GeneralInformation

Hostnames	mahamines.com www.mahamines.com
Domains	mahamines.com
Country	India
City	Mumbai
Organization	Web Werks India Pvt. Ltd.
ISP	Web Werks India Pvt. Ltd.
ASN	AS133296
Operating System	Windows Server 2008 R2 Standard 7601 Service Pack 1

WebTechnologies

Analytics

Google Analytics

Font scripts

Cufon

JavaScript libraries

jQuery1.4.2

Tag managers

Google Tag Manager

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2020(3)

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-7656

6.1jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.

2019(1)

CVE-2019-11358

6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

2015(1)

CVE-2015-9251

6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

2014(1)

CVE-2014-6071

6.1jQuery 1.4.2 allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after.

2012(1)

CVE-2012-6708

6.1jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

2011(1)

CVE-2011-4969

4.3Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

2010(3)

CVE-2010-3972

10Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.

CVE-2010-2730

9.3Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."

CVE-2010-1899

4.3Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability."

OpenPorts

21 25 53 80 110 135 143 443 445 587

21 / tcp

-370734890 | 2025-04-02T14:08:21.733003

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST 
    MDTM 
    MIC *
    MKD 
    MODE 
    NLST 
    NOOP 
    OPTS 
    PASS 
    PASV 
    PBSZ 
    PORT 
    PROT 
    PWD 
    QUIT 
    REIN 
    REST 
    RETR 
    RMD 
    RNFR 
    RNTO 
    SITE 
    SIZE 
    SMNT 
    STAT 
    STOR 
    STOU 
    STRU 
    SYST 
    TYPE 
    USER 
    XCUP 
    XCWD 
    XMKD 
    XPWD 
    XRMD 
214 HELP command successful.
211-Extended features supported:
 LANG EN*
 UTF8
 AUTH TLS;TLS-C;SSL;TLS-P;
 PBSZ
 PROT C;P;
 CCC
 HOST
 SIZE
 MDTM
 REST STREAM
211 END

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:1b:64:a2:ec:7f:1c:03:cb:52:f1:76
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
        Validity
            Not Before: Dec 22 08:47:03 2023 GMT
            Not After : Jan 22 08:47:02 2025 GMT
        Subject: CN=www.mahamines.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:94:e9:b9:59:ff:66:dc:0a:5a:da:38:96:40:a9:
                    4c:40:fc:a7:1f:c3:74:ce:38:ac:16:f9:81:ed:bc:
                    92:62:fa:ec:d5:b4:5d:d6:fe:9f:37:0f:ab:aa:3a:
                    c2:33:59:31:9f:df:ad:33:ee:59:9e:a3:39:26:6a:
                    eb:70:5c:b5:db:de:d4:69:d6:7f:2e:94:b4:81:c6:
                    72:29:44:9f:72:68:42:4e:88:5c:41:f5:44:eb:47:
                    e4:31:a2:65:27:0e:95:59:ad:1b:d9:f3:b8:34:fc:
                    45:64:6a:ab:07:73:c3:8c:ea:0c:dd:19:c6:b4:fa:
                    71:72:26:e4:51:b6:b8:58:90:c2:bb:15:77:61:fc:
                    08:fb:da:0c:28:50:3e:57:0f:73:45:88:b5:2a:96:
                    6e:f7:34:18:d5:b7:d9:20:e4:85:ae:53:2a:88:4e:
                    7b:19:2d:aa:62:a5:f9:fe:b4:9e:ce:f0:3c:b8:d9:
                    ee:27:ee:06:49:cd:91:4b:11:f8:43:02:82:1c:3a:
                    53:40:e4:ab:46:8b:fb:a5:c2:04:ea:09:f1:47:0a:
                    e7:4f:d8:74:7e:ce:2c:86:16:6b:4a:3c:4d:db:f6:
                    72:e0:ca:72:b5:35:28:2c:18:04:d4:d1:51:cf:cc:
                    b5:1a:f4:bd:57:6a:32:4c:cf:3b:58:37:5b:c4:8f:
                    f7:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/alphasslcasha256g4.crt
                OCSP - URI:http://ocsp.globalsign.com/alphasslcasha256g4
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.4146.10.1.3
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/alphasslcasha256g4.crl
            X509v3 Subject Alternative Name: 
                DNS:www.mahamines.com, DNS:mahamines.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                4F:CB:AC:A8:C2:EF:AB:DD:83:6F:6B:BF:CE:98:3D:5C:58:25:76:15
            X509v3 Subject Key Identifier: 
                EB:52:7D:53:5A:6D:95:32:A2:E3:4B:37:EC:74:6B:A0:65:06:0A:1A
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Dec 22 08:47:10.106 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:45:CA:73:17:6A:36:79:3C:8C:F1:33:49:
                                16:B3:CC:8A:BF:40:70:CC:6A:94:C7:78:CF:E5:51:33:
                                48:17:A6:F8:02:20:3A:0F:74:3E:F6:07:86:8B:DB:87:
                                C7:45:30:9D:29:2C:DC:45:6F:8B:E0:64:D5:C5:E5:D2:
                                72:0D:9D:F4:DE:52
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Dec 22 08:47:10.354 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:36:CD:4E:80:46:17:92:69:50:7F:F7:EF:
                                4E:98:98:98:4C:F8:3F:98:05:4E:0A:96:A7:81:0B:2B:
                                A5:0F:CC:03:02:20:1A:9B:FF:5B:51:1C:11:E3:EA:21:
                                9B:F7:1B:1E:D6:AF:2C:59:EB:4A:AC:C2:D0:2B:87:33:
                                B1:62:7D:41:FA:D2
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
                                0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
                    Timestamp : Dec 22 08:47:10.338 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:17:D2:32:59:AF:0C:83:B3:F6:AF:BD:8C:
                                38:C5:00:71:C6:B4:35:21:82:68:34:B5:B7:F2:42:E2:
                                67:71:E9:32:02:21:00:B2:D8:4D:E7:D2:68:E9:5D:89:
                                8A:62:F5:D1:C6:88:21:F7:7F:88:47:3D:63:98:27:98:
                                51:C5:D3:C6:B6:50:25
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        ab:1a:09:62:ab:14:c4:db:44:b0:1d:f4:6b:fb:38:b5:03:da:
        9e:cc:49:56:1b:a7:72:6d:95:46:79:be:99:90:c6:d8:14:b3:
        73:be:d1:8b:9c:38:bb:e1:ff:2e:f6:54:da:0f:08:0e:1b:5e:
        96:d1:c2:ea:67:87:db:60:18:e2:7e:f8:16:05:06:28:55:6a:
        99:fd:39:a5:f0:dc:1e:9d:ba:95:f7:5a:ef:24:f9:7f:da:1a:
        21:de:b7:6e:e6:e7:d0:bf:f8:e8:ba:39:f7:c9:3c:ef:7e:9d:
        bb:13:04:57:87:b5:cc:32:30:42:3d:ee:16:3e:74:c4:0f:22:
        e6:af:dc:76:6b:85:b2:f0:d5:78:69:cf:39:2d:12:87:38:57:
        61:86:a3:5f:6c:e9:19:83:71:54:e0:c9:1a:17:58:cc:53:fa:
        1a:c8:cc:d7:78:1d:80:68:8c:e4:40:7c:80:35:c8:4e:d9:6b:
        97:4c:d5:a1:fb:0a:df:45:c2:41:37:cc:79:61:48:44:d4:b2:
        20:19:b8:07:5d:46:86:7f:dd:94:f9:af:dc:57:67:42:6d:28:
        aa:0a:d1:68:96:16:60:dd:4c:60:84:97:7f:d1:9e:75:06:23:
        7a:24:5b:5a:aa:56:34:e6:62:66:e8:64:90:6b:a0:46:92:3c:
        ee:9e:2d:58

25 / tcp

-686327078 | 2025-03-12T15:21:37.893861

220 pikachu.rapidns.com ESMTP MailEnable Service, Version: 10.30-- ready at 03/12/25 20:53:26
250-pikachu.rapidns.com [224.93.5.136], this server offers 4 extensions
250-AUTH LOGIN
250-SIZE 15360000
250-HELP
250 AUTH=LOGIN

80 / tcp

1647655105 | 2025-03-13T20:45:46.386073

Hashes

hash

708375589

http.dom_hash

232035454

http.favicon.hash

-1050786453

http.html_hash

1647655105

http.server_hash

-1390970405

http.title_hash

1678122824

Default Parallels Plesk Panel Page

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 09 May 2016 21:00:17 GMT
Accept-Ranges: bytes
ETag: "fd8689ca35aad11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 13 Mar 2025 20:46:38 GMT
Content-Length: 10458

Vulnerabilities

110 / tcp

-471102630 | 2025-03-23T19:32:25.140203

+OK Welcome to MailEnable POP3 Server
+OK Capability list follows
TOP
USER
UIDL
.

135 / tcp

-1963902643 | 2025-03-28T00:15:25.483999

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 180.149.242.170:49153
  ncalrpc: WindowsShutdown
  ncacn_np: \\PIKACHU\PIPE\InitShutdown
  ncalrpc: WMsgKRpc071380

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\PIKACHU\PIPE\InitShutdown
  ncalrpc: WMsgKRpc071380
  ncalrpc: WMsgKRpc0733D1

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-963d3892f320709620
  ncacn_np: \\PIKACHU\PIPE\srvsvc
  ncacn_ip_tcp: 180.149.242.170:49156
  ncacn_np: \\PIKACHU\PIPE\atsvc
  ncalrpc: iscsisrvRpcEndpoint
  ncalrpc: senssvc
  ncalrpc: OLE4A1AF582A5C84B3BA15435CEB4D4
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE4A1AF582A5C84B3BA15435CEB4D4
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncacn_ip_tcp: 180.149.242.170:49154
  ncacn_np: \\PIKACHU\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncacn_ip_tcp: 180.149.242.170:49154
  ncacn_np: \\PIKACHU\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncacn_ip_tcp: 180.149.242.170:49154
  ncacn_np: \\PIKACHU\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 180.149.242.170:49154
  ncacn_np: \\PIKACHU\pipe\eventlog
  ncalrpc: eventlog

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncacn_np: \\PIKACHU\PIPE\srvsvc
  ncacn_ip_tcp: 180.149.242.170:49156
  ncacn_np: \\PIKACHU\PIPE\atsvc
  ncalrpc: iscsisrvRpcEndpoint
  ncalrpc: senssvc
  ncalrpc: OLE4A1AF582A5C84B3BA15435CEB4D4
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 180.149.242.170:49156
  ncacn_np: \\PIKACHU\PIPE\atsvc
  ncalrpc: iscsisrvRpcEndpoint
  ncalrpc: senssvc
  ncalrpc: OLE4A1AF582A5C84B3BA15435CEB4D4
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_ip_tcp: 180.149.242.170:49156
  ncacn_np: \\PIKACHU\PIPE\atsvc
  ncalrpc: iscsisrvRpcEndpoint
  ncalrpc: senssvc
  ncalrpc: OLE4A1AF582A5C84B3BA15435CEB4D4
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_ip_tcp: 180.149.242.170:49156
  ncacn_np: \\PIKACHU\PIPE\atsvc
  ncalrpc: iscsisrvRpcEndpoint
  ncalrpc: senssvc
  ncalrpc: OLE4A1AF582A5C84B3BA15435CEB4D4
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 180.149.242.170:49156
  ncacn_np: \\PIKACHU\PIPE\atsvc
  ncalrpc: iscsisrvRpcEndpoint
  ncalrpc: senssvc
  ncalrpc: OLE4A1AF582A5C84B3BA15435CEB4D4
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\PIKACHU\PIPE\atsvc
  ncalrpc: iscsisrvRpcEndpoint
  ncalrpc: senssvc
  ncalrpc: OLE4A1AF582A5C84B3BA15435CEB4D4
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\PIKACHU\PIPE\atsvc
  ncalrpc: iscsisrvRpcEndpoint
  ncalrpc: senssvc
  ncalrpc: OLE4A1AF582A5C84B3BA15435CEB4D4
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: iscsisrvRpcEndpoint
  ncalrpc: senssvc
  ncalrpc: OLE4A1AF582A5C84B3BA15435CEB4D4
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  provider: gpsvc.dll
  ncalrpc: IUserProfile2

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\PIKACHU\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-1e8b9215fc7c65322a
  ncalrpc: OLE5BCADBA387BD479A95DAC1B2EC4A

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-1e8b9215fc7c65322a
  ncalrpc: OLE5BCADBA387BD479A95DAC1B2EC4A

24019106-a203-4642-b88d-82dae9158929
  version: v1.0
  provider: authui.dll
  ncalrpc: LRPC-176c7bbe43e71195fd

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-752b17a38b640551cb

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-752b17a38b640551cb

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-752b17a38b640551cb

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  annotation: Spooler function endpoint
  provider: spoolsv.exe
  ncalrpc: spoolss

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  annotation: Spooler base remote object endpoint
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncalrpc: spoolss

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  annotation: Spooler function endpoint
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncalrpc: spoolss

f763c91c-2ab1-47fa-868f-7de7efd42194
  version: v1.0
  annotation: VM Allow-List Provider RPC
  ncalrpc: RdvVmAllowListRpc
  ncalrpc: OLEA42ADE4EE29140E19F8FCEBF0B2C

50abc2a4-574d-40b3-9d66-ee4fd5fba076
  version: v5.0
  protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
  provider: dns.exe
  ncacn_ip_tcp: 180.149.242.170:49179

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v1.0
  annotation: KeyIso
  provider: keyiso.dll
  ncacn_ip_tcp: 180.149.242.170:49320
  ncalrpc: samss lpc
  ncalrpc: dsrole
  ncacn_np: \\PIKACHU\PIPE\protected_storage
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncalrpc: LRPC-666188608723411489
  ncacn_np: \\PIKACHU\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 180.149.242.170:49320
  ncalrpc: samss lpc
  ncalrpc: dsrole
  ncacn_np: \\PIKACHU\PIPE\protected_storage
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncalrpc: LRPC-666188608723411489
  ncacn_np: \\PIKACHU\pipe\lsass

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 180.149.242.170:49332

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  annotation: IPSec Policy agent endpoint
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncalrpc: LRPC-8e1f76cd170d07c84c

76209fe5-9049-4336-ba84-632d907cb154
  version: v1.0
  annotation: Interprocess Logon Service
  ncalrpc: ReportingServices$MSRS10_50.MSSQLSERVER
  ncalrpc: OLEA3BA5D64B8B14B00ACA20FA0377A

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-4dee61800e944d9fcf
  ncalrpc: LRPC-4dee61800e944d9fcf
  ncalrpc: LRPC-4dee61800e944d9fcf
  ncalrpc: LRPC-4dee61800e944d9fcf

143 / tcp

1281310413 | 2025-04-02T10:26:47.726098

* OK IMAP4rev1 server ready at 04/02/25 15:57:42
* CAPABILITY IMAP4rev1 IMAP4 AUTH=LOGIN IDLE CHILDREN UIDPLUS AUTH=CRAM-MD5
A001 OK CAPABILITY completed
A002 BAD UNKNOWN Command
A003 BAD UNKNOWN Command
* BYE IMAP4rev1 server terminating connection
A004 OK LOGOUT Initiated

443 / tcp

276016863 | 2025-03-29T13:31:00.662773

Hashes

hash

-1491525153

http.dom_hash

1728420292

http.favicon.hash

-1050786453

http.html_hash

276016863

http.robots_hash

-1276378894

http.server_hash

-1390970405

http.sitemap_hash

-1731517774

http.title_hash

-642955545

Maharashtra Minerals Corporation

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Fri, 22 Jun 2018 03:43:16 GMT
ETag: "29e5ba27db9d41:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Sat, 29 Mar 2025 13:32:29 GMT
Content-Length: 10272

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:69:26:0e:fe:b2:2a:cd:71:1d:11:7b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R6 AlphaSSL CA 2023
        Validity
            Not Before: Feb 25 09:25:51 2025 GMT
            Not After : Mar 29 09:25:50 2026 GMT
        Subject: CN=www.mahamines.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:94:e9:b9:59:ff:66:dc:0a:5a:da:38:96:40:a9:
                    4c:40:fc:a7:1f:c3:74:ce:38:ac:16:f9:81:ed:bc:
                    92:62:fa:ec:d5:b4:5d:d6:fe:9f:37:0f:ab:aa:3a:
                    c2:33:59:31:9f:df:ad:33:ee:59:9e:a3:39:26:6a:
                    eb:70:5c:b5:db:de:d4:69:d6:7f:2e:94:b4:81:c6:
                    72:29:44:9f:72:68:42:4e:88:5c:41:f5:44:eb:47:
                    e4:31:a2:65:27:0e:95:59:ad:1b:d9:f3:b8:34:fc:
                    45:64:6a:ab:07:73:c3:8c:ea:0c:dd:19:c6:b4:fa:
                    71:72:26:e4:51:b6:b8:58:90:c2:bb:15:77:61:fc:
                    08:fb:da:0c:28:50:3e:57:0f:73:45:88:b5:2a:96:
                    6e:f7:34:18:d5:b7:d9:20:e4:85:ae:53:2a:88:4e:
                    7b:19:2d:aa:62:a5:f9:fe:b4:9e:ce:f0:3c:b8:d9:
                    ee:27:ee:06:49:cd:91:4b:11:f8:43:02:82:1c:3a:
                    53:40:e4:ab:46:8b:fb:a5:c2:04:ea:09:f1:47:0a:
                    e7:4f:d8:74:7e:ce:2c:86:16:6b:4a:3c:4d:db:f6:
                    72:e0:ca:72:b5:35:28:2c:18:04:d4:d1:51:cf:cc:
                    b5:1a:f4:bd:57:6a:32:4c:cf:3b:58:37:5b:c4:8f:
                    f7:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr6alphasslca2023.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr6alphasslca2023
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.4146.10.1.3
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr6alphasslca2023.crl
            X509v3 Subject Alternative Name: 
                DNS:www.mahamines.com, DNS:mahamines.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                BD:05:B7:F3:8A:93:3C:73:CB:79:FA:0F:85:12:A1:77:96:18:91:74
            X509v3 Subject Key Identifier: 
                EB:52:7D:53:5A:6D:95:32:A2:E3:4B:37:EC:74:6B:A0:65:06:0A:1A
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
                                4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
                    Timestamp : Feb 25 09:25:53.681 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:F2:E5:CE:A0:CE:30:09:F0:DE:57:3D:
                                A2:62:BE:51:B9:54:94:CE:30:2E:75:59:34:CD:8A:14:
                                FF:63:AE:F8:32:02:21:00:D6:1E:D3:E4:01:4E:61:0C:
                                43:34:7C:19:A1:AB:7B:33:F3:C6:1D:44:DE:3B:80:0D:
                                C0:D7:D1:93:B8:17:95:47
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
                                DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
                    Timestamp : Feb 25 09:25:54.021 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FB:90:4B:DC:0D:69:34:AA:BE:31:50:
                                34:DB:61:CC:66:51:49:2B:BE:A5:00:75:9D:1E:19:36:
                                13:C2:33:B3:F7:02:21:00:BF:28:87:3E:8F:13:C0:31:
                                A3:F7:F3:6A:BB:AB:89:F0:F0:2B:FC:A8:3F:2E:52:28:
                                65:A0:FE:6F:AE:FF:C8:39
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 25:2F:94:C2:2B:29:E9:6E:9F:41:1A:72:07:2B:69:5C:
                                5B:52:FF:97:A9:0D:25:40:BB:FC:DC:51:EC:4D:EE:0B
                    Timestamp : Feb 25 09:25:53.840 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:7E:1F:A9:07:76:D3:BA:7F:53:DF:FA:91:
                                C8:59:09:A2:DD:E2:1D:73:CA:D4:0E:89:53:4E:58:A7:
                                24:4F:75:3C:02:21:00:9A:E0:0B:6A:07:7C:40:73:89:
                                5D:53:00:4E:99:C6:01:95:69:51:CD:4A:67:0A:F7:81:
                                F9:BA:37:D8:DD:D5:C5
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        45:ec:04:11:0b:86:a3:35:de:e8:5a:80:c4:0f:e3:31:a5:fd:
        5f:d5:64:06:a0:37:ce:22:8f:96:c4:01:a4:3d:bd:28:37:2b:
        7a:2b:0a:1b:87:1c:b8:54:c5:ad:a1:75:25:26:a8:88:28:1e:
        4e:9a:42:b2:bc:0a:e9:1f:77:17:3b:5c:d4:8e:e7:39:45:79:
        7d:69:6f:62:46:25:9b:b8:ba:4b:1b:72:2e:57:ba:b0:ea:38:
        c4:bf:d5:e1:b9:6a:79:3a:8b:11:2e:5f:e5:8c:26:90:f2:3d:
        4a:88:82:41:15:6c:3f:df:ad:6f:df:ac:56:78:05:85:62:e0:
        08:2b:50:43:58:4b:3b:d8:fb:21:ae:58:0d:5e:1b:03:3d:ea:
        41:11:0f:5e:3f:97:4c:c0:d3:f7:d7:5d:7d:91:63:38:16:5d:
        87:50:6a:12:29:34:d1:d2:c6:af:5e:98:6f:87:67:9f:70:b8:
        fa:fa:70:ef:15:aa:33:8d:e1:87:ec:a9:69:21:a3:3c:de:f2:
        33:5b:cc:f3:5c:61:7a:d8:ad:07:57:8d:93:17:38:58:c5:e7:
        e3:47:09:1e:68:92:fe:4d:da:e4:54:51:02:3d:da:82:45:53:
        3b:e7:01:c4:80:9a:17:c8:a2:1d:76:42:59:47:ca:ed:a5:b3:
        d6:07:98:16

Vulnerabilities

445 / tcp

1641389631 | 2025-04-04T10:51:55.904860

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2008 R2 Standard 7601 Service Pack 1
  Software: Windows Server 2008 R2 Standard 6.1
  Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

587 / tcp

755258435 | 2025-04-02T01:13:43.766932

220 pikachu.rapidns.com ESMTP MailEnable Service, Version: 10.30-- ready at 04/02/25 06:45:50
250-pikachu.rapidns.com [224.167.92.114], this server offers 4 extensions
250-AUTH LOGIN
250-SIZE 15360000
250-HELP
250 AUTH=LOGIN

180.149.242.170

Last Seen: 2025-04-04

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

21 / tcp

-370734890 | 2025-04-02T14:08:21.733003

Microsoft ftpd

25 / tcp

-686327078 | 2025-03-12T15:21:37.893861

MailEnable smptd10.30--

80 / tcp

1647655105 | 2025-03-13T20:45:46.386073

Hashes

Microsoft IIS httpd7.5

110 / tcp

-471102630 | 2025-03-23T19:32:25.140203

MailEnable POP3 Server

135 / tcp

-1963902643 | 2025-03-28T00:15:25.483999

Microsoft RPC Endpoint Mapper

143 / tcp

1281310413 | 2025-04-02T10:26:47.726098

443 / tcp

276016863 | 2025-03-29T13:31:00.662773

Hashes

Microsoft IIS httpd7.5

445 / tcp

1641389631 | 2025-04-04T10:51:55.904860

587 / tcp

755258435 | 2025-04-02T01:13:43.766932

MailEnable smptd10.30--

Products

Pricing

Contact Us

180.149.242.170

Last Seen: 2025-04-04

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

21 / tcp -370734890 | 2025-04-02T14:08:21.733003

Microsoft ftpd

25 / tcp -686327078 | 2025-03-12T15:21:37.893861

MailEnable smptd10.30--

80 / tcp 1647655105 | 2025-03-13T20:45:46.386073

Hashes

Microsoft IIS httpd7.5

110 / tcp -471102630 | 2025-03-23T19:32:25.140203

MailEnable POP3 Server

135 / tcp -1963902643 | 2025-03-28T00:15:25.483999

Microsoft RPC Endpoint Mapper

143 / tcp 1281310413 | 2025-04-02T10:26:47.726098

443 / tcp 276016863 | 2025-03-29T13:31:00.662773

Hashes

Microsoft IIS httpd7.5

445 / tcp 1641389631 | 2025-04-04T10:51:55.904860

587 / tcp 755258435 | 2025-04-02T01:13:43.766932

MailEnable smptd10.30--

Products

Pricing

Contact Us

Vulnerabilities

21 / tcp

-370734890 | 2025-04-02T14:08:21.733003

25 / tcp

-686327078 | 2025-03-12T15:21:37.893861

80 / tcp

1647655105 | 2025-03-13T20:45:46.386073

110 / tcp

-471102630 | 2025-03-23T19:32:25.140203

135 / tcp

-1963902643 | 2025-03-28T00:15:25.483999

143 / tcp

1281310413 | 2025-04-02T10:26:47.726098

443 / tcp

276016863 | 2025-03-29T13:31:00.662773

445 / tcp

1641389631 | 2025-04-04T10:51:55.904860

587 / tcp

755258435 | 2025-04-02T01:13:43.766932