1552078160 | 2024-10-08T03:36:41.634544
21 /
tcp
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 06:36. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 5 minutes of inactivity.
530 Login authentication failed
214-The following SITE commands are recognized
ALIAS
CHMOD
IDLE
UTIME
214 Pure-FTPd - http://pureftpd.org/
211-Extensions supported:
EPRT
IDLE
MDTM
SIZE
MFMT
REST STREAM
MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
MLSD
AUTH TLS
PBSZ
PROT
UTF8
ESTA
PASV
EPSV
SPSV
ESTP
211 End.
-602224915 | 2024-10-27T10:24:40.751640
80 /
tcp
HTTP/1.1 404 Not Found
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=idCI7Wu54CUdJfz6; Domain=.131.66; Path=/; Expires=Sun, 27-Oct-2024 10:44:40 GMT
Set-Cookie: __ddg9_=224.147.90.215; Domain=.131.66; Path=/; Expires=Sun, 27-Oct-2024 10:44:40 GMT
Set-Cookie: __ddg10_=1730024680; Domain=.131.66; Path=/; Expires=Sun, 27-Oct-2024 10:44:40 GMT
Set-Cookie: __ddg1_=ueYPvF2yNydTt0rVGZZM; Domain=.131.66; HttpOnly; Path=/; Expires=Mon, 27-Oct-2025 10:24:40 GMT
Date: Sun, 27 Oct 2024 10:24:40 GMT
Content-Type: text/html
Vary: Accept-Encoding
Transfer-Encoding: chunked
-602224915 | 2024-10-22T20:46:28.060488
443 /
tcp
HTTP/1.1 404 Not Found
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=vVaz7iRgT9ItzU4c; Domain=.131.66; Path=/; Expires=Tue, 22-Oct-2024 21:06:27 GMT
Set-Cookie: __ddg9_=224.192.126.188; Domain=.131.66; Path=/; Expires=Tue, 22-Oct-2024 21:06:27 GMT
Set-Cookie: __ddg10_=1729629987; Domain=.131.66; Path=/; Expires=Tue, 22-Oct-2024 21:06:27 GMT
Set-Cookie: __ddg1_=5pYN1yddajBZbUfiR1pL; Domain=.131.66; HttpOnly; Path=/; Expires=Wed, 22-Oct-2025 20:46:27 GMT
Date: Tue, 22 Oct 2024 20:46:27 GMT
Content-Type: text/html
Vary: Accept-Encoding
Transfer-Encoding: chunked
SSL Certificate
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
fa:70:3a:df:fb:98:7c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=EU, ST=*, O=ddos-guard
Validity
Not Before: Mar 28 19:26:13 2018 GMT
Not After : Mar 25 19:26:13 2028 GMT
Subject: C=EU, ST=*, O=ddos-guard
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cc:ac:da:58:7f:fa:4a:53:b3:00:48:3d:6a:78:
0e:36:a1:05:d4:e8:fa:5d:46:34:6c:3e:eb:d1:12:
c3:e0:b1:42:27:3f:a2:8e:3f:2d:bd:83:2b:9c:0b:
9d:45:5d:bd:70:fb:1d:f3:55:ef:74:2f:a2:83:b4:
d0:1b:a1:8c:c2:93:4c:19:fe:8b:90:15:a9:23:28:
73:c6:92:41:8b:96:e4:ac:5f:57:72:08:af:3a:14:
78:be:7d:93:3c:38:ed:29:d2:fc:82:78:af:bf:53:
4e:70:90:8f:94:29:20:04:74:d6:42:35:a6:b7:3d:
a6:55:3e:05:eb:79:16:c9:21:98:2e:aa:7a:23:b5:
bf:f5:1c:7c:78:c0:cc:2f:ea:3b:cc:59:cf:d2:48:
7a:cb:03:89:6b:8c:87:59:03:f0:58:cb:df:75:7c:
bd:b9:8e:04:2f:a4:34:4f:1d:cc:87:9c:06:4d:9f:
50:d5:c4:0b:88:6c:e7:b0:a6:ae:6d:8f:6b:cc:7e:
ae:da:26:ff:64:dd:d9:82:d1:fc:26:dc:c3:f0:0f:
15:d2:ce:9e:dd:c4:25:cc:bb:cd:52:b3:1c:ef:22:
cf:9e:97:3b:df:c6:60:10:cd:84:90:bd:da:67:21:
a8:f0:29:29:03:07:07:e8:93:94:24:a9:ab:39:0e:
d3:7b
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
31:76:25:0c:6e:d3:09:c5:de:5f:77:d9:d7:34:05:72:e8:5d:
37:db:3e:31:84:07:83:a0:d7:b9:c1:51:87:10:9f:2e:ab:18:
97:dd:35:6c:48:f2:49:9c:02:46:5a:2f:f9:13:bf:52:e3:84:
cf:fa:0b:2d:fc:cc:30:5d:95:c1:e0:2b:11:c3:2d:d0:a8:1e:
6c:d4:d9:9e:74:53:3d:04:e0:6e:7b:66:0f:12:e1:5c:db:44:
70:1e:3d:a2:e9:2e:3e:76:81:c9:78:bb:90:2b:7c:07:88:ef:
bf:e5:e5:2e:f4:a0:79:39:5a:d8:f4:14:fc:70:19:b1:8f:aa:
73:17:08:89:5a:03:51:5d:f2:f3:af:84:94:9b:a7:d0:32:a9:
b5:dd:cc:82:0b:34:5a:86:b1:90:15:d3:d4:d9:39:11:96:b5:
e0:99:0c:21:a0:e6:af:1e:7b:c1:a2:0a:f3:0f:85:3c:8f:42:
3c:c8:e7:9b:48:6a:6b:a4:a7:a1:c0:68:73:4e:8c:e0:d7:df:
c8:99:a8:6b:bb:5f:5a:38:3e:36:bf:60:bb:e6:d5:88:53:f5:
92:cc:e8:c5:c3:7c:da:e5:3c:72:c1:f6:81:0c:bb:33:02:68:
e8:4d:f9:40:89:df:d1:33:54:83:03:3b:b1:23:8f:78:0b:37:
70:1a:6d:69
-1705915771 | 2024-10-09T06:51:18.011863
465 /
tcp
220 a0367340-dedic.from.sh
250-a0367340-dedic.from.sh Hello nuxb9unrcgmpl.com [224.27.52.141]
250-SIZE 52428800
250-8BITMIME
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:df:4f:47:14:79:d6:f3:7d:79:3b:21:ba:44:4d:a8:30:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R10
Validity
Not Before: Aug 14 21:05:23 2024 GMT
Not After : Nov 12 21:05:22 2024 GMT
Subject: CN=from.sh
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a3:44:b3:08:d6:e7:fa:50:7e:06:ff:4c:36:b0:
70:e5:42:e1:5c:08:70:85:61:8d:39:7f:8d:c9:cf:
27:f5:04:ad:40:e7:fd:5e:33:40:02:79:f5:e4:43:
3a:cd:78:b3:f0:97:b6:68:0f:5c:06:59:ba:2c:6e:
63:94:33:21:26:f9:cb:99:26:5d:c4:6b:1c:94:c3:
27:03:9a:27:bc:92:ec:d2:be:64:64:c7:c9:3d:0b:
1c:d6:08:cd:63:96:1d:1c:68:5f:e7:00:04:77:3a:
e8:dd:c3:ca:ad:11:be:5e:ed:d5:d2:bd:90:2a:b9:
0e:51:9e:df:78:54:01:f2:1d:d9:cb:a2:37:af:3f:
a4:a1:73:e4:a7:49:fb:c5:12:e1:de:8e:a5:86:43:
c5:30:8f:55:81:d6:e9:9f:fb:33:20:3a:73:12:0e:
50:7a:23:3e:89:aa:fa:05:03:79:fa:e9:9e:07:74:
e6:75:f8:c7:ea:db:1b:6e:5d:a2:b1:9e:22:96:35:
06:b1:eb:04:55:d0:f0:8f:04:69:c0:65:d3:aa:cc:
4e:b7:f7:e9:61:bd:eb:8d:c1:e4:82:0b:c7:05:3e:
8e:20:7b:d3:65:c1:c3:c1:7e:3f:b4:2c:b5:75:dc:
e0:cf:83:c6:47:45:23:08:b0:5c:40:d7:62:5f:e6:
ee:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
20:2E:E4:98:70:43:38:8C:AE:C2:7A:DB:CB:D4:38:54:78:A5:11:06
X509v3 Authority Key Identifier:
BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
Authority Information Access:
OCSP - URI:http://r10.o.lencr.org
CA Issuers - URI:http://r10.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:*.from.sh, DNS:from.sh
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Aug 14 22:03:53.513 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:8A:08:28:31:26:5E:A8:BF:D1:51:46:
FA:64:1A:D0:A7:96:A5:BC:92:4A:92:A0:B4:5A:45:13:
00:69:0A:F7:61:02:20:7A:16:56:7F:87:6D:F6:9D:04:
0D:D8:02:32:47:0A:79:A9:28:0E:D4:AB:5D:78:90:C7:
42:E0:25:C0:0D:9D:B7
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Aug 14 22:03:53.517 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:E2:3C:B2:19:71:2B:D9:97:12:0A:1C:
AB:14:0A:5E:0A:0B:DA:FA:CE:D6:71:2B:F7:87:DE:B0:
8C:3F:8A:41:0A:02:20:68:C9:69:9F:C4:8D:7A:6E:81:
DF:E2:F2:25:50:CB:75:3F:9B:76:CF:BF:D7:5B:D4:92:
AD:7F:EC:4A:FA:34:98
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
7c:b8:cb:4e:06:82:54:c3:ca:83:ee:56:34:90:6a:39:e8:b9:
bd:84:b7:30:75:c3:4b:aa:67:7e:80:93:e7:f5:1f:0a:e1:8b:
b8:fc:12:bb:f6:ed:0f:1f:bc:ef:6a:bd:1f:46:13:4b:bc:cb:
13:f0:0a:85:3f:4e:c5:0e:3e:3d:2b:58:65:40:47:85:25:be:
85:e4:bb:b3:39:de:0e:51:6e:06:70:5e:3b:99:86:bc:4d:d8:
ad:fb:0b:4e:fc:12:b3:5f:e8:4a:bd:06:ae:fb:8f:da:b0:34:
9e:b3:5d:eb:51:08:bd:42:63:4c:77:94:41:ca:c4:0b:de:83:
a4:69:a5:fd:84:74:e6:94:0d:51:4d:c4:1e:d0:6a:05:aa:15:
6f:8b:b3:6b:52:e0:8b:9e:b3:1c:6d:c2:37:b1:dd:20:38:d0:
da:5d:ab:e9:53:c8:96:e9:4c:d1:67:3a:02:6d:97:de:12:29:
31:b6:1d:99:92:ed:08:84:56:50:fa:6a:91:b7:41:cd:1c:31:
ac:ae:8d:f7:f5:7e:e3:d2:e8:25:ba:b5:bb:69:73:25:c9:cc:
56:86:77:16:f3:95:4b:3c:f4:b2:e5:cd:0b:a5:98:6b:9b:d1:
41:e2:9d:31:0b:c6:44:e2:ca:b2:0a:9f:8d:56:89:ff:65:dc:
cd:0b:0e:46
944101987 | 2024-09-29T07:37:05.177691
3306 /
tcp
MySQL:
Error Message: Host '224.193.11.131' is not allowed to connect to this MySQL server
Error Code: 1130
2030450397 | 2024-10-08T20:15:33.292998
4190 /
tcp
"IMPLEMENTATION" "Dovecot Pigeonhole"\r\n"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext spamtest spamtestplus editheader mboxmetadata servermetadata imapflags imapsieve vnd.dovecot.imapsieve"\r\n"NOTIFY" "mailto"\r\n"SASL" "PLAIN"\r\n"STARTTLS"\r\n"VERSION" "1.0"\r\nOK "Dovecot ready."\r\n