GeneralInformation

Hostnames	app.bashaonline.com ip216.ip-139-99-113.net sghost.rootserver.pw
Domains	bashaonline.com ip-139-99-113.net rootserver.pw
Country	Singapore
City	Singapore
Organization	OVH Singapore PTE. LTD
ISP	OVH SAS
ASN	AS16276
Operating System	Linux 4.18.0-553.lve.el8.x86_64 x86_64

WebTechnologies

Miscellaneous

HTTP/3

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(5)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

CVE-2021-32761

7.5Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis `*BIT*` command are vulnerable to integer overflow that can potentially be exploited to corrupt the heap, leak arbitrary heap contents or trigger remote code execution. The vulnerability involves changing the default `proto-max-bulk-len` configuration parameter to a very large value and constructing specially crafted commands bit commands. This problem only affects Redis on 32-bit platforms, or compiled as a 32-bit binary. Redis versions 5.0.`3m 6.0.15, and 6.2.5 contain patches for this issue. An additional workaround to mitigate the problem without patching the `redis-server` executable is to prevent users from modifying the `proto-max-bulk-len` configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.

CVE-2021-21309

5.4Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. Redis 4.0 or newer uses a configurable limit for the maximum supported bulk input size. By default, it is 512MB which is a safe value for all platforms. If the limit is significantly increased, receiving a large request from a client may trigger several integer overflow scenarios, which would result with buffer overflow and heap corruption. We believe this could in certain conditions be exploited for remote code execution. By default, authenticated Redis users have access to all configuration parameters and can therefore use the “CONFIG SET proto-max-bulk-len” to change the safe default, making the system vulnerable. **This problem only affects 32-bit Redis (on a 32-bit system, or as a 32-bit executable running on a 64-bit system).** The problem is fixed in version 6.2, and the fix is back ported to 6.0.11 and 5.0.11. Make sure you use one of these versions if you are running 32-bit Redis. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent clients from directly executing `CONFIG SET`: Using Redis 6.0 or newer, ACL configuration can be used to block the command. Using older versions, the `rename-command` configuration directive can be used to rename the command to a random string unknown to users, rendering it inaccessible. Please note that this workaround may have an additional impact on users or operational systems that expect `CONFIG SET` to behave in certain ways.

CVE-2021-3470

5.3A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use jemalloc or glibc malloc.

2020(3)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14147

7.7An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression.

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(3)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-10193

7.2A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer.

CVE-2019-10192

7.2A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer.

2016(1)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

2015(1)

CVE-2015-8080

7.5Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

22 53 80 110 143 443 465 993 2082 2083 2086 2087 6379

22 / tcp

-1879203540 | 2025-03-22T08:05:24.175427

SSH-2.0-OpenSSH_8.0
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCuTdXMQXgGRdl1kU4dQfnFroKvr18cHkS5RTgZtw/Ng2l3
27D1DcPBWlWPiH3TPWC5jNmpAhK2yaMF+Swn43/DWC4J7w0g7UIz8VJ8obKcpCQN+LfWw+okGaE1
cIwYgyf490319NZ3pyjH4qrvYvibnZMKkd6iu2hx0SkTXjc+/cGgZGXzek5HUUQLBRfwMuourUm1
/QHjSSBFEt02HbJdL9Lax5/1AB/8AQOS3wFh9+0grMuzkNNqRChzVC5UWLljiAgiwiW/ZUjFC2UT
sWMeke64IiSotPCCxCG8xGJMtpYVGfDU1Ra1WGiVeUz3ZJSIJR/x5MTV7mqZsFO8iec2Q6xcZcUV
Xgf/l4dRFcqAumsposI5vv9uOvZ168dtHUrlVyz9Qwt9k772jEYCwYdt5IyBd3nVSi7d0DjlZx5C
h8rin5dztuXmbMIhT0yPA7jJTuZz7he6BP/FmDeIRnGvSrfVEW6NVo0YGZTR7Zets5D0yDbvhD3p
IMdpqjGyQQs=
Fingerprint: af:cd:25:d4:29:eb:64:19:e5:e2:fc:07:34:33:ba:35

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group14-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group-exchange-sha1
	diffie-hellman-group14-sha1
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	aes256-gcm@openssh.com
	chacha20-poly1305@openssh.com
	aes256-ctr
	aes256-cbc
	aes128-gcm@openssh.com
	aes128-ctr
	aes128-cbc

MAC Algorithms:
	hmac-sha2-256-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha2-256
	hmac-sha1
	umac-128@openssh.com
	hmac-sha2-512

Compression Algorithms:
	none
	zlib@openssh.com

Vulnerabilities

2 4 6 1

53 / tcp

2105949461 | 2025-03-26T02:18:10.018908

PowerDNS Authoritative Server 4.7.3 (built Apr 25 2023 12:34:36 by root@bh-centos-8.dev.cpanel.net)
Resolver ID: sghost.rootserver.pw

53 / udp

2105949461 | 2025-03-15T10:56:45.973586

PowerDNS Authoritative Server 4.7.3 (built Apr 25 2023 12:34:36 by root@bh-centos-8.dev.cpanel.net)
Resolver ID: sghost.rootserver.pw

80 / tcp

2102528226 | 2025-03-23T21:55:12.945222

Hashes

hash

386890798

http.dom_hash

1138593847

http.html_hash

2102528226

http.server_hash

-133603840

http.title_hash

1271976826

Default Web Site Page

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
transfer-encoding: chunked
date: Sun, 23 Mar 2025 21:55:12 GMT
server: LiteSpeed

110 / tcp

1952082069 | 2025-03-25T19:17:16.896396

+OK Dovecot ready.
+OK
CAPA
TOP
UIDL
RESP-CODES
PIPELINING
AUTH-RESP-CODE
STLS
USER
SASL PLAIN LOGIN
.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:e0:1d:4a:6a:f9:f6:09:d5:a5:f0:99:e4:94:61:ab:0a:36
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Mar 15 05:00:28 2025 GMT
            Not After : Jun 13 05:00:27 2025 GMT
        Subject: CN=sghost.rootserver.pw
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cf:fe:2d:8d:11:c4:5a:2f:f9:cd:b6:1a:8b:80:
                    be:1a:74:d3:fe:a3:4a:f3:cc:72:9d:fa:9e:77:cf:
                    07:8e:bb:aa:b3:cb:60:0a:6a:3f:e8:80:d0:04:b9:
                    12:30:da:b4:ec:d6:90:37:25:14:37:38:26:51:c3:
                    ba:89:2b:50:6d:d4:52:ae:a9:d1:76:6b:13:e1:e9:
                    6b:b9:c9:ca:c3:e0:12:1b:e2:e1:f5:53:ec:11:9f:
                    0a:3c:18:8e:9b:c0:79:3d:55:a3:1b:45:fe:9e:db:
                    92:46:6d:12:f5:97:8c:8d:22:9c:5d:a9:47:2a:0f:
                    1b:26:9a:c5:0c:91:8a:85:ca:33:4d:6d:75:98:28:
                    8f:c4:41:c6:d9:43:53:cd:b6:a7:ea:95:13:31:03:
                    cf:47:68:86:ad:c9:5b:d3:81:b4:e9:52:32:4a:58:
                    30:15:c1:14:35:d0:1f:ac:12:a6:2d:88:a3:37:8c:
                    e2:30:a5:5f:0d:5c:00:57:94:92:6e:d3:27:22:1b:
                    ae:31:b9:88:ce:2e:37:a6:8e:a7:e6:ea:a6:be:a6:
                    1c:87:63:07:ff:17:e4:81:f9:0a:10:f4:dd:f1:fb:
                    65:53:78:1b:a3:cb:39:8c:42:e8:66:f8:33:82:35:
                    a8:32:0c:ba:50:d5:0e:a4:c3:10:ef:34:6a:c5:b7:
                    a4:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                97:04:A4:4C:F0:7F:08:80:C7:04:FD:55:48:0D:E9:82:AC:B6:84:70
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:sghost.rootserver.pw
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://r10.c.lencr.org/55.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar 15 05:58:58.998 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:70:84:53:9C:C5:C9:CF:79:2F:77:75:78:
                                5C:6C:D3:DF:FE:8C:70:46:C3:19:AC:A5:88:25:38:2E:
                                75:94:22:46:02:21:00:BC:0A:F0:5B:A6:97:53:AB:F7:
                                02:08:2E:04:AF:99:93:BE:97:B4:ED:2E:33:AD:C6:3A:
                                9D:68:F7:DF:AA:02:0E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Mar 15 05:58:58.977 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5C:16:48:33:DA:8C:F1:78:91:5C:29:F3:
                                FB:E4:5F:6D:68:4A:27:16:71:A1:9E:3F:21:8C:C4:C5:
                                C1:04:BA:F2:02:21:00:9E:18:37:DB:2B:57:7E:3D:00:
                                E1:6C:82:6F:6C:2D:C8:93:E9:66:03:73:4D:4C:08:8D:
                                01:00:C0:AC:E6:34:9C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        9e:f8:23:a8:8a:87:26:5e:ce:17:59:5a:c6:fa:cb:e0:ee:e3:
        ee:7f:fb:9b:aa:00:3a:01:6f:65:f1:1c:24:06:a8:5e:17:ac:
        86:d6:0b:12:b4:5e:5b:31:93:6c:f3:e9:01:ca:ef:40:82:2f:
        58:ed:e8:9f:53:6d:0b:a8:e3:04:95:b6:31:c5:6d:80:9b:78:
        12:f1:9c:b5:61:ef:ef:f2:07:4d:ee:b8:f3:c1:4d:9b:fe:d5:
        fc:78:37:60:7a:54:33:a2:c8:e5:74:16:5c:42:1b:3a:9d:ba:
        40:cc:80:ad:ee:cd:67:94:ab:f8:d9:c7:cf:14:c6:62:3f:4b:
        27:c6:1e:03:06:ea:85:03:1e:30:1a:21:05:5e:42:e2:43:1d:
        c1:04:0c:ec:70:4c:09:57:b4:f7:38:ce:4c:a2:2f:59:ec:74:
        8d:7b:a4:a2:1c:4b:8b:2a:76:4a:81:dc:9b:1f:3a:15:4b:3f:
        1e:cf:a3:81:30:35:dd:80:5f:58:1c:89:b5:25:b3:26:f8:fb:
        79:a6:0a:f4:13:2e:db:c9:c2:bc:52:b5:b2:37:07:dd:e7:95:
        d2:97:68:fb:aa:d3:4c:e9:c9:48:da:01:2e:3c:c8:b1:9e:e7:
        ef:1b:28:16:3a:db:20:2f:03:0a:55:cc:85:ea:0d:62:20:2a:
        1d:72:50:d7

143 / tcp

1559185454 | 2025-03-18T08:19:11.753442

* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
* CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN
A001 OK Pre-login capabilities listed, post-login capabilities have more.
* ID ("name" "Dovecot")
A002 OK ID completed.
A003 BAD Error in IMAP command received by server.
* BYE Logging out
A004 OK Logout completed.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:e0:1d:4a:6a:f9:f6:09:d5:a5:f0:99:e4:94:61:ab:0a:36
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Mar 15 05:00:28 2025 GMT
            Not After : Jun 13 05:00:27 2025 GMT
        Subject: CN=sghost.rootserver.pw
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cf:fe:2d:8d:11:c4:5a:2f:f9:cd:b6:1a:8b:80:
                    be:1a:74:d3:fe:a3:4a:f3:cc:72:9d:fa:9e:77:cf:
                    07:8e:bb:aa:b3:cb:60:0a:6a:3f:e8:80:d0:04:b9:
                    12:30:da:b4:ec:d6:90:37:25:14:37:38:26:51:c3:
                    ba:89:2b:50:6d:d4:52:ae:a9:d1:76:6b:13:e1:e9:
                    6b:b9:c9:ca:c3:e0:12:1b:e2:e1:f5:53:ec:11:9f:
                    0a:3c:18:8e:9b:c0:79:3d:55:a3:1b:45:fe:9e:db:
                    92:46:6d:12:f5:97:8c:8d:22:9c:5d:a9:47:2a:0f:
                    1b:26:9a:c5:0c:91:8a:85:ca:33:4d:6d:75:98:28:
                    8f:c4:41:c6:d9:43:53:cd:b6:a7:ea:95:13:31:03:
                    cf:47:68:86:ad:c9:5b:d3:81:b4:e9:52:32:4a:58:
                    30:15:c1:14:35:d0:1f:ac:12:a6:2d:88:a3:37:8c:
                    e2:30:a5:5f:0d:5c:00:57:94:92:6e:d3:27:22:1b:
                    ae:31:b9:88:ce:2e:37:a6:8e:a7:e6:ea:a6:be:a6:
                    1c:87:63:07:ff:17:e4:81:f9:0a:10:f4:dd:f1:fb:
                    65:53:78:1b:a3:cb:39:8c:42:e8:66:f8:33:82:35:
                    a8:32:0c:ba:50:d5:0e:a4:c3:10:ef:34:6a:c5:b7:
                    a4:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                97:04:A4:4C:F0:7F:08:80:C7:04:FD:55:48:0D:E9:82:AC:B6:84:70
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:sghost.rootserver.pw
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://r10.c.lencr.org/55.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar 15 05:58:58.998 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:70:84:53:9C:C5:C9:CF:79:2F:77:75:78:
                                5C:6C:D3:DF:FE:8C:70:46:C3:19:AC:A5:88:25:38:2E:
                                75:94:22:46:02:21:00:BC:0A:F0:5B:A6:97:53:AB:F7:
                                02:08:2E:04:AF:99:93:BE:97:B4:ED:2E:33:AD:C6:3A:
                                9D:68:F7:DF:AA:02:0E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Mar 15 05:58:58.977 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5C:16:48:33:DA:8C:F1:78:91:5C:29:F3:
                                FB:E4:5F:6D:68:4A:27:16:71:A1:9E:3F:21:8C:C4:C5:
                                C1:04:BA:F2:02:21:00:9E:18:37:DB:2B:57:7E:3D:00:
                                E1:6C:82:6F:6C:2D:C8:93:E9:66:03:73:4D:4C:08:8D:
                                01:00:C0:AC:E6:34:9C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        9e:f8:23:a8:8a:87:26:5e:ce:17:59:5a:c6:fa:cb:e0:ee:e3:
        ee:7f:fb:9b:aa:00:3a:01:6f:65:f1:1c:24:06:a8:5e:17:ac:
        86:d6:0b:12:b4:5e:5b:31:93:6c:f3:e9:01:ca:ef:40:82:2f:
        58:ed:e8:9f:53:6d:0b:a8:e3:04:95:b6:31:c5:6d:80:9b:78:
        12:f1:9c:b5:61:ef:ef:f2:07:4d:ee:b8:f3:c1:4d:9b:fe:d5:
        fc:78:37:60:7a:54:33:a2:c8:e5:74:16:5c:42:1b:3a:9d:ba:
        40:cc:80:ad:ee:cd:67:94:ab:f8:d9:c7:cf:14:c6:62:3f:4b:
        27:c6:1e:03:06:ea:85:03:1e:30:1a:21:05:5e:42:e2:43:1d:
        c1:04:0c:ec:70:4c:09:57:b4:f7:38:ce:4c:a2:2f:59:ec:74:
        8d:7b:a4:a2:1c:4b:8b:2a:76:4a:81:dc:9b:1f:3a:15:4b:3f:
        1e:cf:a3:81:30:35:dd:80:5f:58:1c:89:b5:25:b3:26:f8:fb:
        79:a6:0a:f4:13:2e:db:c9:c2:bc:52:b5:b2:37:07:dd:e7:95:
        d2:97:68:fb:aa:d3:4c:e9:c9:48:da:01:2e:3c:c8:b1:9e:e7:
        ef:1b:28:16:3a:db:20:2f:03:0a:55:cc:85:ea:0d:62:20:2a:
        1d:72:50:d7

443 / tcp

-1715221618 | 2025-03-23T20:25:27.480285

Hashes

hash

399873454

http.dom_hash

1882092635

http.favicon.hash

-184956970

http.html_hash

-1715221618

http.robots_hash

1714206274

http.server_hash

-133603840

http.title_hash

535374379

Redirecting to https://139.99.113.216

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://139.99.113.216
content-type: text/html; charset=utf-8
set-cookie: XSRF-TOKEN=eyJpdiI6IkZ3UWdyVGFSTGZGR2ZKZ0lZUTdVMVE9PSIsInZhbHVlIjoicUJyZ0tYNSt3b1hJT2VJZ3IzVDV4d0p1cDVTMUNxVldoWkNldDA4Ym9HWmxLMk54NnZsSTBtWUhpbGJidUhqbVg5elNmQVA2N0Y1VmN0bEFtTE9ROENRVGFZcHhMU09KK0haQmJ3anI1dFRsVGxVbVNOQ1FxcC9SMHdRMnB5Zm0iLCJtYWMiOiI2OThiMjY4ZTM3NTc5YjdmMzMwYzNmMTZhYjA3MDhlMzQ5NGY0OTkwODBkYTNlNjNiZTBiZjZlN2U4OTY2NjA0IiwidGFnIjoiIn0%3D; expires=Sun, 23 Mar 2025 22:25:27 GMT; Max-Age=7200; path=/; secure; samesite=lax
set-cookie: abason_session=eyJpdiI6Ik1qQkZKbFVXVEJwaXFFUFF6N3FTUWc9PSIsInZhbHVlIjoiY2JmdHNDUzFzTXNiaW5jNWxHdUdYNWc2NWNJeUhPNm4vZGlEaTFmcmtvU1VrWVErZk14Z2ovdURtUDArRERuZ3VxRHFCemZ0cU1weVEvb25aY2VmR05IOTNaNm1iU3pRUDhTVFE1WDNYeHhJdnZZTTRqU0dkSXBzdG1PeVptQTQiLCJtYWMiOiJkOTYwMjYxMGU3MmZmYzM3OTM3NTJiMGJlNTdmZDg1YTJkZGI1MGVkMDM3MGQwMDI4ODhmNDcwYzUzMmFlMmEzIiwidGFnIjoiIn0%3D; path=/; httponly; samesite=lax; secure
content-length: 334
date: Sun, 23 Mar 2025 20:25:27 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:e2:52:e1:11:27:88:40:9a:06:03:64:15:fe:26:cd:1d:ee
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Mar 20 15:34:47 2025 GMT
            Not After : Jun 18 15:34:46 2025 GMT
        Subject: CN=app.bashaonline.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a7:74:a5:e4:98:3e:04:63:de:d1:9d:e7:56:93:
                    a5:e7:a9:36:8d:61:5d:6c:d8:5c:2e:9f:13:fd:9b:
                    26:14:1b:54:5f:51:f3:27:7d:f8:72:67:1c:7f:f6:
                    43:f4:f2:ae:1e:1a:ca:46:c2:cf:20:78:5a:b4:5c:
                    e7:f1:75:e5:82:63:6d:d5:fa:f0:c0:7a:ef:22:39:
                    03:ef:30:e2:45:b6:aa:88:54:f9:02:a0:84:e7:fd:
                    3b:5b:9e:be:15:e7:7b:62:b4:5c:b8:25:55:ca:51:
                    9f:68:c7:7c:4c:3c:d8:2f:83:2d:03:b6:3a:d0:f3:
                    e9:74:03:91:35:98:03:83:ab:80:a2:35:92:d5:02:
                    12:9b:48:b9:9e:6a:86:62:d5:49:b5:dd:ec:9a:40:
                    11:ca:4a:92:0e:c7:84:6f:19:e9:3c:f2:ed:22:ca:
                    1a:d1:e6:23:29:8d:4a:88:54:cb:4a:69:71:c4:0b:
                    67:16:c0:81:a5:38:0e:2c:06:5b:6e:b1:db:ef:68:
                    43:04:b3:c6:70:b2:0d:68:71:d2:53:c3:29:b4:96:
                    0c:ad:8a:55:8c:12:48:61:1e:e9:4a:3d:34:81:a5:
                    49:ed:8d:10:0f:a6:ec:6f:ac:5f:d3:fb:1c:0d:ed:
                    3c:85:15:7b:bc:14:31:5e:26:81:1d:e6:e1:55:c8:
                    6f:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                98:04:3D:1E:7C:DB:E1:F3:AD:4C:56:5B:F8:74:7C:62:A8:71:76:5A
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:app.bashaonline.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://r11.c.lencr.org/111.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar 20 16:33:17.640 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:48:2F:16:1E:E6:71:F9:C1:61:A9:8C:19:
                                06:AA:6C:28:02:AB:73:0E:80:6D:17:19:65:01:33:79:
                                11:DE:77:6C:02:20:41:C9:55:44:A2:0A:5D:2F:53:9B:
                                E8:DF:AF:0C:5B:AA:B5:FC:CC:16:B2:CA:76:AF:A6:BF:
                                3A:F0:09:59:5F:CE
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
                                16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
                    Timestamp : Mar 20 16:33:17.908 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:2D:09:2E:7D:44:BD:3C:02:96:CE:C7:F8:
                                8E:96:A2:8A:14:37:D6:B4:1A:63:A6:85:5D:2B:B8:CA:
                                C6:41:F5:7B:02:20:38:FA:E9:DA:87:91:9C:E8:84:F1:
                                FC:A0:B9:55:B6:ED:3F:74:94:F0:7A:0A:D6:0B:DA:F2:
                                F1:B8:43:F6:6A:4C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        85:7a:cd:c1:a7:51:4d:0e:92:5c:b4:04:ef:9b:7d:5a:71:0a:
        48:c8:f9:78:ed:8f:90:28:ba:7f:d3:e4:81:45:12:d6:8a:2d:
        2c:e8:42:1b:55:71:13:96:9b:7a:5b:24:51:ec:2d:79:05:4b:
        22:48:f2:a0:02:a1:27:bf:17:3d:e7:fa:35:a0:17:0c:c1:8f:
        6f:6b:4e:d3:a3:58:70:0f:a8:61:c1:c0:6d:72:cd:cd:87:72:
        f2:c8:7e:94:3f:37:56:ef:1d:e2:c3:62:9d:f8:36:5b:e5:66:
        1c:7b:19:40:68:d5:ce:ad:74:bf:51:60:34:f3:d0:ce:d2:6b:
        c8:0f:07:92:70:3d:87:fd:4c:47:84:d4:41:39:61:3a:41:fc:
        2c:ce:be:38:e0:00:53:a8:d9:24:c9:45:32:96:9a:49:38:5d:
        38:ba:34:b3:fe:0b:e4:5c:95:0f:54:61:bc:9b:df:7a:7b:90:
        79:6d:68:42:f9:46:4f:25:db:83:67:98:91:82:47:d8:2e:26:
        b0:b3:ec:74:c4:e8:d9:3f:13:67:d6:a4:b5:29:22:3b:9e:53:
        91:fb:50:5a:ae:cd:52:3e:46:cb:95:d8:ad:4d:b0:02:f8:3b:
        31:77:19:b0:d9:bb:72:6b:12:9b:c5:48:39:c3:85:dc:79:c0:
        4a:e4:b4:27

465 / tcp

-2033931740 | 2025-03-20T13:46:00.611915

220-sghost.rootserver.pw ESMTP Exim 4.97.1 #2 Thu, 20 Mar 2025 09:45:41 -0400 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
250-sghost.rootserver.pw Hello 224.166.101.145 [224.166.101.145]
250-SIZE 26214400
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH PLAIN LOGIN
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:e0:1d:4a:6a:f9:f6:09:d5:a5:f0:99:e4:94:61:ab:0a:36
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Mar 15 05:00:28 2025 GMT
            Not After : Jun 13 05:00:27 2025 GMT
        Subject: CN=sghost.rootserver.pw
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cf:fe:2d:8d:11:c4:5a:2f:f9:cd:b6:1a:8b:80:
                    be:1a:74:d3:fe:a3:4a:f3:cc:72:9d:fa:9e:77:cf:
                    07:8e:bb:aa:b3:cb:60:0a:6a:3f:e8:80:d0:04:b9:
                    12:30:da:b4:ec:d6:90:37:25:14:37:38:26:51:c3:
                    ba:89:2b:50:6d:d4:52:ae:a9:d1:76:6b:13:e1:e9:
                    6b:b9:c9:ca:c3:e0:12:1b:e2:e1:f5:53:ec:11:9f:
                    0a:3c:18:8e:9b:c0:79:3d:55:a3:1b:45:fe:9e:db:
                    92:46:6d:12:f5:97:8c:8d:22:9c:5d:a9:47:2a:0f:
                    1b:26:9a:c5:0c:91:8a:85:ca:33:4d:6d:75:98:28:
                    8f:c4:41:c6:d9:43:53:cd:b6:a7:ea:95:13:31:03:
                    cf:47:68:86:ad:c9:5b:d3:81:b4:e9:52:32:4a:58:
                    30:15:c1:14:35:d0:1f:ac:12:a6:2d:88:a3:37:8c:
                    e2:30:a5:5f:0d:5c:00:57:94:92:6e:d3:27:22:1b:
                    ae:31:b9:88:ce:2e:37:a6:8e:a7:e6:ea:a6:be:a6:
                    1c:87:63:07:ff:17:e4:81:f9:0a:10:f4:dd:f1:fb:
                    65:53:78:1b:a3:cb:39:8c:42:e8:66:f8:33:82:35:
                    a8:32:0c:ba:50:d5:0e:a4:c3:10:ef:34:6a:c5:b7:
                    a4:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                97:04:A4:4C:F0:7F:08:80:C7:04:FD:55:48:0D:E9:82:AC:B6:84:70
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:sghost.rootserver.pw
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://r10.c.lencr.org/55.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar 15 05:58:58.998 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:70:84:53:9C:C5:C9:CF:79:2F:77:75:78:
                                5C:6C:D3:DF:FE:8C:70:46:C3:19:AC:A5:88:25:38:2E:
                                75:94:22:46:02:21:00:BC:0A:F0:5B:A6:97:53:AB:F7:
                                02:08:2E:04:AF:99:93:BE:97:B4:ED:2E:33:AD:C6:3A:
                                9D:68:F7:DF:AA:02:0E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Mar 15 05:58:58.977 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5C:16:48:33:DA:8C:F1:78:91:5C:29:F3:
                                FB:E4:5F:6D:68:4A:27:16:71:A1:9E:3F:21:8C:C4:C5:
                                C1:04:BA:F2:02:21:00:9E:18:37:DB:2B:57:7E:3D:00:
                                E1:6C:82:6F:6C:2D:C8:93:E9:66:03:73:4D:4C:08:8D:
                                01:00:C0:AC:E6:34:9C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        9e:f8:23:a8:8a:87:26:5e:ce:17:59:5a:c6:fa:cb:e0:ee:e3:
        ee:7f:fb:9b:aa:00:3a:01:6f:65:f1:1c:24:06:a8:5e:17:ac:
        86:d6:0b:12:b4:5e:5b:31:93:6c:f3:e9:01:ca:ef:40:82:2f:
        58:ed:e8:9f:53:6d:0b:a8:e3:04:95:b6:31:c5:6d:80:9b:78:
        12:f1:9c:b5:61:ef:ef:f2:07:4d:ee:b8:f3:c1:4d:9b:fe:d5:
        fc:78:37:60:7a:54:33:a2:c8:e5:74:16:5c:42:1b:3a:9d:ba:
        40:cc:80:ad:ee:cd:67:94:ab:f8:d9:c7:cf:14:c6:62:3f:4b:
        27:c6:1e:03:06:ea:85:03:1e:30:1a:21:05:5e:42:e2:43:1d:
        c1:04:0c:ec:70:4c:09:57:b4:f7:38:ce:4c:a2:2f:59:ec:74:
        8d:7b:a4:a2:1c:4b:8b:2a:76:4a:81:dc:9b:1f:3a:15:4b:3f:
        1e:cf:a3:81:30:35:dd:80:5f:58:1c:89:b5:25:b3:26:f8:fb:
        79:a6:0a:f4:13:2e:db:c9:c2:bc:52:b5:b2:37:07:dd:e7:95:
        d2:97:68:fb:aa:d3:4c:e9:c9:48:da:01:2e:3c:c8:b1:9e:e7:
        ef:1b:28:16:3a:db:20:2f:03:0a:55:cc:85:ea:0d:62:20:2a:
        1d:72:50:d7

993 / tcp

-1132241830 | 2025-03-26T04:15:13.446980

* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
* CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ AUTH=PLAIN AUTH=LOGIN
A001 OK Pre-login capabilities listed, post-login capabilities have more.
* ID ("name" "Dovecot")
A002 OK ID completed.
A003 BAD Error in IMAP command received by server.
* BYE Logging out
A004 OK Logout completed.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:e0:1d:4a:6a:f9:f6:09:d5:a5:f0:99:e4:94:61:ab:0a:36
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Mar 15 05:00:28 2025 GMT
            Not After : Jun 13 05:00:27 2025 GMT
        Subject: CN=sghost.rootserver.pw
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cf:fe:2d:8d:11:c4:5a:2f:f9:cd:b6:1a:8b:80:
                    be:1a:74:d3:fe:a3:4a:f3:cc:72:9d:fa:9e:77:cf:
                    07:8e:bb:aa:b3:cb:60:0a:6a:3f:e8:80:d0:04:b9:
                    12:30:da:b4:ec:d6:90:37:25:14:37:38:26:51:c3:
                    ba:89:2b:50:6d:d4:52:ae:a9:d1:76:6b:13:e1:e9:
                    6b:b9:c9:ca:c3:e0:12:1b:e2:e1:f5:53:ec:11:9f:
                    0a:3c:18:8e:9b:c0:79:3d:55:a3:1b:45:fe:9e:db:
                    92:46:6d:12:f5:97:8c:8d:22:9c:5d:a9:47:2a:0f:
                    1b:26:9a:c5:0c:91:8a:85:ca:33:4d:6d:75:98:28:
                    8f:c4:41:c6:d9:43:53:cd:b6:a7:ea:95:13:31:03:
                    cf:47:68:86:ad:c9:5b:d3:81:b4:e9:52:32:4a:58:
                    30:15:c1:14:35:d0:1f:ac:12:a6:2d:88:a3:37:8c:
                    e2:30:a5:5f:0d:5c:00:57:94:92:6e:d3:27:22:1b:
                    ae:31:b9:88:ce:2e:37:a6:8e:a7:e6:ea:a6:be:a6:
                    1c:87:63:07:ff:17:e4:81:f9:0a:10:f4:dd:f1:fb:
                    65:53:78:1b:a3:cb:39:8c:42:e8:66:f8:33:82:35:
                    a8:32:0c:ba:50:d5:0e:a4:c3:10:ef:34:6a:c5:b7:
                    a4:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                97:04:A4:4C:F0:7F:08:80:C7:04:FD:55:48:0D:E9:82:AC:B6:84:70
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:sghost.rootserver.pw
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://r10.c.lencr.org/55.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar 15 05:58:58.998 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:70:84:53:9C:C5:C9:CF:79:2F:77:75:78:
                                5C:6C:D3:DF:FE:8C:70:46:C3:19:AC:A5:88:25:38:2E:
                                75:94:22:46:02:21:00:BC:0A:F0:5B:A6:97:53:AB:F7:
                                02:08:2E:04:AF:99:93:BE:97:B4:ED:2E:33:AD:C6:3A:
                                9D:68:F7:DF:AA:02:0E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Mar 15 05:58:58.977 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5C:16:48:33:DA:8C:F1:78:91:5C:29:F3:
                                FB:E4:5F:6D:68:4A:27:16:71:A1:9E:3F:21:8C:C4:C5:
                                C1:04:BA:F2:02:21:00:9E:18:37:DB:2B:57:7E:3D:00:
                                E1:6C:82:6F:6C:2D:C8:93:E9:66:03:73:4D:4C:08:8D:
                                01:00:C0:AC:E6:34:9C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        9e:f8:23:a8:8a:87:26:5e:ce:17:59:5a:c6:fa:cb:e0:ee:e3:
        ee:7f:fb:9b:aa:00:3a:01:6f:65:f1:1c:24:06:a8:5e:17:ac:
        86:d6:0b:12:b4:5e:5b:31:93:6c:f3:e9:01:ca:ef:40:82:2f:
        58:ed:e8:9f:53:6d:0b:a8:e3:04:95:b6:31:c5:6d:80:9b:78:
        12:f1:9c:b5:61:ef:ef:f2:07:4d:ee:b8:f3:c1:4d:9b:fe:d5:
        fc:78:37:60:7a:54:33:a2:c8:e5:74:16:5c:42:1b:3a:9d:ba:
        40:cc:80:ad:ee:cd:67:94:ab:f8:d9:c7:cf:14:c6:62:3f:4b:
        27:c6:1e:03:06:ea:85:03:1e:30:1a:21:05:5e:42:e2:43:1d:
        c1:04:0c:ec:70:4c:09:57:b4:f7:38:ce:4c:a2:2f:59:ec:74:
        8d:7b:a4:a2:1c:4b:8b:2a:76:4a:81:dc:9b:1f:3a:15:4b:3f:
        1e:cf:a3:81:30:35:dd:80:5f:58:1c:89:b5:25:b3:26:f8:fb:
        79:a6:0a:f4:13:2e:db:c9:c2:bc:52:b5:b2:37:07:dd:e7:95:
        d2:97:68:fb:aa:d3:4c:e9:c9:48:da:01:2e:3c:c8:b1:9e:e7:
        ef:1b:28:16:3a:db:20:2f:03:0a:55:cc:85:ea:0d:62:20:2a:
        1d:72:50:d7

2082 / tcp

2073794502 | 2025-03-22T21:01:16.405688

Hashes

hash

-1638222878

http.dom_hash

-374034709

http.favicon.hash

-696182543

http.html_hash

2073794502

http.title_hash

-2008267673

cPanel Login

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset="utf-8"
Date: Sat, 22 Mar 2025 21:01:16 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Pragma: no-cache
Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2082
Set-Cookie: cpsession=%3acCtmPIg4jDhXK6tU%2cb0c2c66dfa183b293877b14b05d6f6d3; HttpOnly; path=/; port=2082
Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2082
Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=139.99.113.216; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2082
Set-Cookie: PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2082
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 37235

2083 / tcp

1602284464 | 2025-03-16T08:40:44.516103

Hashes

hash

1836462513

http.dom_hash

-374034709

http.favicon.hash

-696182543

http.html_hash

1602284464

http.title_hash

-2008267673

cPanel Login

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset="utf-8"
Date: Sun, 16 Mar 2025 08:40:44 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Pragma: no-cache
Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
Set-Cookie: cpsession=%3ageqWqbQyX9CTYrCX%2c829534bd2fae86943b4c7273149af8b0; HttpOnly; path=/; port=2083; secure
Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=139.99.113.216; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
Set-Cookie: PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 37235

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:e0:1d:4a:6a:f9:f6:09:d5:a5:f0:99:e4:94:61:ab:0a:36
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Mar 15 05:00:28 2025 GMT
            Not After : Jun 13 05:00:27 2025 GMT
        Subject: CN=sghost.rootserver.pw
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cf:fe:2d:8d:11:c4:5a:2f:f9:cd:b6:1a:8b:80:
                    be:1a:74:d3:fe:a3:4a:f3:cc:72:9d:fa:9e:77:cf:
                    07:8e:bb:aa:b3:cb:60:0a:6a:3f:e8:80:d0:04:b9:
                    12:30:da:b4:ec:d6:90:37:25:14:37:38:26:51:c3:
                    ba:89:2b:50:6d:d4:52:ae:a9:d1:76:6b:13:e1:e9:
                    6b:b9:c9:ca:c3:e0:12:1b:e2:e1:f5:53:ec:11:9f:
                    0a:3c:18:8e:9b:c0:79:3d:55:a3:1b:45:fe:9e:db:
                    92:46:6d:12:f5:97:8c:8d:22:9c:5d:a9:47:2a:0f:
                    1b:26:9a:c5:0c:91:8a:85:ca:33:4d:6d:75:98:28:
                    8f:c4:41:c6:d9:43:53:cd:b6:a7:ea:95:13:31:03:
                    cf:47:68:86:ad:c9:5b:d3:81:b4:e9:52:32:4a:58:
                    30:15:c1:14:35:d0:1f:ac:12:a6:2d:88:a3:37:8c:
                    e2:30:a5:5f:0d:5c:00:57:94:92:6e:d3:27:22:1b:
                    ae:31:b9:88:ce:2e:37:a6:8e:a7:e6:ea:a6:be:a6:
                    1c:87:63:07:ff:17:e4:81:f9:0a:10:f4:dd:f1:fb:
                    65:53:78:1b:a3:cb:39:8c:42:e8:66:f8:33:82:35:
                    a8:32:0c:ba:50:d5:0e:a4:c3:10:ef:34:6a:c5:b7:
                    a4:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                97:04:A4:4C:F0:7F:08:80:C7:04:FD:55:48:0D:E9:82:AC:B6:84:70
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:sghost.rootserver.pw
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://r10.c.lencr.org/55.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar 15 05:58:58.998 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:70:84:53:9C:C5:C9:CF:79:2F:77:75:78:
                                5C:6C:D3:DF:FE:8C:70:46:C3:19:AC:A5:88:25:38:2E:
                                75:94:22:46:02:21:00:BC:0A:F0:5B:A6:97:53:AB:F7:
                                02:08:2E:04:AF:99:93:BE:97:B4:ED:2E:33:AD:C6:3A:
                                9D:68:F7:DF:AA:02:0E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Mar 15 05:58:58.977 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5C:16:48:33:DA:8C:F1:78:91:5C:29:F3:
                                FB:E4:5F:6D:68:4A:27:16:71:A1:9E:3F:21:8C:C4:C5:
                                C1:04:BA:F2:02:21:00:9E:18:37:DB:2B:57:7E:3D:00:
                                E1:6C:82:6F:6C:2D:C8:93:E9:66:03:73:4D:4C:08:8D:
                                01:00:C0:AC:E6:34:9C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        9e:f8:23:a8:8a:87:26:5e:ce:17:59:5a:c6:fa:cb:e0:ee:e3:
        ee:7f:fb:9b:aa:00:3a:01:6f:65:f1:1c:24:06:a8:5e:17:ac:
        86:d6:0b:12:b4:5e:5b:31:93:6c:f3:e9:01:ca:ef:40:82:2f:
        58:ed:e8:9f:53:6d:0b:a8:e3:04:95:b6:31:c5:6d:80:9b:78:
        12:f1:9c:b5:61:ef:ef:f2:07:4d:ee:b8:f3:c1:4d:9b:fe:d5:
        fc:78:37:60:7a:54:33:a2:c8:e5:74:16:5c:42:1b:3a:9d:ba:
        40:cc:80:ad:ee:cd:67:94:ab:f8:d9:c7:cf:14:c6:62:3f:4b:
        27:c6:1e:03:06:ea:85:03:1e:30:1a:21:05:5e:42:e2:43:1d:
        c1:04:0c:ec:70:4c:09:57:b4:f7:38:ce:4c:a2:2f:59:ec:74:
        8d:7b:a4:a2:1c:4b:8b:2a:76:4a:81:dc:9b:1f:3a:15:4b:3f:
        1e:cf:a3:81:30:35:dd:80:5f:58:1c:89:b5:25:b3:26:f8:fb:
        79:a6:0a:f4:13:2e:db:c9:c2:bc:52:b5:b2:37:07:dd:e7:95:
        d2:97:68:fb:aa:d3:4c:e9:c9:48:da:01:2e:3c:c8:b1:9e:e7:
        ef:1b:28:16:3a:db:20:2f:03:0a:55:cc:85:ea:0d:62:20:2a:
        1d:72:50:d7

2086 / tcp

1985297938 | 2025-03-10T08:06:56.467095

Hashes

hash

296750692

http.dom_hash

-374034709

http.favicon.hash

-696182543

http.html_hash

1985297938

http.title_hash

379184312

WHM Login

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset="utf-8"
Date: Mon, 10 Mar 2025 08:06:56 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Pragma: no-cache
Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2086
Set-Cookie: whostmgrsession=%3a9cTk8TN1B4dpZgUB%2c800c0db8932df4a34db68aa1c859cbbb; HttpOnly; path=/; port=2086
Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2086
Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=139.99.113.216; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2086
Set-Cookie: PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2086
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 37217

2087 / tcp

104098869 | 2025-03-24T15:38:11.915526

Hashes

hash

-285690643

http.dom_hash

-374034709

http.favicon.hash

-696182543

http.html_hash

104098869

http.title_hash

379184312

WHM Login

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset="utf-8"
Date: Mon, 24 Mar 2025 15:38:11 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Pragma: no-cache
Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
Set-Cookie: whostmgrsession=%3aBlzTHBZSIXmdMIqQ%2c6fdb874fd2e6a73a09b9627485623a55; HttpOnly; path=/; port=2087; secure
Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=139.99.113.216; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
Set-Cookie: PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 37217

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:e0:1d:4a:6a:f9:f6:09:d5:a5:f0:99:e4:94:61:ab:0a:36
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Mar 15 05:00:28 2025 GMT
            Not After : Jun 13 05:00:27 2025 GMT
        Subject: CN=sghost.rootserver.pw
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cf:fe:2d:8d:11:c4:5a:2f:f9:cd:b6:1a:8b:80:
                    be:1a:74:d3:fe:a3:4a:f3:cc:72:9d:fa:9e:77:cf:
                    07:8e:bb:aa:b3:cb:60:0a:6a:3f:e8:80:d0:04:b9:
                    12:30:da:b4:ec:d6:90:37:25:14:37:38:26:51:c3:
                    ba:89:2b:50:6d:d4:52:ae:a9:d1:76:6b:13:e1:e9:
                    6b:b9:c9:ca:c3:e0:12:1b:e2:e1:f5:53:ec:11:9f:
                    0a:3c:18:8e:9b:c0:79:3d:55:a3:1b:45:fe:9e:db:
                    92:46:6d:12:f5:97:8c:8d:22:9c:5d:a9:47:2a:0f:
                    1b:26:9a:c5:0c:91:8a:85:ca:33:4d:6d:75:98:28:
                    8f:c4:41:c6:d9:43:53:cd:b6:a7:ea:95:13:31:03:
                    cf:47:68:86:ad:c9:5b:d3:81:b4:e9:52:32:4a:58:
                    30:15:c1:14:35:d0:1f:ac:12:a6:2d:88:a3:37:8c:
                    e2:30:a5:5f:0d:5c:00:57:94:92:6e:d3:27:22:1b:
                    ae:31:b9:88:ce:2e:37:a6:8e:a7:e6:ea:a6:be:a6:
                    1c:87:63:07:ff:17:e4:81:f9:0a:10:f4:dd:f1:fb:
                    65:53:78:1b:a3:cb:39:8c:42:e8:66:f8:33:82:35:
                    a8:32:0c:ba:50:d5:0e:a4:c3:10:ef:34:6a:c5:b7:
                    a4:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                97:04:A4:4C:F0:7F:08:80:C7:04:FD:55:48:0D:E9:82:AC:B6:84:70
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:sghost.rootserver.pw
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://r10.c.lencr.org/55.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar 15 05:58:58.998 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:70:84:53:9C:C5:C9:CF:79:2F:77:75:78:
                                5C:6C:D3:DF:FE:8C:70:46:C3:19:AC:A5:88:25:38:2E:
                                75:94:22:46:02:21:00:BC:0A:F0:5B:A6:97:53:AB:F7:
                                02:08:2E:04:AF:99:93:BE:97:B4:ED:2E:33:AD:C6:3A:
                                9D:68:F7:DF:AA:02:0E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Mar 15 05:58:58.977 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5C:16:48:33:DA:8C:F1:78:91:5C:29:F3:
                                FB:E4:5F:6D:68:4A:27:16:71:A1:9E:3F:21:8C:C4:C5:
                                C1:04:BA:F2:02:21:00:9E:18:37:DB:2B:57:7E:3D:00:
                                E1:6C:82:6F:6C:2D:C8:93:E9:66:03:73:4D:4C:08:8D:
                                01:00:C0:AC:E6:34:9C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        9e:f8:23:a8:8a:87:26:5e:ce:17:59:5a:c6:fa:cb:e0:ee:e3:
        ee:7f:fb:9b:aa:00:3a:01:6f:65:f1:1c:24:06:a8:5e:17:ac:
        86:d6:0b:12:b4:5e:5b:31:93:6c:f3:e9:01:ca:ef:40:82:2f:
        58:ed:e8:9f:53:6d:0b:a8:e3:04:95:b6:31:c5:6d:80:9b:78:
        12:f1:9c:b5:61:ef:ef:f2:07:4d:ee:b8:f3:c1:4d:9b:fe:d5:
        fc:78:37:60:7a:54:33:a2:c8:e5:74:16:5c:42:1b:3a:9d:ba:
        40:cc:80:ad:ee:cd:67:94:ab:f8:d9:c7:cf:14:c6:62:3f:4b:
        27:c6:1e:03:06:ea:85:03:1e:30:1a:21:05:5e:42:e2:43:1d:
        c1:04:0c:ec:70:4c:09:57:b4:f7:38:ce:4c:a2:2f:59:ec:74:
        8d:7b:a4:a2:1c:4b:8b:2a:76:4a:81:dc:9b:1f:3a:15:4b:3f:
        1e:cf:a3:81:30:35:dd:80:5f:58:1c:89:b5:25:b3:26:f8:fb:
        79:a6:0a:f4:13:2e:db:c9:c2:bc:52:b5:b2:37:07:dd:e7:95:
        d2:97:68:fb:aa:d3:4c:e9:c9:48:da:01:2e:3c:c8:b1:9e:e7:
        ef:1b:28:16:3a:db:20:2f:03:0a:55:cc:85:ea:0d:62:20:2a:
        1d:72:50:d7

6379 / tcp

-1552789258 | 2025-03-26T22:25:15.054007

# Server
redis_version:5.0.3
redis_git_sha1:00000000
redis_git_dirty:0
redis_build_id:14b81d825631ff0c
redis_mode:standalone
os:Linux 4.18.0-553.lve.el8.x86_64 x86_64
arch_bits:64
multiplexing_api:epoll
atomicvar_api:atomic-builtin
gcc_version:8.4.1
process_id:1246
run_id:692aa366321e844543f3a68d04afa20024a705d9
tcp_port:6379
uptime_in_seconds:7658663
uptime_in_days:88
hz:10
configured_hz:10
lru_clock:14974666
executable:/usr/bin/redis-server
config_file:/etc/redis.conf

# Clients
connected_clients:1
client_recent_max_input_buffer:2
client_recent_max_output_buffer:0
blocked_clients:0

# Memory
used_memory:2546616
used_memory_human:2.43M
used_memory_rss:12943360
used_memory_rss_human:12.34M
used_memory_peak:5728344
used_memory_peak_human:5.46M
used_memory_peak_perc:44.46%
used_memory_overhead:2515654
used_memory_startup:790992
used_memory_dataset:30962
used_memory_dataset_perc:1.76%
allocator_allocated:2754192
allocator_active:3076096
allocator_resident:12615680
total_system_memory:12268503040
total_system_memory_human:11.43G
used_memory_lua:1386496
used_memory_lua_human:1.32M
used_memory_scripts:1674712
used_memory_scripts_human:1.60M
number_of_cached_scripts:707
maxmemory:0
maxmemory_human:0B
maxmemory_policy:noeviction
allocator_frag_ratio:1.12
allocator_frag_bytes:321904
allocator_rss_ratio:4.10
allocator_rss_bytes:9539584
rss_overhead_ratio:1.03
rss_overhead_bytes:327680
mem_fragmentation_ratio:5.21
mem_fragmentation_bytes:10459624
mem_not_counted_for_evict:0
mem_replication_backlog:0
mem_clients_slaves:0
mem_clients_normal:49694
mem_aof_buffer:0
mem_allocator:jemalloc-5.1.0
active_defrag_running:0
lazyfree_pending_objects:0

# Persistence
loading:0
rdb_changes_since_last_save:78
rdb_bgsave_in_progress:0
rdb_last_save_time:1743015536
rdb_last_bgsave_status:err
rdb_last_bgsave_time_sec:0
rdb_current_bgsave_time_sec:-1
rdb_last_cow_size:159744
aof_enabled:0
aof_rewrite_in_progress:0
aof_rewrite_scheduled:0
aof_last_rewrite_time_sec:-1
aof_current_rewrite_time_sec:-1
aof_last_bgrewrite_status:ok
aof_last_write_status:ok
aof_last_cow_size:0

# Stats
total_connections_received:4839
total_commands_processed:39296
instantaneous_ops_per_sec:0
total_net_input_bytes:3993656
total_net_output_bytes:19075090
instantaneous_input_kbps:0.00
instantaneous_output_kbps:0.00
rejected_connections:0
sync_full:0
sync_partial_ok:0
sync_partial_err:0
expired_keys:0
expired_stale_perc:0.00
expired_time_cap_reached_count:0
evicted_keys:0
keyspace_hits:322
keyspace_misses:0
pubsub_channels:0
pubsub_patterns:0
latest_fork_usec:389
migrate_cached_sockets:0
slave_expires_tracked_keys:0
active_defrag_hits:0
active_defrag_misses:0
active_defrag_key_hits:0
active_defrag_key_misses:0

# Replication
role:master
connected_slaves:0
master_replid:b13156b128ab699e45f03e764dd53fee3857cba3
master_replid2:a26218365c92d159db31bceeb6a17827495f3be4
master_repl_offset:0
second_repl_offset:1
repl_backlog_active:0
repl_backlog_size:1048576
repl_backlog_first_byte_offset:0
repl_backlog_histlen:0

# CPU
used_cpu_sys:3613.860113
used_cpu_user:3031.308466
used_cpu_sys_children:231.558710
used_cpu_user_children:339.898233

# Cluster
cluster_enabled:0

# Keyspace
db0:keys=4,expires=0,avg_ttl=0

# Keys
backup1
backup4
backup2
backup3

# Connected Clients
id=5544 addr=224.161.245.238:55656 fd=7 name= age=0 idle=0 flags=N db=0 sub=0 psub=0 multi=-1 qbuf=26 qbuf-free=32742 obl=0 oll=0 omem=0 events=r cmd=client

Vulnerabilities

5 2

139.99.113.216

Last Seen: 2025-03-26

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

22 / tcp

-1879203540 | 2025-03-22T08:05:24.175427

OpenSSH8.0

53 / tcp

2105949461 | 2025-03-26T02:18:10.018908

53 / udp

2105949461 | 2025-03-15T10:56:45.973586

80 / tcp

2102528226 | 2025-03-23T21:55:12.945222

Hashes

110 / tcp

1952082069 | 2025-03-25T19:17:16.896396

143 / tcp

1559185454 | 2025-03-18T08:19:11.753442

443 / tcp

-1715221618 | 2025-03-23T20:25:27.480285

Hashes

465 / tcp

-2033931740 | 2025-03-20T13:46:00.611915

Exim smtpd4.97.1

993 / tcp

-1132241830 | 2025-03-26T04:15:13.446980

2082 / tcp

2073794502 | 2025-03-22T21:01:16.405688

Hashes

cPanel

2083 / tcp

1602284464 | 2025-03-16T08:40:44.516103

Hashes

cPanel

2086 / tcp

1985297938 | 2025-03-10T08:06:56.467095

Hashes

WHM

2087 / tcp

104098869 | 2025-03-24T15:38:11.915526

Hashes

WHM

6379 / tcp

-1552789258 | 2025-03-26T22:25:15.054007

Redis key-value store5.0.3

Products

Pricing

Contact Us

139.99.113.216

Last Seen: 2025-03-26

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 22 Port 6379 Latest CVSS

OpenPorts

22 / tcp -1879203540 | 2025-03-22T08:05:24.175427

OpenSSH8.0

53 / tcp 2105949461 | 2025-03-26T02:18:10.018908

53 / udp 2105949461 | 2025-03-15T10:56:45.973586

80 / tcp 2102528226 | 2025-03-23T21:55:12.945222

Hashes

110 / tcp 1952082069 | 2025-03-25T19:17:16.896396

143 / tcp 1559185454 | 2025-03-18T08:19:11.753442

443 / tcp -1715221618 | 2025-03-23T20:25:27.480285

Hashes

465 / tcp -2033931740 | 2025-03-20T13:46:00.611915

Exim smtpd4.97.1

993 / tcp -1132241830 | 2025-03-26T04:15:13.446980

2082 / tcp 2073794502 | 2025-03-22T21:01:16.405688

Hashes

cPanel

2083 / tcp 1602284464 | 2025-03-16T08:40:44.516103

Hashes

cPanel

2086 / tcp 1985297938 | 2025-03-10T08:06:56.467095

Hashes

WHM

2087 / tcp 104098869 | 2025-03-24T15:38:11.915526

Hashes

WHM

6379 / tcp -1552789258 | 2025-03-26T22:25:15.054007

Redis key-value store5.0.3

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

-1879203540 | 2025-03-22T08:05:24.175427

53 / tcp

2105949461 | 2025-03-26T02:18:10.018908

53 / udp

2105949461 | 2025-03-15T10:56:45.973586

80 / tcp

2102528226 | 2025-03-23T21:55:12.945222

110 / tcp

1952082069 | 2025-03-25T19:17:16.896396

143 / tcp

1559185454 | 2025-03-18T08:19:11.753442

443 / tcp

-1715221618 | 2025-03-23T20:25:27.480285

465 / tcp

-2033931740 | 2025-03-20T13:46:00.611915

993 / tcp

-1132241830 | 2025-03-26T04:15:13.446980

2082 / tcp

2073794502 | 2025-03-22T21:01:16.405688

2083 / tcp

1602284464 | 2025-03-16T08:40:44.516103

2086 / tcp

1985297938 | 2025-03-10T08:06:56.467095

2087 / tcp

104098869 | 2025-03-24T15:38:11.915526

6379 / tcp

-1552789258 | 2025-03-26T22:25:15.054007