Hostnames |
ip-194-240-180-207.static.contabo.net vmi222781.contaboserver.net s1.exploit.ro autoconfig.s1.exploit.ro autodiscover.s1.exploit.ro cpanel.s1.exploit.ro cpcalendars.s1.exploit.ro cpcontacts.s1.exploit.ro ipv6.s1.exploit.ro mail.s1.exploit.ro webdisk.s1.exploit.ro webmail.s1.exploit.ro whm.s1.exploit.ro www.s1.exploit.ro |
Domains | contabo.net contaboserver.net exploit.ro |
Country | Germany |
City | Frankfurt am Main |
Organization | Contabo GmbH |
ISP | Contabo GmbH |
ASN | AS51167 |
-1179451855 | 2024-10-07T21:28:52.25299421 / tcp
220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 00:28. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 530 Login authentication failed 214-The following SITE commands are recognized ALIAS CHMOD IDLE UTIME 214 Pure-FTPd - http://pureftpd.org/ 211-Extensions supported: UTF8 EPRT IDLE MDTM SIZE MFMT REST STREAM MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*; MLSD PRET AUTH TLS PBSZ PROT TVFS ESTA PASV EPSV ESTP 211 End.
Certificate: Data: Version: 3 (0x2) Serial Number: 03:ab:52:ce:b9:a8:0c:ba:59:93:79:bc:7b:04:4a:d4:7d:71 Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R10 Validity Not Before: Oct 1 08:01:20 2024 GMT Not After : Dec 30 08:01:19 2024 GMT Subject: CN=s1.exploit.ro Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:b7:d5:fd:7c:0f:c8:f6:b6:8c:bf:9c:72:9f:3b: 97:84:95:c6:e1:cf:59:11:fb:28:5d:b3:f1:dc:38: c2:90:dc:0e:14:85:34:cd:66:5c:04:d7:29:99:2a: c9:f4:28:8c:38:96:4d:e8:fd:16:c3:fe:14:27:22: a2:8b:15:55:84:54:f7:d3:63:e7:f3:44:83:5c:3a: 68:00:6d:3c:e0:08:47:09:d5:d6:6f:d3:15:0a:b0: 54:b2:43:49:3a:c0:0b:66:41:3b:95:b5:b5:4f:9f: 4c:da:26:51:8f:cf:cc:4e:10:a2:a1:ee:cb:12:12: 21:96:b6:38:74:8b:b8:51:59:c1:49:eb:41:29:7b: 60:15:ff:cd:93:0f:96:0e:9e:14:c9:1d:59:f2:2a: c2:08:a7:0e:e6:20:82:78:a2:90:c5:7d:32:4c:a3: c8:51:a3:de:e6:39:1f:c5:c5:59:9f:80:11:c9:ae: 59:cf:77:72:3a:65:cf:75:79:9d:d8:98:5e:19:dc: d4:5f:7f:f5:06:8b:54:94:db:4a:53:c2:d3:6f:2e: e6:f8:e5:d3:5e:0d:0b:19:11:85:a0:c4:29:da:f1: 9f:76:fb:0f:8d:d0:e1:80:65:98:2c:91:45:14:aa: c2:28:ec:4f:07:57:62:cc:02:58:43:d4:32:ec:9c: 07:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: E3:F0:02:99:1B:7F:6C:5B:BE:E1:87:19:81:85:B3:43:40:EE:26:34 X509v3 Authority Key Identifier: BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8 Authority Information Access: OCSP - URI:http://r10.o.lencr.org CA Issuers - URI:http://r10.i.lencr.org/ X509v3 Subject Alternative Name: DNS:autoconfig.s1.exploit.ro, DNS:autodiscover.s1.exploit.ro, DNS:cpanel.s1.exploit.ro, DNS:cpcalendars.s1.exploit.ro, DNS:cpcontacts.s1.exploit.ro, DNS:ipv6.s1.exploit.ro, DNS:mail.s1.exploit.ro, DNS:s1.exploit.ro, DNS:vmi222781.contaboserver.net, DNS:webdisk.s1.exploit.ro, DNS:webmail.s1.exploit.ro, DNS:whm.s1.exploit.ro, DNS:www.s1.exploit.ro X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53: D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7 Timestamp : Oct 1 08:59:50.408 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:DB:02:C2:28:52:71:27:DC:07:C8:CF: 41:60:96:15:73:15:D5:18:6F:1E:F8:64:82:EB:A8:2B: 63:85:AB:3A:27:02:20:05:97:19:D2:70:0B:FE:09:B4: 71:69:0B:35:AF:07:5E:61:DB:B2:94:BA:DC:44:0C:19: BB:85:85:10:AA:89:AE Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32: 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C Timestamp : Oct 1 08:59:50.607 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:60:70:83:C6:4A:FD:67:90:9E:D3:D3:9C: DF:3A:8B:4C:79:50:3A:35:8A:2C:63:E2:AE:FD:8B:4A: 67:DC:FF:BC:02:21:00:8C:A1:B2:03:5F:0D:58:E6:C3: 90:F9:BE:4D:D3:2B:83:FE:36:8E:F7:81:28:34:A6:98: 7D:13:BD:49:59:5C:42 Signature Algorithm: sha256WithRSAEncryption Signature Value: 96:91:df:b5:91:30:3c:36:61:b1:bc:f0:23:75:e1:e7:32:10: bb:dd:33:c8:3c:00:bd:4c:3d:c6:bf:f0:56:e8:db:af:26:97: a7:60:92:03:66:4e:e5:c0:58:d1:ab:df:60:7b:aa:47:66:5a: 46:a5:6c:d4:09:cf:05:86:e3:09:a0:ca:ad:e9:7b:91:83:cc: 1b:d8:7f:77:99:78:56:8d:1d:a3:94:a2:3e:9e:bd:d7:dd:a9: 0a:44:58:e9:27:a6:94:42:5e:31:ea:21:a4:34:d8:25:24:d3: 44:c0:4f:20:62:8e:07:af:87:e7:e2:a7:31:8e:7e:bf:51:ea: 57:ed:63:78:3b:4c:82:dc:db:6a:e9:62:c8:47:8f:8e:15:a8: 23:ae:fd:ba:44:72:c8:c2:60:ac:40:98:fb:33:7f:e4:d6:9d: 27:e1:6c:e9:ce:90:a0:ec:ce:f7:b9:33:6b:40:bd:ec:cb:48: be:9a:10:21:c7:c4:09:21:9c:85:8b:60:d0:a9:a3:0a:5f:93: fa:7a:be:30:1c:06:fc:39:5a:67:9e:1a:47:be:6e:3b:79:f4: a2:30:fb:ce:fd:09:98:98:b9:2d:60:df:21:eb:3b:c6:bf:df: 64:73:7e:09:f7:4e:4c:56:22:77:3f:f3:08:f5:3b:10:51:99: 63:b0:ce:71
1952082069 | 2024-10-09T03:39:06.091586110 / tcp
+OK Dovecot ready. +OK CAPA TOP UIDL RESP-CODES PIPELINING AUTH-RESP-CODE STLS USER SASL PLAIN LOGIN .
Certificate: Data: Version: 3 (0x2) Serial Number: 03:ab:52:ce:b9:a8:0c:ba:59:93:79:bc:7b:04:4a:d4:7d:71 Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R10 Validity Not Before: Oct 1 08:01:20 2024 GMT Not After : Dec 30 08:01:19 2024 GMT Subject: CN=s1.exploit.ro Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:b7:d5:fd:7c:0f:c8:f6:b6:8c:bf:9c:72:9f:3b: 97:84:95:c6:e1:cf:59:11:fb:28:5d:b3:f1:dc:38: c2:90:dc:0e:14:85:34:cd:66:5c:04:d7:29:99:2a: c9:f4:28:8c:38:96:4d:e8:fd:16:c3:fe:14:27:22: a2:8b:15:55:84:54:f7:d3:63:e7:f3:44:83:5c:3a: 68:00:6d:3c:e0:08:47:09:d5:d6:6f:d3:15:0a:b0: 54:b2:43:49:3a:c0:0b:66:41:3b:95:b5:b5:4f:9f: 4c:da:26:51:8f:cf:cc:4e:10:a2:a1:ee:cb:12:12: 21:96:b6:38:74:8b:b8:51:59:c1:49:eb:41:29:7b: 60:15:ff:cd:93:0f:96:0e:9e:14:c9:1d:59:f2:2a: c2:08:a7:0e:e6:20:82:78:a2:90:c5:7d:32:4c:a3: c8:51:a3:de:e6:39:1f:c5:c5:59:9f:80:11:c9:ae: 59:cf:77:72:3a:65:cf:75:79:9d:d8:98:5e:19:dc: d4:5f:7f:f5:06:8b:54:94:db:4a:53:c2:d3:6f:2e: e6:f8:e5:d3:5e:0d:0b:19:11:85:a0:c4:29:da:f1: 9f:76:fb:0f:8d:d0:e1:80:65:98:2c:91:45:14:aa: c2:28:ec:4f:07:57:62:cc:02:58:43:d4:32:ec:9c: 07:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: E3:F0:02:99:1B:7F:6C:5B:BE:E1:87:19:81:85:B3:43:40:EE:26:34 X509v3 Authority Key Identifier: BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8 Authority Information Access: OCSP - URI:http://r10.o.lencr.org CA Issuers - URI:http://r10.i.lencr.org/ X509v3 Subject Alternative Name: DNS:autoconfig.s1.exploit.ro, DNS:autodiscover.s1.exploit.ro, DNS:cpanel.s1.exploit.ro, DNS:cpcalendars.s1.exploit.ro, DNS:cpcontacts.s1.exploit.ro, DNS:ipv6.s1.exploit.ro, DNS:mail.s1.exploit.ro, DNS:s1.exploit.ro, DNS:vmi222781.contaboserver.net, DNS:webdisk.s1.exploit.ro, DNS:webmail.s1.exploit.ro, DNS:whm.s1.exploit.ro, DNS:www.s1.exploit.ro X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53: D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7 Timestamp : Oct 1 08:59:50.408 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:DB:02:C2:28:52:71:27:DC:07:C8:CF: 41:60:96:15:73:15:D5:18:6F:1E:F8:64:82:EB:A8:2B: 63:85:AB:3A:27:02:20:05:97:19:D2:70:0B:FE:09:B4: 71:69:0B:35:AF:07:5E:61:DB:B2:94:BA:DC:44:0C:19: BB:85:85:10:AA:89:AE Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32: 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C Timestamp : Oct 1 08:59:50.607 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:60:70:83:C6:4A:FD:67:90:9E:D3:D3:9C: DF:3A:8B:4C:79:50:3A:35:8A:2C:63:E2:AE:FD:8B:4A: 67:DC:FF:BC:02:21:00:8C:A1:B2:03:5F:0D:58:E6:C3: 90:F9:BE:4D:D3:2B:83:FE:36:8E:F7:81:28:34:A6:98: 7D:13:BD:49:59:5C:42 Signature Algorithm: sha256WithRSAEncryption Signature Value: 96:91:df:b5:91:30:3c:36:61:b1:bc:f0:23:75:e1:e7:32:10: bb:dd:33:c8:3c:00:bd:4c:3d:c6:bf:f0:56:e8:db:af:26:97: a7:60:92:03:66:4e:e5:c0:58:d1:ab:df:60:7b:aa:47:66:5a: 46:a5:6c:d4:09:cf:05:86:e3:09:a0:ca:ad:e9:7b:91:83:cc: 1b:d8:7f:77:99:78:56:8d:1d:a3:94:a2:3e:9e:bd:d7:dd:a9: 0a:44:58:e9:27:a6:94:42:5e:31:ea:21:a4:34:d8:25:24:d3: 44:c0:4f:20:62:8e:07:af:87:e7:e2:a7:31:8e:7e:bf:51:ea: 57:ed:63:78:3b:4c:82:dc:db:6a:e9:62:c8:47:8f:8e:15:a8: 23:ae:fd:ba:44:72:c8:c2:60:ac:40:98:fb:33:7f:e4:d6:9d: 27:e1:6c:e9:ce:90:a0:ec:ce:f7:b9:33:6b:40:bd:ec:cb:48: be:9a:10:21:c7:c4:09:21:9c:85:8b:60:d0:a9:a3:0a:5f:93: fa:7a:be:30:1c:06:fc:39:5a:67:9e:1a:47:be:6e:3b:79:f4: a2:30:fb:ce:fd:09:98:98:b9:2d:60:df:21:eb:3b:c6:bf:df: 64:73:7e:09:f7:4e:4c:56:22:77:3f:f3:08:f5:3b:10:51:99: 63:b0:ce:71
1260250204 | 2024-10-20T22:26:45.339950443 / tcp
HTTP/1.1 200 OK Server: nginx Date: Sun, 20 Oct 2024 22:26:44 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 76374 Connection: keep-alive Vary: Accept-Encoding Vary: X-Forwarded-Proto,Accept-Encoding,User-Agent Last-Modified: Sun, 20 Oct 2024 20:38:11 GMT ETag: "12a56-624ee83c62cab" Referrer-Policy: no-referrer-when-downgrade Pragma: public Cache-Control: max-age=3600, public Accept-Ranges: bytes
Certificate: Data: Version: 3 (0x2) Serial Number: 03:ab:52:ce:b9:a8:0c:ba:59:93:79:bc:7b:04:4a:d4:7d:71 Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R10 Validity Not Before: Oct 1 08:01:20 2024 GMT Not After : Dec 30 08:01:19 2024 GMT Subject: CN=s1.exploit.ro Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:b7:d5:fd:7c:0f:c8:f6:b6:8c:bf:9c:72:9f:3b: 97:84:95:c6:e1:cf:59:11:fb:28:5d:b3:f1:dc:38: c2:90:dc:0e:14:85:34:cd:66:5c:04:d7:29:99:2a: c9:f4:28:8c:38:96:4d:e8:fd:16:c3:fe:14:27:22: a2:8b:15:55:84:54:f7:d3:63:e7:f3:44:83:5c:3a: 68:00:6d:3c:e0:08:47:09:d5:d6:6f:d3:15:0a:b0: 54:b2:43:49:3a:c0:0b:66:41:3b:95:b5:b5:4f:9f: 4c:da:26:51:8f:cf:cc:4e:10:a2:a1:ee:cb:12:12: 21:96:b6:38:74:8b:b8:51:59:c1:49:eb:41:29:7b: 60:15:ff:cd:93:0f:96:0e:9e:14:c9:1d:59:f2:2a: c2:08:a7:0e:e6:20:82:78:a2:90:c5:7d:32:4c:a3: c8:51:a3:de:e6:39:1f:c5:c5:59:9f:80:11:c9:ae: 59:cf:77:72:3a:65:cf:75:79:9d:d8:98:5e:19:dc: d4:5f:7f:f5:06:8b:54:94:db:4a:53:c2:d3:6f:2e: e6:f8:e5:d3:5e:0d:0b:19:11:85:a0:c4:29:da:f1: 9f:76:fb:0f:8d:d0:e1:80:65:98:2c:91:45:14:aa: c2:28:ec:4f:07:57:62:cc:02:58:43:d4:32:ec:9c: 07:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: E3:F0:02:99:1B:7F:6C:5B:BE:E1:87:19:81:85:B3:43:40:EE:26:34 X509v3 Authority Key Identifier: BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8 Authority Information Access: OCSP - URI:http://r10.o.lencr.org CA Issuers - URI:http://r10.i.lencr.org/ X509v3 Subject Alternative Name: DNS:autoconfig.s1.exploit.ro, DNS:autodiscover.s1.exploit.ro, DNS:cpanel.s1.exploit.ro, DNS:cpcalendars.s1.exploit.ro, DNS:cpcontacts.s1.exploit.ro, DNS:ipv6.s1.exploit.ro, DNS:mail.s1.exploit.ro, DNS:s1.exploit.ro, DNS:vmi222781.contaboserver.net, DNS:webdisk.s1.exploit.ro, DNS:webmail.s1.exploit.ro, DNS:whm.s1.exploit.ro, DNS:www.s1.exploit.ro X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53: D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7 Timestamp : Oct 1 08:59:50.408 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:DB:02:C2:28:52:71:27:DC:07:C8:CF: 41:60:96:15:73:15:D5:18:6F:1E:F8:64:82:EB:A8:2B: 63:85:AB:3A:27:02:20:05:97:19:D2:70:0B:FE:09:B4: 71:69:0B:35:AF:07:5E:61:DB:B2:94:BA:DC:44:0C:19: BB:85:85:10:AA:89:AE Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32: 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C Timestamp : Oct 1 08:59:50.607 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:60:70:83:C6:4A:FD:67:90:9E:D3:D3:9C: DF:3A:8B:4C:79:50:3A:35:8A:2C:63:E2:AE:FD:8B:4A: 67:DC:FF:BC:02:21:00:8C:A1:B2:03:5F:0D:58:E6:C3: 90:F9:BE:4D:D3:2B:83:FE:36:8E:F7:81:28:34:A6:98: 7D:13:BD:49:59:5C:42 Signature Algorithm: sha256WithRSAEncryption Signature Value: 96:91:df:b5:91:30:3c:36:61:b1:bc:f0:23:75:e1:e7:32:10: bb:dd:33:c8:3c:00:bd:4c:3d:c6:bf:f0:56:e8:db:af:26:97: a7:60:92:03:66:4e:e5:c0:58:d1:ab:df:60:7b:aa:47:66:5a: 46:a5:6c:d4:09:cf:05:86:e3:09:a0:ca:ad:e9:7b:91:83:cc: 1b:d8:7f:77:99:78:56:8d:1d:a3:94:a2:3e:9e:bd:d7:dd:a9: 0a:44:58:e9:27:a6:94:42:5e:31:ea:21:a4:34:d8:25:24:d3: 44:c0:4f:20:62:8e:07:af:87:e7:e2:a7:31:8e:7e:bf:51:ea: 57:ed:63:78:3b:4c:82:dc:db:6a:e9:62:c8:47:8f:8e:15:a8: 23:ae:fd:ba:44:72:c8:c2:60:ac:40:98:fb:33:7f:e4:d6:9d: 27:e1:6c:e9:ce:90:a0:ec:ce:f7:b9:33:6b:40:bd:ec:cb:48: be:9a:10:21:c7:c4:09:21:9c:85:8b:60:d0:a9:a3:0a:5f:93: fa:7a:be:30:1c:06:fc:39:5a:67:9e:1a:47:be:6e:3b:79:f4: a2:30:fb:ce:fd:09:98:98:b9:2d:60:df:21:eb:3b:c6:bf:df: 64:73:7e:09:f7:4e:4c:56:22:77:3f:f3:08:f5:3b:10:51:99: 63:b0:ce:71
386914577 | 2024-10-16T08:17:29.5482532077 / tcp
HTTP/1.1 302 Moved Date: Wed, 16 Oct 2024 08:17:29 GMT Server: cPanel Persistent-Auth: false Host: 207.180.240.194:2077 Cache-Control: no-cache, no-store, must-revalidate, private Connection: close Location: https://s1.exploit.ro:2078/ Vary: Accept-Encoding Expires: Fri, 01 Jan 1990 00:00:00 GMT X-Redirect-Reason: requiressl
412477017 | 2024-10-24T17:27:47.9126492079 / tcp
HTTP/1.1 302 Moved Date: Thu, 24 Oct 2024 17:27:47 GMT Server: cPanel Persistent-Auth: false Host: 207.180.240.194:2079 Connection: close Location: https://s1.exploit.ro:2080/ X-Redirect-Reason: requiressl
1787633765 | 2024-10-23T21:27:08.2361402083 / tcp
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset="utf-8" Date: Wed, 23 Oct 2024 21:27:08 GMT Cache-Control: no-cache, no-store, must-revalidate, private Pragma: no-cache Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: cpsession=%3ace04zYFbPBI81Ase%2c9fdd092a89ceecabff196111a764adc0; HttpOnly; path=/; port=2083; secure Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=207.180.240.194; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Content-Length: 37694
Certificate: Data: Version: 3 (0x2) Serial Number: 03:ab:52:ce:b9:a8:0c:ba:59:93:79:bc:7b:04:4a:d4:7d:71 Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R10 Validity Not Before: Oct 1 08:01:20 2024 GMT Not After : Dec 30 08:01:19 2024 GMT Subject: CN=s1.exploit.ro Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:b7:d5:fd:7c:0f:c8:f6:b6:8c:bf:9c:72:9f:3b: 97:84:95:c6:e1:cf:59:11:fb:28:5d:b3:f1:dc:38: c2:90:dc:0e:14:85:34:cd:66:5c:04:d7:29:99:2a: c9:f4:28:8c:38:96:4d:e8:fd:16:c3:fe:14:27:22: a2:8b:15:55:84:54:f7:d3:63:e7:f3:44:83:5c:3a: 68:00:6d:3c:e0:08:47:09:d5:d6:6f:d3:15:0a:b0: 54:b2:43:49:3a:c0:0b:66:41:3b:95:b5:b5:4f:9f: 4c:da:26:51:8f:cf:cc:4e:10:a2:a1:ee:cb:12:12: 21:96:b6:38:74:8b:b8:51:59:c1:49:eb:41:29:7b: 60:15:ff:cd:93:0f:96:0e:9e:14:c9:1d:59:f2:2a: c2:08:a7:0e:e6:20:82:78:a2:90:c5:7d:32:4c:a3: c8:51:a3:de:e6:39:1f:c5:c5:59:9f:80:11:c9:ae: 59:cf:77:72:3a:65:cf:75:79:9d:d8:98:5e:19:dc: d4:5f:7f:f5:06:8b:54:94:db:4a:53:c2:d3:6f:2e: e6:f8:e5:d3:5e:0d:0b:19:11:85:a0:c4:29:da:f1: 9f:76:fb:0f:8d:d0:e1:80:65:98:2c:91:45:14:aa: c2:28:ec:4f:07:57:62:cc:02:58:43:d4:32:ec:9c: 07:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: E3:F0:02:99:1B:7F:6C:5B:BE:E1:87:19:81:85:B3:43:40:EE:26:34 X509v3 Authority Key Identifier: BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8 Authority Information Access: OCSP - URI:http://r10.o.lencr.org CA Issuers - URI:http://r10.i.lencr.org/ X509v3 Subject Alternative Name: DNS:autoconfig.s1.exploit.ro, DNS:autodiscover.s1.exploit.ro, DNS:cpanel.s1.exploit.ro, DNS:cpcalendars.s1.exploit.ro, DNS:cpcontacts.s1.exploit.ro, DNS:ipv6.s1.exploit.ro, DNS:mail.s1.exploit.ro, DNS:s1.exploit.ro, DNS:vmi222781.contaboserver.net, DNS:webdisk.s1.exploit.ro, DNS:webmail.s1.exploit.ro, DNS:whm.s1.exploit.ro, DNS:www.s1.exploit.ro X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53: D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7 Timestamp : Oct 1 08:59:50.408 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:DB:02:C2:28:52:71:27:DC:07:C8:CF: 41:60:96:15:73:15:D5:18:6F:1E:F8:64:82:EB:A8:2B: 63:85:AB:3A:27:02:20:05:97:19:D2:70:0B:FE:09:B4: 71:69:0B:35:AF:07:5E:61:DB:B2:94:BA:DC:44:0C:19: BB:85:85:10:AA:89:AE Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32: 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C Timestamp : Oct 1 08:59:50.607 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:60:70:83:C6:4A:FD:67:90:9E:D3:D3:9C: DF:3A:8B:4C:79:50:3A:35:8A:2C:63:E2:AE:FD:8B:4A: 67:DC:FF:BC:02:21:00:8C:A1:B2:03:5F:0D:58:E6:C3: 90:F9:BE:4D:D3:2B:83:FE:36:8E:F7:81:28:34:A6:98: 7D:13:BD:49:59:5C:42 Signature Algorithm: sha256WithRSAEncryption Signature Value: 96:91:df:b5:91:30:3c:36:61:b1:bc:f0:23:75:e1:e7:32:10: bb:dd:33:c8:3c:00:bd:4c:3d:c6:bf:f0:56:e8:db:af:26:97: a7:60:92:03:66:4e:e5:c0:58:d1:ab:df:60:7b:aa:47:66:5a: 46:a5:6c:d4:09:cf:05:86:e3:09:a0:ca:ad:e9:7b:91:83:cc: 1b:d8:7f:77:99:78:56:8d:1d:a3:94:a2:3e:9e:bd:d7:dd:a9: 0a:44:58:e9:27:a6:94:42:5e:31:ea:21:a4:34:d8:25:24:d3: 44:c0:4f:20:62:8e:07:af:87:e7:e2:a7:31:8e:7e:bf:51:ea: 57:ed:63:78:3b:4c:82:dc:db:6a:e9:62:c8:47:8f:8e:15:a8: 23:ae:fd:ba:44:72:c8:c2:60:ac:40:98:fb:33:7f:e4:d6:9d: 27:e1:6c:e9:ce:90:a0:ec:ce:f7:b9:33:6b:40:bd:ec:cb:48: be:9a:10:21:c7:c4:09:21:9c:85:8b:60:d0:a9:a3:0a:5f:93: fa:7a:be:30:1c:06:fc:39:5a:67:9e:1a:47:be:6e:3b:79:f4: a2:30:fb:ce:fd:09:98:98:b9:2d:60:df:21:eb:3b:c6:bf:df: 64:73:7e:09:f7:4e:4c:56:22:77:3f:f3:08:f5:3b:10:51:99: 63:b0:ce:71
-14799601 | 2024-10-08T09:25:50.6756752086 / tcp
HTTP/1.1 200 OK Date: Tue, 08 Oct 2024 09:25:50 GMT Content-Length: 1495 Connection: keep-alive Content-Type: text/html Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Server: imunify360-webshield/1.21
755341072 | 2024-10-13T17:03:23.2835172095 / tcp
HTTP/1.1 301 Moved Content-length: 111 Location: https://s1.exploit.ro:2096/ Content-type: text/html; charset="utf-8" Cache-Control: no-cache, no-store, must-revalidate, private