 1d:0f:02:2e:a8:3b:54:85:3f:c9:39:55:4b:0e:c7: 63:f3:0e:2c:04:f7:f9:43:d8:74:b2:12:92:2b:d8: 87:aa:d3:b9:db:60:6f:f0:99:b2:75:66:cc:bb:89: bd:f2:11:c4:3d:61:94:56:67:b8:a1:fd:7c:29:d0: 47:44:e6:ab:ff:f2:9a:86:f7:4d:53:cb:8b:7e:35: a7:9e:2e:64:6b:5f:fa:1b:99:ab:6a:0b:1e:96:a3: 72:10:38:40:f4:b5:12:96:3f:45:f6:55:c3:cf:48: 7a:2c:e9:2a:44:38:72:73:29:d9:72:d6:72:79:54: 1e:40:7b:6e:90:b5:13:ca:b3:19:d9:49:77:1c:72: 4a:2a:63:26:7a:22:6a:2a:b2:45:5d:ed:46:fa:0e: 24:66:34:48:81:e3:08:15:61:70:0e:ff:57:43:1d: c5:6e:1f:f3:ed:c2:21:58:20:c7:59:8b:f6:1f:06: 8c:72:5a:22:5c:b1:6e:ea:78:89:8d:80:6e:c4:76: 87:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:01:08:AE:D9:9A:86:91:AB:44:29:EF:49:AA:6B:CB:CF:88:FA:50 X509v3 Authority Key Identifier: 24:01:08:AE:D9:9A:86:91:AB:44:29:EF:49:AA:6B:CB:CF:88:FA:50 X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha1WithRSAEncryption Signature Value: 19:65:aa:28:a5:0a:a5:33:58:85:4f:2c:f8:7a:7d:44:28:72: a5:c0:34:8f:ad:61:44:20:3f:dc:0f:fd:a0:a4:82:e1:0a:75: 75:b6:80:da:c7:dd:ee:74:35:09:f7:20:d1:58:88:18:5e:b2: 8c:db:a3:ba:cf:70:9c:bb:b3:bc:5b:a4:5e:1e:60:ac:12:2e: 3b:d2:7c:a0:40:64:3b:a9:fa:ff:fc:81:35:14:3b:3c:69:ec: 48:f5:19:bd:9e:da:c1:cf:37:e6:b1:a1:a5:f3:87:04:a6:83: 4f:d6:93:f3:dc:ed:25:85:a7:98:3c:7d:d4:46:f8:ae:3e:13: 30:27:c5:71:44:2b:b5:4d:d4:e1:56:9c:c7:75:62:e4:a4:86: b8:62:0d:de:b5:44:04:df:b6:af:58:08:7b:7c:92:48:3f:3c: 5c:a3:e0:88:cc:02:24:c7:c0:78:e6:1b:2a:69:a5:36:76:29: a2:66:2b:34:31:0c:da:96:05:4d:74:15:dc:a2:de:62:4f:9a: 13:c5:e4:39:fc:4d:47:4d:63:32:3f:1a:75:2e:67:43:0a:12: ce:b9:22:55:b6:5f:3f:20:51:43:9c:af:44:fc:91:c6:f9:53: 27:0d:38:ca:9a:bd:a3:d0:31:d1:a5:d8:72:cb:fd:7e:b8:0c: 4c:d0:cd:4b
-1773244152 | 2024-05-31T10:26:55.003229500 / udp
VPN (IKE) Initiator SPI: 6430786b6a766a32 Responder SPI: 6e6b39337a336861 Next Payload: Notification (N) Version: 1.0 Exchange Type: Informational Flags: Encryption: False Commit: False Authentication: False Message ID: 00000000 Length: 40
-139997838 | 2024-06-03T00:52:41.811687587 / tcp
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=NTLM AUTH=LOGIN] Dovecot ready.\r\nEHLO BAD Error in IMAP command received by server.\r\n
-2129060956 | 2024-06-03T14:13:53.8415221701 / udp
\xc8\x02\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x01
1307464501 | 2024-05-20T22:09:50.2875615000 / tcp
VTUN server ver 3.X 04/12/2011