{"matches": [{"hash": -1970558048, "ip": 1966220670, "isp": "Shanghai UCloud Information Technology Company Lim", "transport": "tcp", "data": "Zookeeper version: 3.4.12-e5259e437540f349646870ea94dc2658c4e44b3b, built on 03/27/2018 03:55 GMT\nClients:\n /117.50.37.126:47148[1](queued=0,recved=3390198,sent=3390198)\n /127.0.0.1:56784[1](queued=0,recved=939930,sent=939931)\n /127.0.0.1:40188[1](queued=0,recved=4425853,sent=4425857)\n /79.211.24.90:52750[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0/49\nReceived: 9868715\nSent: 9868739\nConnections: 4\nOutstanding: 0\nZxid: 0x50\nMode: standalone\nNode count: 23\n", "asn": "AS23724", "port": 2181, "hostnames": [], "location": {"city": null, "region_code": "23", "area_code": null, "longitude": 121.3997, "country_code3": "CHN", "latitude": 31.045600000000007, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:57:08.901935", "domains": [], "org": "China Unicom Beijing", "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": null, "module": "zookeeper", "options": {}}, "ip_str": "117.50.37.126"}, {"info": "SIP end point; Status: 200 OK", "hash": 296682513, "ip": 3729102529, "isp": "China Telecom Shanghai", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=875548-0-13c4-2433-58c2e670-2433\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=73.74.38.137;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer,path\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS4812", "port": 5060, "hostnames": [], "location": {"city": "Shanghai", "region_code": "23", "area_code": null, "longitude": 121.3997, "country_code3": "CHN", "latitude": 31.045600000000007, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:55:58.610052", "domains": [], "org": "China Telecom Shanghai", "os": null, "_shodan": {"crawler": "8b12b9d21d5e4a5a9fa0795990088dea63dff9c6", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "222.69.150.193"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1618571074}, "hash": 266544982, "ip": 2949504180, "isp": "Korea Telecom", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (MASTER2-294AD8) [192.168.0.250] EUC-KR\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR RETR2 STOR \n STOU APPE REST ABOR USER PASS ACCT* REIN* \n LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "176e9ae0-7b53-4961-9d12-65c18302db24", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Cheongju", "region_code": "05", "area_code": null, "longitude": 127.46780000000001, "country_code3": "KOR", "latitude": 36.6353, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:57:43.460186", "domains": [], "org": "Korea Telecom", "os": null, "asn": "AS4766", "ip_str": "175.205.220.180"}, {"hash": 171496029, "ip": 1549230594, "isp": "Telekom Romania Communication S.A", "transport": "tcp", "data": "\\n\\n400 Bad Request\\n\\n

Bad Request

\\n

Your browser sent a request that this server could not understand.
\\n

\\n
\\n
Apache/2.2.15 (CentOS) Server at 127.0.0.1 Port 80
\\n\\n", "asn": "AS9050", "port": 81, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 25.0, "country_code3": "ROU", "latitude": 46.0, "postal_code": null, "dma_code": null, "country_code": "RO", "country_name": "Romania"}, "timestamp": "2019-07-23T20:57:25.276321", "domains": [], "org": "Telekom Romania Communication S.A", "os": null, "_shodan": {"crawler": "c9b639b99e5410a46f656e1508a68f1e6e5d6f99", "ptr": true, "id": "ede7ca2b-5f91-4c1e-86f1-8948cd3784d0", "module": "xtremerat", "options": {}}, "ip_str": "92.87.98.2"}, {"info": "SIP end point; Status: 200 OK", "hash": 387788204, "ip": 1029311356, "isp": "True Internet", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=8a26d0-0-13c4-64f8e-14359b18-64f8e\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=249.109.58.21;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS17552", "port": 5060, "hostnames": ["ppp-61-90-11-124.revip.asianet.co.th"], "location": {"city": "Bangkok", "region_code": "22", "area_code": null, "longitude": 100.5, "country_code3": "THA", "latitude": 13.683300000000003, "postal_code": "10140", "dma_code": null, "country_code": "TH", "country_name": "Thailand"}, "timestamp": "2019-07-23T20:55:32.559852", "domains": ["asianet.co.th"], "org": "True Internet", "os": null, "_shodan": {"crawler": "b0f0de701beef55d9f52a22b2c071d0ea384bc26", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "61.90.11.124"}, {"hash": 361019475, "ip": 1839738189, "org": "KPNQWest Italia S.p.a.", "isp": "KPNQWest Italia S.p.a.", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:56:44 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 27 Jun 2019 07:24:42 GMT\r\nConnection: keep-alive\r\nETag: \"5d146f3a-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:56:44 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS5602", "port": 5001, "ssl": {"dhparams": {"prime": "a29c386b2e0d7e92a16604ee34dcf605f601c5752e37bde325a30b4b26a9bd14c9e9d23d939f2379c8bc61c04f85aa940e2b4fc6713c8403e18d42df5241aed2b258b95d1615f9c97c82fc679da3886c8659329109c1c62ce7a66bb201eebbaa18fb5f8ab27356c756401fe72e17c05e7accecd50b7e5899c5588950fa410bf41c05d3c4f6a4ac20248d1ea1d766bae77387007c41e0e19f538046665b875ba9eff9c382b5c08d60cd9c3fc9239056efcc375a0c3ee7acc9e1263a3abfe971df227480d7c8bfac4daf140c04f5d7e6e7c9cebaa676349d00131ee6da49487f504a425f89de68967452d726dd4427058c83da65086f1aea9fbcc0e44f0808462b", "public_key": "78fbc03d1aee838692a393e0383dcf27c4105203ecbdc97611f7bdcd8bf0ce92b49720306412e6253777ca5905c17ee7c9af714bec45ffc4682a05ee0ef26b76738db1e1d0af3795b0eebc8ea499c97bda83063362cd7329bfaf1ca2c3a8fcb46d00097559d69df3f03d924b45a60574bac9ca1ca0a869d36c72501b3d53207356b096ac1384cc50e38f87708847f4aa9b29160683c6ea864068f62ab61cf2aeb4882e939d335fa3f7a81a0407431f251dac5bf96bd133ec897f12a5b2f6db88ff72937938854fe4fbd35ad7436d2743ecc1fd5796d1f92caaff18eca8427a21ff546e14bdd80a664ba4930c7f2cca003cb4cee915555295f66e96f57ee70496", "bits": 2048, "generator": "5fcdada0554e00d31e3e5f36e548d615ce87de11a9fff1955f7de8a14d01c3458a5d83bb8217db521f8dc41313b60538969cc800033a76c8878c7caad48f747fb7a5c206e56ff930b5387597adffc719245416ece864f5006ec4a75569cdb0a496c222af37f17e9a4997e739c544d6f879e65e2d4c9d3d23d94a4c044fd3b2c92b5bdc35b1a9298754e71a5b0485c844dc11ec0bb899319ee1c49998d666637cd5a40690901bdf88a8e6b229c22b7143ddca85edecb1f6a021c77be4f749d6a66112dbeb3a53d28235170de9f4ad8e57e5d3186efa8a58bcd9007ea182e814937277cce03c430afc4122c24b5c933b709b01f17afb6d7761cb8d9e86d4eea602"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190611100800Z", "expires": "20190909100800Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\xe1V\"\\x11\\xa7\\xb2\\x9d\\xd7\\xf5\\x8fqt\\xb1\\xf7,;\\xffJx\\x8f", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x0c\\x82\\nctm.3cx.it", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00w\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01kF9,\\xf8\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\xa9\\xef\\x10qC\\xa9\\xfd\\xedN\\xd1\\xb0\\xb9;a$\\xe5&>\\xae$\\xdb\\xa1\\xd2\\xcd\\x1b\\xcd\\x0f\\xf9\\xf5N\\x1bJ\\x02!\\x00\\xe8\\xe4t\\x1d4\\x9fS\\x89\\x875=m\\x80\\x9d\\xd0\\xcd}\\xca\\'\\xf1\\x06\\x96\\xc1\\x9f\\x12\\x0c\\xcc-\\x8e^4\\x85\\x00u\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01kF9.\\xde\\x00\\x00\\x04\\x03\\x00F0D\\x02 .\\x7f\\xf8\\xe6\\x92j \\x9e\\xd9\\xac\\xf7z\\xda1;\\xaa\\x05\\x14|\\xa01\\x1c\\xcd\\xd5Xl\\nYpDl\\xcf\\x02 _\\x10\\xeani|r\\xcb\\x80?*\\xba\\xafX\\x1a-\\xa8q\\x1c\\xc2\\x8a+\\x108\\x05\\x8fX\\x91\\x87\\x7f\\xf0\\xe9", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "d8cd117435da0729770dd8d2e2cb04d6196e942f9aa9f72614cd2508c32b6969", "sha1": "d7d4cb1e644f8f54f421df42570b6eba613be761"}, "serial": 267825889777972920266292345224186071124680, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "ctm.3cx.it"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFTDCCBDSgAwIBAgISAxMRzhm9/pFmSrVA4Rdq9IrIMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MTExMDA4MDBaFw0x\nOTA5MDkxMDA4MDBaMBUxEzARBgNVBAMTCmN0bS4zY3guaXQwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDGCz27H1G74t5+BYtc7wq4lvK/BYtwij/SGFDH\n/BFGwFhcFvrVk2MJN1krYGMF1XQmeENRuUmMgtik78ZiSbhS+ZLN9LF+IEIWpdir\nhcfHdj2M18agPiQ9pIzBhwMAry9Orwlnvh3iJvQ02iBGsxIk1c2lTHOcFWnPBieM\nTxxOyPHElikpor6PNoEMCTDSuhOdYb/k4Rp5t5hDyQbv6GoCK6RRQuL/Cas+7wdL\ndULLUelL7rf6wsYYCSxldUlqr8E2p9eyf7xOUNt6VIIjRhWsnwzvuOmzgMKIhrqG\niWCa6JdHY3KPX7ygfYzTWWa2JSugtq7mNHMs1d3Lm3JUkYP1AgMBAAGjggJfMIIC\nWzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\nMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOFWIhGnsp3X9Y9xdLH3LDv/SniPMB8G\nA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAu\nBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAv\nBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8w\nFQYDVR0RBA4wDIIKY3RtLjNjeC5pdDBMBgNVHSAERTBDMAgGBmeBDAECATA3Bgsr\nBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0\nLm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AOJpS64m6OlACeiGG7Y7g9Q+\n5/50iPukjyiTAZ3d8dv+AAABa0Y5LPgAAAQDAEgwRgIhAKnvEHFDqf3tTtGwuTth\nJOUmPq4k26HSzRvND/n1ThtKAiEA6OR0HTSfU4mHNT1tgJ3QzX3KJ/EGlsGfEgzM\nLY5eNIUAdQBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWtGOS7e\nAAAEAwBGMEQCIC5/+OaSaiCe2az3etoxO6oFFHygMRzN1VhsCllwRGzPAiBfEOpu\naXxyy4A/KrqvWBotqHEcwoorEDgFj1iRh3/w6TANBgkqhkiG9w0BAQsFAAOCAQEA\nKEq5u/5W8Xc7olGhN9GBWrC77lGviTXFKX7EPVB8XfmXzPsGxb4pW29Nt6+k1yGJ\n6xeUUgvA2UUy4C4Ji+C6ILeCogFH0WMIOQe1/GSK70Sr83l5LTpFVxnyv/WDJ1aT\nfxjGuQ2Pew5bA+n1j5vOvKaKBmeq4Yxwmg3X2oL5sRwYqT2u75pgr/jv9+Y3R/rm\nf4GYmR0/wiKsX8n5Bu74s+3YFSeJR+764Y+2s6nENKsY6Yc6ezEYQgh8skFHAqxR\n96MiRVPuQnaD7Y4MNG1e83TicX0EckE40I2Ibx+ueiblRn7JKx87r8aYXCmjfpcd\nfeVcuoZx3vXbgN0O7awJcQ==\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["h2", "http/1.1"]}, "hostnames": ["77.45.168.109.cust.ip.kpnqwest.it"], "location": {"city": "Bologna", "region_code": "05", "area_code": null, "longitude": 11.338699999999989, "country_code3": "ITA", "latitude": 44.49379999999999, "postal_code": "40127", "dma_code": null, "country_code": "IT", "country_name": "Italy"}, "timestamp": "2019-07-23T20:56:44.906803", "domains": ["kpnqwest.it"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://109.168.45.77:5001/favicon.ico"}, "host": "109.168.45.77", "html": "3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1026100908}, "os": null, "_shodan": {"crawler": "122dd688b363c3b45b0e7582622da1e725444808", "ptr": true, "id": "140e0cf3-b66f-4c95-992d-228941869f56", "module": "https-simple-new", "options": {}}, "ip_str": "109.168.45.77"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US.UTF-8"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.groupname", "UNIX.mode", "UNIX.owner", "UNIX.ownername"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "SITE": {"parameters": ["UTIME"]}, "REST": {"parameters": ["STREAM"]}, "HOST": {"parameters": []}, "CLNT": {"parameters": []}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "EPRT": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": -2017210081}, "hash": -1398539372, "ip": 800859125, "isp": "Frontier Communications", "transport": "tcp", "data": "220 ProFTPD Server (NETGEAR ReadyNAS) [TsCloud]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n214-CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n214-EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n214-XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n214-NOOP FEAT OPTS HOST CLNT AUTH* CCC* CONF* \n214-ENC* MIC* PBSZ* PROT* TYPE STRU MODE RETR \n214-STOR STOU APPE REST ABOR USER PASS ACCT* \n214-REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n CLNT\n EPRT\n EPSV\n HOST\n LANG en-US.UTF-8*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;\n REST STREAM\n SITE MKDIR\n SITE RMDIR\n SITE SYMLINK\n SITE UTIME\n SIZE\n TVFS\n UTF8\n211 End", "_shodan": {"crawler": "70752434fdf0dcec35df6ae02b9703eaae035f7d", "ptr": true, "id": "67f2f39b-e797-4e64-b430-72eae4ba3caa", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Plano", "region_code": "TX", "area_code": 972, "longitude": -96.7311, "country_code3": "USA", "latitude": 33.05590000000001, "postal_code": "75023", "dma_code": 623, "country_code": "US", "country_name": "United States"}, "timestamp": "2019-07-23T20:55:16.930116", "domains": [], "org": "Frontier Communications", "os": null, "asn": "AS5650", "ip_str": "47.188.35.245"}, {"ip": 3747904523, "hash": -71022071, "vulns": {"CVE-2018-10549": {"verified": false, "references": ["http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "http://www.securityfocus.com/bid/104019", "http://www.securitytracker.com/id/1040807", "https://bugs.php.net/bug.php?id=76130", "https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html", "https://security.gentoo.org/glsa/201812-01", "https://security.netapp.com/advisory/ntap-20180607-0003/", "https://usn.ubuntu.com/3646-1/", "https://www.debian.org/security/2018/dsa-4240", "https://www.synology.com/support/security/Synology_SA_18_20", "https://www.tenable.com/security/tns-2018-12"], "cvss": "6.8", "summary": "An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\\0' character."}, "CVE-2014-5459": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html", "http://lists.opensuse.org/opensuse-updates/2014-09/msg00055.html", "http://www.openwall.com/lists/oss-security/2014/08/27/3", "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282"], "cvss": 3.6, "summary": "The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions."}, "CVE-2010-4645": {"verified": false, "references": ["http://bugs.php.net/53632", "http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf", "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html", "http://marc.info/?l=bugtraq&m=133226187115472&w=2", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.484686", "http://support.apple.com/kb/HT5002", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327&r2=307095&pathrev=307095", "http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/", "http://www.openwall.com/lists/oss-security/2011/01/05/2", "http://www.openwall.com/lists/oss-security/2011/01/05/8", "http://www.openwall.com/lists/oss-security/2011/01/06/5", "http://www.redhat.com/support/errata/RHSA-2011-0195.html", "http://www.redhat.com/support/errata/RHSA-2011-0196.html", "http://www.securityfocus.com/bid/45668", "http://www.ubuntu.com/usn/USN-1042-1", "http://www.vupen.com/english/advisories/2011/0060", "http://www.vupen.com/english/advisories/2011/0066", "http://www.vupen.com/english/advisories/2011/0077", "http://www.vupen.com/english/advisories/2011/0198", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64470"], "cvss": 5.0, "summary": "strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308."}, "CVE-2018-10545": {"verified": false, "references": ["http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "http://www.securityfocus.com/bid/104022", "https://bugs.php.net/bug.php?id=75605", "https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html", "https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html", "https://security.gentoo.org/glsa/201812-01", "https://security.netapp.com/advisory/ntap-20180607-0003/", "https://usn.ubuntu.com/3646-1/", "https://usn.ubuntu.com/3646-2/", "https://www.debian.org/security/2018/dsa-4240", "https://www.tenable.com/security/tns-2018-12"], "cvss": "1.9", "summary": "An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process."}, "CVE-2018-10547": {"verified": false, "references": ["http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "http://www.securitytracker.com/id/1040807", "https://bugs.php.net/bug.php?id=76129", "https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html", "https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html", "https://security.netapp.com/advisory/ntap-20180607-0003/", "https://usn.ubuntu.com/3646-1/", "https://usn.ubuntu.com/3646-2/", "https://www.debian.org/security/2018/dsa-4240", "https://www.tenable.com/security/tns-2018-12"], "cvss": "4.3", "summary": "An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712."}, "CVE-2018-10546": {"verified": false, "references": ["http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "http://www.securityfocus.com/bid/104019", "http://www.securitytracker.com/id/1040807", "https://bugs.php.net/bug.php?id=76249", "https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html", "https://security.gentoo.org/glsa/201812-01", "https://security.netapp.com/advisory/ntap-20180607-0003/", "https://usn.ubuntu.com/3646-1/", "https://www.debian.org/security/2018/dsa-4240", "https://www.tenable.com/security/tns-2018-12"], "cvss": "5.0", "summary": "An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences."}, "CVE-2010-3709": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html", "http://marc.info/?l=bugtraq&m=130331363227777&w=2", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://securityreason.com/achievement_securityalert/90", "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619", "http://support.apple.com/kb/HT4581", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/zip/php_zip.c?view=log", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log", "http://www.exploit-db.com/exploits/15431", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:218", "http://www.php.net/archive/2010.php#id2010-12-10-1", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_2_15.php", "http://www.php.net/releases/5_3_4.php", "http://www.redhat.com/support/errata/RHSA-2011-0195.html", "http://www.securityfocus.com/bid/44718", "http://www.securitytracker.com/id?1024690", "http://www.ubuntu.com/usn/USN-1042-1", "http://www.vupen.com/english/advisories/2010/3313", "http://www.vupen.com/english/advisories/2011/0020", "http://www.vupen.com/english/advisories/2011/0021", "http://www.vupen.com/english/advisories/2011/0077"], "cvss": 4.3, "summary": "The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive."}, "CVE-2012-1172": {"verified": false, "references": ["http://isisblogs.poly.edu/2011/08/11/php-not-properly-checking-params/", "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html", "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html", "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080070.html", "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html", "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html", "http://marc.info/?l=bugtraq&m=134012830914727&w=2", "http://openwall.com/lists/oss-security/2012/03/13/4", "http://support.apple.com/kb/HT5501", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/rfc1867.c?r1=321664&r2=321663&pathrev=321664", "http://svn.php.net/viewvc?view=revision&revision=321664", "http://www.debian.org/security/2012/dsa-2465", "http://www.php.net/ChangeLog-5.php#5.4.0", "https://bugs.php.net/bug.php?id=48597", "https://bugs.php.net/bug.php?id=49683", "https://bugs.php.net/bug.php?id=54374", "https://bugs.php.net/bug.php?id=55500", "https://nealpoole.com/blog/2011/10/directory-traversal-via-php-multi-file-uploads/", "https://students.mimuw.edu.pl/~ai292615/php_multipleupload_overwrite.pdf"], "cvss": 5.8, "summary": "The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or conduct directory traversal attacks during multi-file uploads by leveraging a script that lacks its own filename restrictions."}, "CVE-2018-10548": {"verified": false, "references": ["http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "http://www.securityfocus.com/bid/104019", "http://www.securitytracker.com/id/1040807", "https://bugs.php.net/bug.php?id=76248", "https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html", "https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html", "https://security.gentoo.org/glsa/201812-01", "https://security.netapp.com/advisory/ntap-20180607-0003/", "https://usn.ubuntu.com/3646-1/", "https://usn.ubuntu.com/3646-2/", "https://www.debian.org/security/2018/dsa-4240", "https://www.tenable.com/security/tns-2018-12"], "cvss": "5.0", "summary": "An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value."}, "CVE-2010-1861": {"verified": false, "references": ["http://php-security.org/2010/05/05/mops-2010-009-php-shm_put_var-already-freed-resource-access-vulnerability/index.html"], "cvss": 6.4, "summary": "The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, which triggers access of a freed resource."}, "CVE-2010-1860": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://php-security.org/2010/05/06/mops-2010-010-php-html_entity_decode-interruption-information-leak-vulnerability/index.html"], "cvss": 5.0, "summary": "The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal call, related to the call time pass by reference feature."}, "CVE-2010-1862": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://php-security.org/2010/05/04/mops-2010-008-php-chunk_split-interruption-information-leak-vulnerability/index.html"], "cvss": 5.0, "summary": "The chunk_split function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature."}, "CVE-2010-1864": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://php-security.org/2010/05/03/mops-2010-006-php-addcslashes-interruption-information-leak-vulnerability/index.html"], "cvss": 5.0, "summary": "The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature."}, "CVE-2010-1868": {"verified": false, "references": ["http://php-security.org/2010/05/07/mops-2010-012-php-sqlite_single_query-uninitialized-memory-usage-vulnerability/index.html", "http://php-security.org/2010/05/07/mops-2010-013-php-sqlite_array_query-uninitialized-memory-usage-vulnerability/index.html", "http://php-security.org/2010/05/07/mops-submission-03-sqlite_single_query-sqlite_array_query-uninitialized-memory-usage/index.html"], "cvss": 7.5, "summary": "The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, which triggers access of uninitialized memory."}, "CVE-2014-2497": {"verified": false, "references": ["http://advisories.mageia.org/MGASA-2014-0288.html", "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html", "http://rhn.redhat.com/errata/RHSA-2014-1326.html", "http://rhn.redhat.com/errata/RHSA-2014-1327.html", "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "http://secunia.com/advisories/59061", "http://secunia.com/advisories/59418", "http://secunia.com/advisories/59496", "http://www.debian.org/security/2015/dsa-3215", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:153", "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "http://www.securityfocus.com/bid/66233", "http://www.ubuntu.com/usn/USN-2987-1", "https://bugs.php.net/bug.php?id=66901", "https://bugzilla.redhat.com/show_bug.cgi?id=1076676", "https://security.gentoo.org/glsa/201607-04", "https://support.apple.com/HT204659"], "cvss": 4.3, "summary": "The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file."}, "CVE-2011-1468": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=54060", "http://bugs.php.net/bug.php?id=54061", "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "http://support.apple.com/kb/HT5002", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053", "http://www.php.net/ChangeLog-5.php", "http://www.redhat.com/support/errata/RHSA-2011-1423.html", "http://www.securityfocus.com/bid/46977", "http://www.vupen.com/english/advisories/2011/0744"], "cvss": "4.3", "summary": "Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function."}, "CVE-2011-1469": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=54092", "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "http://support.apple.com/kb/HT5002", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053", "http://www.php.net/ChangeLog-5.php", "http://www.redhat.com/support/errata/RHSA-2011-1423.html", "http://www.securityfocus.com/bid/46970", "http://www.vupen.com/english/advisories/2011/0744"], "cvss": "4.3", "summary": "Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper."}, "CVE-2011-0421": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=53885", "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html", "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://securityreason.com/achievement_securityalert/96", "http://securityreason.com/securityalert/8146", "http://support.apple.com/kb/HT5002", "http://svn.php.net/viewvc/?view=revision&revision=307867", "http://www.debian.org/security/2011/dsa-2266", "http://www.exploit-db.com/exploits/17004", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:099", "http://www.php.net/archive/2011.php", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_3_6.php", "http://www.securityfocus.com/archive/1/517065/100/0/threaded", "http://www.securityfocus.com/bid/46354", "http://www.vupen.com/english/advisories/2011/0744", "http://www.vupen.com/english/advisories/2011/0764", "http://www.vupen.com/english/advisories/2011/0890", "https://bugzilla.redhat.com/show_bug.cgi?id=688735", "https://exchange.xforce.ibmcloud.com/vulnerabilities/66173"], "cvss": "4.3", "summary": "The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation."}, "CVE-2012-2688": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00021.html", "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00022.html", "http://rhn.redhat.com/errata/RHSA-2013-1307.html", "http://support.apple.com/kb/HT5501", "http://www.debian.org/security/2012/dsa-2527", "http://www.mandriva.com/security/advisories?name=MDVSA-2012:108", "http://www.php.net/ChangeLog-5.php", "http://www.securityfocus.com/bid/54638", "http://www.securitytracker.com/id?1027287", "http://www.ubuntu.com/usn/USN-1569-1", "https://exchange.xforce.ibmcloud.com/vulnerabilities/77155", "https://hermes.opensuse.org/messages/15376003"], "cvss": 10.0, "summary": "Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an \"overflow.\""}, "CVE-2009-3294": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=44683", "http://news.php.net/php.announce/79", "http://svn.php.net/viewvc?view=revision&revision=287779", "http://www.openwall.com/lists/oss-security/2009/09/20/1", "http://www.openwall.com/lists/oss-security/2009/11/20/2", "http://www.openwall.com/lists/oss-security/2009/11/20/3", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/ChangeLog-5.php#5.2.11", "http://www.php.net/releases/5_2_11.php", "http://www.php.net/releases/5_3_1.php"], "cvss": "5.0", "summary": "The popen API function in TSRM/tsrm_win32.c in PHP before 5.2.11 and 5.3.x before 5.3.1, when running on certain Windows operating systems, allows context-dependent attackers to cause a denial of service (crash) via a crafted (1) \"e\" or (2) \"er\" string in the second argument (aka mode), possibly related to the _fdopen function in the Microsoft C runtime library. NOTE: this might not cross privilege boundaries except in rare cases in which the mode argument is accessible to an attacker outside of an application that uses the popen function."}, "CVE-2011-1466": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=53574", "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html", "http://rhn.redhat.com/errata/RHSA-2012-0071.html", "http://support.apple.com/kb/HT5002", "http://www.debian.org/security/2011/dsa-2266", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053", "http://www.php.net/ChangeLog-5.php", "http://www.redhat.com/support/errata/RHSA-2011-1423.html", "http://www.securityfocus.com/bid/46967", "http://www.vupen.com/english/advisories/2011/0744"], "cvss": "5.0", "summary": "Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function."}, "CVE-2009-3293": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html", "http://marc.info/?l=bugtraq&m=127680701405735&w=2", "http://marc.info/?l=bugtraq&m=130497311408250&w=2", "http://support.apple.com/kb/HT3937", "http://www.php.net/ChangeLog-5.php#5.2.11", "http://www.php.net/releases/5_2_11.php", "http://www.securitytracker.com/id?1022914", "http://www.vupen.com/english/advisories/2009/3184"], "cvss": "7.5", "summary": "Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect \"sanity check for the color index.\""}, "CVE-2011-1464": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=54055", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053", "http://www.php.net/archive/2011.php", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_3_6.php", "http://www.vupen.com/english/advisories/2011/0744"], "cvss": "4.3", "summary": "Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent attackers to cause a denial of service (application crash) via a small numerical value in the argument."}, "CVE-2009-3291": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html", "http://marc.info/?l=bugtraq&m=127680701405735&w=2", "http://marc.info/?l=bugtraq&m=130497311408250&w=2", "http://support.apple.com/kb/HT3937", "http://www.debian.org/security/2009/dsa-1940", "http://www.php.net/ChangeLog-5.php#5.2.11", "http://www.php.net/releases/5_2_11.php", "http://www.securitytracker.com/id?1022914", "http://www.vupen.com/english/advisories/2009/3184", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53334"], "cvss": "7.5", "summary": "The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates."}, "CVE-2011-3182": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", "http://marc.info/?l=full-disclosure&m=131373057621672&w=2", "http://securityreason.com/achievement_securityalert/101", "http://support.apple.com/kb/HT5130", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165", "http://www.openwall.com/lists/oss-security/2011/08/22/9", "http://www.securityfocus.com/bid/49249", "https://exchange.xforce.ibmcloud.com/vulnerabilities/69430"], "cvss": 5.0, "summary": "PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function."}, "CVE-2010-2097": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://php-security.org/2010/05/18/mops-2010-032-php-iconv_mime_decode-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/18/mops-2010-033-php-iconv_substr-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/18/mops-2010-034-php-iconv_mime_encode-interruption-information-leak-vulnerability/index.html"], "cvss": 5.0, "summary": "The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature."}, "CVE-2010-2093": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://php-security.org/2010/05/12/mops-2010-022-php-stream-context-use-after-free-on-request-shutdown-vulnerability/index.html"], "cvss": 5.0, "summary": "Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 before 5.2.13 and 5.3 before 5.3.2 allows context-dependent attackers to cause a denial of service (crash) via a stream context structure that is freed before destruction occurs."}, "CVE-2018-20783": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html", "http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "https://bugs.php.net/bug.php?id=77143", "https://usn.ubuntu.com/3566-2/"], "cvss": "5.0", "summary": "In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c."}, "CVE-2012-0057": {"verified": false, "references": ["http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041", "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html", "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html", "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html", "http://openwall.com/lists/oss-security/2012/01/13/10", "http://openwall.com/lists/oss-security/2012/01/13/4", "http://openwall.com/lists/oss-security/2012/01/13/5", "http://openwall.com/lists/oss-security/2012/01/13/6", "http://openwall.com/lists/oss-security/2012/01/13/7", "http://openwall.com/lists/oss-security/2012/01/14/1", "http://openwall.com/lists/oss-security/2012/01/14/2", "http://openwall.com/lists/oss-security/2012/01/14/3", "http://openwall.com/lists/oss-security/2012/01/15/1", "http://openwall.com/lists/oss-security/2012/01/15/10", "http://openwall.com/lists/oss-security/2012/01/15/2", "http://openwall.com/lists/oss-security/2012/01/18/3", "http://php.net/ChangeLog-5.php#5.3.9", "http://www.debian.org/security/2012/dsa-2399", "https://bugs.php.net/bug.php?id=54446", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72908"], "cvss": 6.4, "summary": "PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension."}, "CVE-2006-7243": {"verified": false, "references": ["http://bugs.php.net/39863", "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html", "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html", "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html", "http://marc.info/?l=bugtraq&m=132871655717248&w=2", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://openwall.com/lists/oss-security/2010/11/18/4", "http://openwall.com/lists/oss-security/2010/11/18/5", "http://openwall.com/lists/oss-security/2010/12/09/10", "http://openwall.com/lists/oss-security/2010/12/09/11", "http://openwall.com/lists/oss-security/2010/12/09/9", "http://rhn.redhat.com/errata/RHSA-2013-1307.html", "http://rhn.redhat.com/errata/RHSA-2013-1615.html", "http://rhn.redhat.com/errata/RHSA-2014-0311.html", "http://support.apple.com/kb/HT4581", "http://svn.php.net/viewvc?view=revision&revision=305412", "http://svn.php.net/viewvc?view=revision&revision=305507", "http://www.madirish.net/?article=436", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:254", "http://www.php.net/archive/2010.php#id2010-12-10-1", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_3_4.php", "http://www.securityfocus.com/bid/44951"], "cvss": "5.0", "summary": "PHP before 5.3.4 accepts the \\0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\\0.jpg at the end of the argument to the file_exists function."}, "CVE-2009-2626": {"verified": false, "references": ["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540605", "http://securityreason.com/achievement_securityalert/65", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/Zend/zend_ini.c?r1=272370&r2=284156", "http://www.debian.org/security/2009/dsa-1940", "http://www.securityfocus.com/bid/36009"], "cvss": "6.4", "summary": "The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable."}, "CVE-2012-1823": {"verified": false, "references": ["http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041", "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html", "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html", "http://marc.info/?l=bugtraq&m=134012830914727&w=2", "http://rhn.redhat.com/errata/RHSA-2012-0546.html", "http://rhn.redhat.com/errata/RHSA-2012-0547.html", "http://rhn.redhat.com/errata/RHSA-2012-0568.html", "http://rhn.redhat.com/errata/RHSA-2012-0569.html", "http://rhn.redhat.com/errata/RHSA-2012-0570.html", "http://support.apple.com/kb/HT5501", "http://www.debian.org/security/2012/dsa-2465", "http://www.kb.cert.org/vuls/id/520827", "http://www.kb.cert.org/vuls/id/673343", "http://www.mandriva.com/security/advisories?name=MDVSA-2012:068", "http://www.php.net/archive/2012.php#id2012-05-03-1", "http://www.php.net/ChangeLog-5.php#5.4.2", "http://www.securitytracker.com/id?1027022", "https://bugs.php.net/bug.php?id=61910", "https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1"], "cvss": 7.5, "summary": "sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case."}, "CVE-2013-1635": {"verified": false, "references": ["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221", "http://git.php.net/?p=php-src.git;a=blob;f=NEWS;h=36f6f9a4396d3034cc903a4271e7fdeccc5d3ea6;hb=refs/heads/PHP-5.4", "http://git.php.net/?p=php-src.git;a=blob;f=NEWS;h=82afa3a040e639f3595121e45b850d5453906a00;hb=refs/heads/PHP-5.3", "http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html", "http://support.apple.com/kb/HT5880", "http://www.debian.org/security/2013/dsa-2639", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:114", "https://bugs.gentoo.org/show_bug.cgi?id=459904", "https://bugzilla.redhat.com/show_bug.cgi?id=918196", "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101"], "cvss": 7.5, "summary": "ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory."}, "CVE-2010-3710": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=52929", "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html", "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://support.apple.com/kb/HT4581", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:218", "http://www.php.net/archive/2010.php#id2010-12-10-1", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_2_15.php", "http://www.php.net/releases/5_3_4.php", "http://www.redhat.com/support/errata/RHSA-2011-0196.html", "http://www.securityfocus.com/bid/43926", "http://www.ubuntu.com/usn/USN-1042-1", "http://www.vupen.com/english/advisories/2011/0020", "http://www.vupen.com/english/advisories/2011/0021", "http://www.vupen.com/english/advisories/2011/0077"], "cvss": 4.3, "summary": "Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string."}, "CVE-2013-1643": {"verified": false, "references": ["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702221", "http://git.php.net/?p=php-src.git;a=commit;h=8e76d0404b7f664ee6719fd98f0483f0ac4669d6", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html", "http://rhn.redhat.com/errata/RHSA-2013-1307.html", "http://rhn.redhat.com/errata/RHSA-2013-1615.html", "http://support.apple.com/kb/HT5880", "http://www.debian.org/security/2013/dsa-2639", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:114", "http://www.php.net/ChangeLog-5.php", "http://www.ubuntu.com/usn/USN-1761-1", "https://bugs.gentoo.org/show_bug.cgi?id=459904", "https://bugzilla.redhat.com/show_bug.cgi?id=918187", "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0101"], "cvss": 5.0, "summary": "The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824."}, "CVE-2010-2484": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html", "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://support.apple.com/kb/HT4312", "http://support.apple.com/kb/HT4435", "http://www.php.net/releases/5_2_14.php", "https://bugzilla.redhat.com/show_bug.cgi?id=619324"], "cvss": 5.0, "summary": "The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler."}, "CVE-2018-19520": {"verified": false, "references": ["https://blog.whiterabbitxyj.com/cve/SDCMS_1.6_code_execution.doc", "https://github.com/WhiteRabbitc/WhiteRabbitc.github.io/blob/master/cve/SDCMS_1.6_code_execution.doc"], "cvss": 6.5, "summary": "An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a check_bad function in an attempt to block certain PHP functions such as eval, but does not prevent use of preg_replace 'e' calls, allowing users to execute arbitrary code by leveraging access to admin template management."}, "CVE-2018-19396": {"verified": false, "references": ["http://www.securityfocus.com/bid/105989", "https://bugs.php.net/bug.php?id=77177", "https://security.netapp.com/advisory/ntap-20181221-0005/"], "cvss": 5.0, "summary": "ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class."}, "CVE-2016-7478": {"verified": false, "references": ["http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7", "http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf", "http://www.securityfocus.com/bid/95150", "https://bugs.php.net/bug.php?id=73093", "https://security.netapp.com/advisory/ntap-20180112-0001/", "https://www.youtube.com/watch?v=LDcaPstAuPk"], "cvss": 5.0, "summary": "Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876."}, "CVE-2012-2376": {"verified": false, "references": ["http://isc.sans.edu/diary.html?storyid=13255", "http://openwall.com/lists/oss-security/2012/05/20/2", "http://www.exploit-db.com/exploits/18861/", "http://www.securitytracker.com/id?1027089", "https://bugzilla.redhat.com/show_bug.cgi?id=823464", "https://exchange.xforce.ibmcloud.com/vulnerabilities/75778"], "cvss": 10.0, "summary": "Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012."}, "CVE-2012-2143": {"verified": false, "references": ["http://git.php.net/?p=php-src.git;a=commit;h=aab49e934de1fff046e659cbec46e3d053b41c34", "http://git.postgresql.org/gitweb/?p=postgresql.git&a=commit&h=932ded2ed51e8333852e370c7a6dad75d9f236f9", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082258.html", "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082292.html", "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082294.html", "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html", "http://lists.opensuse.org/opensuse-updates/2012-09/msg00102.html", "http://lists.opensuse.org/opensuse-updates/2012-10/msg00013.html", "http://lists.opensuse.org/opensuse-updates/2012-10/msg00024.html", "http://rhn.redhat.com/errata/RHSA-2012-1037.html", "http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc", "http://support.apple.com/kb/HT5501", "http://www.debian.org/security/2012/dsa-2491", "http://www.mandriva.com/security/advisories?name=MDVSA-2012:092", "http://www.postgresql.org/docs/8.3/static/release-8-3-19.html", "http://www.postgresql.org/docs/8.4/static/release-8-4-12.html", "http://www.postgresql.org/docs/9.0/static/release-9-0-8.html", "http://www.postgresql.org/docs/9.1/static/release-9-1-4.html", "http://www.postgresql.org/support/security/", "http://www.securitytracker.com/id?1026995", "https://bugzilla.redhat.com/show_bug.cgi?id=816956"], "cvss": 4.3, "summary": "The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password."}, "CVE-2010-3870": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=48230", "http://bugs.php.net/bug.php?id=49687", "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html", "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://sirdarckcat.blogspot.com/2009/10/couple-of-unicode-issues-on-php-and.html", "http://support.apple.com/kb/HT4581", "http://svn.php.net/viewvc?view=revision&revision=304959", "http://us2.php.net/manual/en/function.utf8-decode.php#83935", "http://www.acunetix.com/blog/web-security-articles/security-risks-associated-with-utf8_decode/", "http://www.blackhat.com/presentations/bh-usa-09/VELANAVA/BHUSA09-VelaNava-FavoriteXSS-SLIDES.pdf", "http://www.mandriva.com/en/security/advisories?name=MDVSA-2010:224", "http://www.openwall.com/lists/oss-security/2010/11/02/1", "http://www.openwall.com/lists/oss-security/2010/11/02/11", "http://www.openwall.com/lists/oss-security/2010/11/02/2", "http://www.openwall.com/lists/oss-security/2010/11/02/4", "http://www.openwall.com/lists/oss-security/2010/11/02/6", "http://www.openwall.com/lists/oss-security/2010/11/02/8", "http://www.openwall.com/lists/oss-security/2010/11/03/1", "http://www.php.net/ChangeLog-5.php", "http://www.redhat.com/support/errata/RHSA-2010-0919.html", "http://www.redhat.com/support/errata/RHSA-2011-0195.html", "http://www.securityfocus.com/bid/44605", "http://www.securitytracker.com/id?1024797", "http://www.ubuntu.com/usn/USN-1042-1", "http://www.vupen.com/english/advisories/2010/3081", "http://www.vupen.com/english/advisories/2011/0020", "http://www.vupen.com/english/advisories/2011/0021", "http://www.vupen.com/english/advisories/2011/0077"], "cvss": "6.8", "summary": "The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string."}, "CVE-2012-1171": {"verified": false, "references": ["https://bugs.php.net/bug.php?id=61367", "https://bugzilla.redhat.com/show_bug.cgi?id=802591", "https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-read.phpt", "https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-write.phpt"], "cvss": 5.0, "summary": "The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper."}, "CVE-2012-0831": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html", "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html", "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html", "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html", "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html", "http://rhn.redhat.com/errata/RHSA-2013-1307.html", "http://support.apple.com/kb/HT5501", "http://svn.php.net/viewvc?view=revision&revision=323016", "http://www.securityfocus.com/bid/51954", "http://www.ubuntu.com/usn/USN-1358-1", "https://exchange.xforce.ibmcloud.com/vulnerabilities/73125", "https://launchpadlibrarian.net/92454212/php5_5.3.2-1ubuntu4.13.diff.gz"], "cvss": 6.8, "summary": "PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c."}, "CVE-2018-17082": {"verified": false, "references": ["http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "https://bugs.php.net/bug.php?id=76582", "https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e", "https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html", "https://security.gentoo.org/glsa/201812-01", "https://security.netapp.com/advisory/ntap-20180924-0001/", "https://www.debian.org/security/2018/dsa-4353"], "cvss": "4.3", "summary": "The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a \"Transfer-Encoding: chunked\" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c."}, "CVE-2019-9639": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html", "https://bugs.php.net/bug.php?id=77659", "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html", "https://security.netapp.com/advisory/ntap-20190502-0007/", "https://usn.ubuntu.com/3922-1/", "https://usn.ubuntu.com/3922-2/", "https://usn.ubuntu.com/3922-3/", "https://www.debian.org/security/2019/dsa-4403"], "cvss": "5.0", "summary": "An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable."}, "CVE-2019-9638": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html", "https://bugs.php.net/bug.php?id=77563", "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html", "https://security.netapp.com/advisory/ntap-20190502-0007/", "https://usn.ubuntu.com/3922-1/", "https://usn.ubuntu.com/3922-2/", "https://usn.ubuntu.com/3922-3/", "https://www.debian.org/security/2019/dsa-4403"], "cvss": "5.0", "summary": "An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len."}, "CVE-2013-4248": {"verified": false, "references": ["http://git.php.net/?p=php-src.git;a=commit;h=2874696a5a8d46639d261571f915c493cd875897", "http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html", "http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html", "http://marc.info/?l=bugtraq&m=141390017113542&w=2", "http://rhn.redhat.com/errata/RHSA-2013-1307.html", "http://rhn.redhat.com/errata/RHSA-2013-1615.html", "http://support.apple.com/kb/HT6150", "http://www.debian.org/security/2013/dsa-2742", "http://www.php.net/ChangeLog-5.php", "http://www.securityfocus.com/bid/61776", "http://www.securitytracker.com/id/1028924", "http://www.ubuntu.com/usn/USN-1937-1"], "cvss": 4.3, "summary": "The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."}, "CVE-2019-9637": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html", "https://bugs.php.net/bug.php?id=77630", "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html", "https://security.netapp.com/advisory/ntap-20190502-0007/", "https://support.f5.com/csp/article/K53825211", "https://usn.ubuntu.com/3922-1/", "https://usn.ubuntu.com/3922-2/", "https://usn.ubuntu.com/3922-3/", "https://www.debian.org/security/2019/dsa-4403"], "cvss": "5.0", "summary": "An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data."}, "CVE-2007-1581": {"verified": false, "references": ["http://php-security.org/2010/05/01/mops-2010-001-php-hash_update_file-already-freed-resource-access-vulnerability/index.html", "http://www.php-security.org/MOPB/MOPB-28-2007.html", "http://www.securityfocus.com/bid/23062", "https://exchange.xforce.ibmcloud.com/vulnerabilities/33248", "https://www.exploit-db.com/exploits/3529"], "cvss": "9.3", "summary": "The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resources. NOTE: it was later reported that PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 are also affected."}, "CVE-2010-2531": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html", "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=130331363227777&w=2", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://support.apple.com/kb/HT4312", "http://support.apple.com/kb/HT4435", "http://svn.php.net/viewvc/php/php-src/trunk/ext/standard/tests/general_functions/var_export_error2.phpt?view=log&pathrev=301143", "http://www.debian.org/security/2011/dsa-2266", "http://www.openwall.com/lists/oss-security/2010/07/13/1", "http://www.openwall.com/lists/oss-security/2010/07/16/3", "http://www.php.net/archive/2010.php#id2010-07-22-1", "http://www.php.net/archive/2010.php#id2010-07-22-2", "http://www.redhat.com/support/errata/RHSA-2010-0919.html", "http://www.vupen.com/english/advisories/2010/3081", "https://bugzilla.redhat.com/show_bug.cgi?id=617673"], "cvss": 4.3, "summary": "The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion."}, "CVE-2018-14883": {"verified": false, "references": ["http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "http://www.securityfocus.com/bid/104871", "https://bugs.php.net/bug.php?id=76423", "https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html", "https://security.netapp.com/advisory/ntap-20181107-0003/", "https://usn.ubuntu.com/3766-1/", "https://usn.ubuntu.com/3766-2/", "https://www.debian.org/security/2018/dsa-4353", "https://www.tenable.com/security/tns-2018-12"], "cvss": "5.0", "summary": "An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c."}, "CVE-2011-1153": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=54247", "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html", "http://openwall.com/lists/oss-security/2011/03/14/13", "http://openwall.com/lists/oss-security/2011/03/14/14", "http://openwall.com/lists/oss-security/2011/03/14/24", "http://support.apple.com/kb/HT5002", "http://svn.php.net/viewvc?view=revision&revision=309221", "http://www.debian.org/security/2011/dsa-2266", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053", "http://www.php.net/archive/2011.php", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_3_6.php", "http://www.securityfocus.com/bid/46854", "http://www.vupen.com/english/advisories/2011/0744", "http://www.vupen.com/english/advisories/2011/0764", "http://www.vupen.com/english/advisories/2011/0890", "https://bugzilla.redhat.com/show_bug.cgi?id=688378", "https://exchange.xforce.ibmcloud.com/vulnerabilities/66079"], "cvss": 7.5, "summary": "Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via format string specifiers in an argument to a class method, leading to an incorrect zend_throw_exception_ex call."}, "CVE-2011-4718": {"verified": false, "references": ["http://git.php.net/?p=php-src.git;a=commit;h=169b78eb79b0e080b67f9798708eb3771c6d0b2f", "http://git.php.net/?p=php-src.git;a=commit;h=25e8fcc88fa20dc9d4c47184471003f436927cde", "https://bugs.php.net/bug.php?id=60491", "https://wiki.php.net/rfc/strict_sessions"], "cvss": 6.8, "summary": "Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID."}, "CVE-2012-2311": {"verified": false, "references": ["http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/", "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html", "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html", "http://marc.info/?l=bugtraq&m=134012830914727&w=2", "http://support.apple.com/kb/HT5501", "http://www.debian.org/security/2012/dsa-2465", "http://www.kb.cert.org/vuls/id/520827", "http://www.php.net/archive/2012.php#id2012-05-08-1", "http://www.php.net/ChangeLog-5.php#5.4.3", "http://www.securitytracker.com/id?1027022", "https://bugs.php.net/bug.php?id=61910", "https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff-fix-check.patch&revision=1336093719&display=1", "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"], "cvss": 7.5, "summary": "sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823."}, "CVE-2014-0237": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html", "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "http://secunia.com/advisories/59061", "http://secunia.com/advisories/59329", "http://secunia.com/advisories/59418", "http://secunia.com/advisories/60998", "http://support.apple.com/kb/HT6443", "http://www-01.ibm.com/support/docview.wss?uid=swg21683486", "http://www.debian.org/security/2014/dsa-3021", "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "http://www.php.net/ChangeLog-5.php", "http://www.securityfocus.com/bid/67759", "https://bugs.php.net/bug.php?id=67328", "https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d", "https://support.apple.com/HT204659"], "cvss": 5.0, "summary": "The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls."}, "CVE-2010-1915": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://www.php-security.org/2010/05/09/mops-2010-017-php-preg_quote-interruption-information-leak-vulnerability/index.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/58586"], "cvss": 5.0, "summary": "The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature, modification of ZVALs whose values are not updated in the associated local variables, and access of previously-freed memory."}, "CVE-2010-1914": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://www.php-security.org/2010/05/08/mops-2010-014-php-zend_bw_xor-opcode-interruption-address-information-leak-vulnerability/index.html", "http://www.php-security.org/2010/05/08/mops-2010-015-php-zend_sl-opcode-interruption-address-information-leak-vulnerability/index.html", "http://www.php-security.org/2010/05/08/mops-2010-016-php-zend_sr-opcode-interruption-address-information-leak-vulnerability/index.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/58587"], "cvss": 5.0, "summary": "The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_function), or (3) ZEND_SR opcode (shift_right_function), related to the convert_to_long_base function."}, "CVE-2010-1917": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=130331363227777&w=2", "http://www.debian.org/security/2010/dsa-2089", "http://www.php-security.org/2010/05/11/mops-2010-021-php-fnmatch-stack-exhaustion-vulnerability/index.html", "http://www.redhat.com/support/errata/RHSA-2010-0919.html", "http://www.vupen.com/english/advisories/2010/3081", "https://exchange.xforce.ibmcloud.com/vulnerabilities/58585"], "cvss": 5.0, "summary": "Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string."}, "CVE-2014-0238": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html", "http://rhn.redhat.com/errata/RHSA-2014-1765.html", "http://rhn.redhat.com/errata/RHSA-2014-1766.html", "http://secunia.com/advisories/59061", "http://secunia.com/advisories/59329", "http://secunia.com/advisories/59418", "http://secunia.com/advisories/60998", "http://support.apple.com/kb/HT6443", "http://www-01.ibm.com/support/docview.wss?uid=swg21683486", "http://www.debian.org/security/2014/dsa-3021", "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "http://www.php.net/ChangeLog-5.php", "http://www.securityfocus.com/bid/67765", "https://bugs.php.net/bug.php?id=67327", "https://github.com/file/file/commit/f97486ef5dc3e8735440edc4fc8808c63e1a3ef0", "https://support.apple.com/HT204659"], "cvss": 5.0, "summary": "The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long."}, "CVE-2019-9023": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html", "http://www.securityfocus.com/bid/107156", "https://bugs.php.net/bug.php?id=77370", "https://bugs.php.net/bug.php?id=77371", "https://bugs.php.net/bug.php?id=77381", "https://bugs.php.net/bug.php?id=77382", "https://bugs.php.net/bug.php?id=77385", "https://bugs.php.net/bug.php?id=77394", "https://bugs.php.net/bug.php?id=77418", "https://security.netapp.com/advisory/ntap-20190321-0001/", "https://support.f5.com/csp/article/K06372014", "https://usn.ubuntu.com/3902-1/", "https://usn.ubuntu.com/3902-2/", "https://www.debian.org/security/2019/dsa-4398"], "cvss": "7.5", "summary": "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences."}, "CVE-2019-9020": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html", "http://www.securityfocus.com/bid/107156", "https://bugs.php.net/bug.php?id=77242", "https://bugs.php.net/bug.php?id=77249", "https://security.netapp.com/advisory/ntap-20190321-0001/", "https://usn.ubuntu.com/3902-1/", "https://usn.ubuntu.com/3902-2/", "https://www.debian.org/security/2019/dsa-4398"], "cvss": "7.5", "summary": "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c."}, "CVE-2019-9021": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html", "http://www.securityfocus.com/bid/106747", "http://www.securityfocus.com/bid/107156", "https://bugs.php.net/bug.php?id=77247", "https://security.netapp.com/advisory/ntap-20190321-0001/", "https://usn.ubuntu.com/3902-1/", "https://usn.ubuntu.com/3902-2/", "https://www.debian.org/security/2019/dsa-4398"], "cvss": "7.5", "summary": "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c."}, "CVE-2019-9024": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html", "http://www.securityfocus.com/bid/107156", "https://bugs.php.net/bug.php?id=77380", "https://security.netapp.com/advisory/ntap-20190321-0001/", "https://usn.ubuntu.com/3902-1/", "https://usn.ubuntu.com/3902-2/", "https://www.debian.org/security/2019/dsa-4398"], "cvss": "5.0", "summary": "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c."}, "CVE-2012-3365": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00021.html", "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00022.html", "http://osvdb.org/84100", "http://secunia.com/advisories/49969", "http://www.mandriva.com/security/advisories?name=MDVSA-2012:108", "http://www.php.net/ChangeLog-5.php", "http://www.securityfocus.com/bid/54612", "http://www.securitytracker.com/id?1027286", "https://hermes.opensuse.org/messages/15376003"], "cvss": 5.0, "summary": "The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors."}, "CVE-2011-1092": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=54193", "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://securityreason.com/securityalert/8130", "http://support.apple.com/kb/HT5002", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/shmop/shmop.c?r1=306939&r2=309018&pathrev=309018", "http://www.exploit-db.com/exploits/16966", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053", "http://www.openwall.com/lists/oss-security/2011/03/08/11", "http://www.openwall.com/lists/oss-security/2011/03/08/9", "http://www.php.net/archive/2011.php", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_3_6.php", "http://www.securityfocus.com/bid/46786", "http://www.vupen.com/english/advisories/2011/0744", "https://bugzilla.redhat.com/show_bug.cgi?id=683183", "https://exchange.xforce.ibmcloud.com/vulnerabilities/65988"], "cvss": "7.5", "summary": "Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function."}, "CVE-2018-19935": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html", "http://www.securityfocus.com/bid/106143", "https://bugs.php.net/bug.php?id=77020", "https://lists.debian.org/debian-lts-announce/2018/12/msg00006.html", "https://security.netapp.com/advisory/ntap-20181221-0003/", "https://www.debian.org/security/2018/dsa-4353"], "cvss": "5.0", "summary": "ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function."}, "CVE-2013-4635": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00034.html", "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00007.html", "http://www.attrition.org/pipermail/vim/2013-June/002697.html", "http://www.php.net/ChangeLog-5.php", "http://www.securitytracker.com/id/1028699", "http://www.ubuntu.com/usn/USN-1905-1", "https://bugs.php.net/bug.php?id=64895"], "cvss": 5.0, "summary": "Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function."}, "CVE-2011-0708": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=54002", "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://openwall.com/lists/oss-security/2011/02/14/1", "http://openwall.com/lists/oss-security/2011/02/16/7", "http://rhn.redhat.com/errata/RHSA-2012-0071.html", "http://securityreason.com/securityalert/8114", "http://support.apple.com/kb/HT5002", "http://svn.php.net/viewvc?view=revision&revision=308316", "http://www.debian.org/security/2011/dsa-2266", "http://www.exploit-db.com/exploits/16261/", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053", "http://www.php.net/archive/2011.php", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_3_6.php", "http://www.redhat.com/support/errata/RHSA-2011-1423.html", "http://www.securityfocus.com/bid/46365", "http://www.vupen.com/english/advisories/2011/0744", "http://www.vupen.com/english/advisories/2011/0764", "http://www.vupen.com/english/advisories/2011/0890", "https://bugzilla.redhat.com/show_bug.cgi?id=680972"], "cvss": "4.3", "summary": "exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read."}, "CVE-2010-4697": {"verified": false, "references": ["http://bugs.php.net/52879", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://www.php.net/ChangeLog-5.php", "http://www.securityfocus.com/bid/45952", "https://exchange.xforce.ibmcloud.com/vulnerabilities/65310"], "cvss": "6.8", "summary": "Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference."}, "CVE-2010-4699": {"verified": false, "references": ["http://bugs.php.net/52941", "http://coding.derkeiler.com/Archive/PHP/php.general/2007-04/msg00605.html", "http://www.php.net/ChangeLog-5.php", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64963"], "cvss": "5.0", "summary": "The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set."}, "CVE-2010-2101": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://php-security.org/2010/05/26/mops-2010-041-php-strip_tags-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/26/mops-2010-042-php-setcookie-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/26/mops-2010-043-php-strtok-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/26/mops-2010-044-php-wordwrap-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/26/mops-2010-045-php-str_word_count-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/26/mops-2010-046-php-str_pad-interruption-information-leak-vulnerability/index.html"], "cvss": 5.0, "summary": "The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) str_word_count, and (6) str_pad functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature."}, "CVE-2010-2100": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://php-security.org/2010/05/21/mops-2010-036-php-htmlentities-and-htmlspecialchars-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/21/mops-2010-037-php-str_getcsv-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/21/mops-2010-038-php-http_build_query-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/21/mops-2010-039-php-strpbrk-interruption-information-leak-vulnerability/index.html", "http://php-security.org/2010/05/21/mops-2010-040-php-strtr-interruption-information-leak-vulnerability/index.html"], "cvss": 5.0, "summary": "The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_build_query, (5) strpbrk, and (6) strtr functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature."}, "CVE-2015-8994": {"verified": false, "references": ["http://marc.info/?l=php-internals&m=147876797317925&w=2", "http://marc.info/?l=php-internals&m=147921016724565&w=2", "http://openwall.com/lists/oss-security/2017/02/28/1", "http://seclists.org/oss-sec/2016/q4/343", "http://seclists.org/oss-sec/2017/q1/520", "https://bugs.php.net/bug.php?id=69090", "https://ma.ttias.be/a-better-way-to-run-php-fpm/"], "cvss": 6.8, "summary": "An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The vulnerability details are as follows. In PHP SAPIs where PHP interpreters share a common parent process, Zend OpCache creates a shared memory object owned by the common parent during initialization. Child PHP processes inherit the SHM descriptor, using it to cache and retrieve compiled script bytecode (\"opcode\" in PHP jargon). Cache keys vary depending on configuration, but filename is a central key component, and compiled opcode can generally be run if a script's filename is known or can be guessed. Many common shared-hosting configurations change EUID in child processes to enforce privilege separation among hosted users (for example using mod_ruid2 for the Apache HTTP Server, or php-fpm user settings). In these scenarios, the default Zend OpCache behavior defeats script file permissions by sharing a single SHM cache among all child PHP processes. PHP scripts often contain sensitive information: Think of CMS configurations where reading or running another user's script usually means gaining privileges to the CMS database."}, "CVE-2019-6977": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html", "http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html", "http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "http://www.securityfocus.com/bid/106731", "https://bugs.php.net/bug.php?id=77270", "https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html", "https://security.gentoo.org/glsa/201903-18", "https://security.netapp.com/advisory/ntap-20190315-0003/", "https://usn.ubuntu.com/3900-1/", "https://www.debian.org/security/2019/dsa-4384", "https://www.exploit-db.com/exploits/46677/"], "cvss": "6.8", "summary": "gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data."}, "CVE-2010-2225": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html", "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://pastebin.com/mXGidCsd", "http://support.apple.com/kb/HT4312", "http://twitter.com/i0n1c/statuses/16373156076", "http://twitter.com/i0n1c/statuses/16447867829", "http://www.debian.org/security/2010/dsa-2089", "http://www.securityfocus.com/bid/40948", "https://bugzilla.redhat.com/show_bug.cgi?id=605641", "https://exchange.xforce.ibmcloud.com/vulnerabilities/59610"], "cvss": 7.5, "summary": "Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function."}, "CVE-2011-2483": {"verified": false, "references": ["http://freshmeat.net/projects/crypt_blowfish", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00015.html", "http://php.net/security/crypt_blowfish", "http://support.apple.com/kb/HT5130", "http://www.debian.org/security/2011/dsa-2340", "http://www.debian.org/security/2012/dsa-2399", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:180", "http://www.openwall.com/crypt/", "http://www.php.net/archive/2011.php#id2011-08-18-1", "http://www.php.net/ChangeLog-5.php#5.3.7", "http://www.postgresql.org/docs/8.4/static/release-8-4-9.html", "http://www.redhat.com/support/errata/RHSA-2011-1377.html", "http://www.redhat.com/support/errata/RHSA-2011-1378.html", "http://www.redhat.com/support/errata/RHSA-2011-1423.html", "http://www.securityfocus.com/bid/49241", "http://www.ubuntu.com/usn/USN-1229-1", "https://exchange.xforce.ibmcloud.com/vulnerabilities/69319"], "cvss": 5.0, "summary": "crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash."}, "CVE-2009-4418": {"verified": false, "references": ["http://www.suspekt.org/2009/11/28/shocking-news-in-php-exploitation/", "http://www.suspekt.org/downloads/POC2009-ShockingNewsInPHPExploitation.pdf"], "cvss": "5.0", "summary": "The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences."}, "CVE-2009-3292": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html", "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html", "http://marc.info/?l=bugtraq&m=127680701405735&w=2", "http://marc.info/?l=bugtraq&m=130497311408250&w=2", "http://news.php.net/php.announce/79", "http://support.apple.com/kb/HT3937", "http://www.debian.org/security/2009/dsa-1940", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:302", "http://www.openwall.com/lists/oss-security/2009/11/20/2", "http://www.openwall.com/lists/oss-security/2009/11/20/3", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/ChangeLog-5.php#5.2.11", "http://www.php.net/releases/5_2_11.php", "http://www.php.net/releases/5_3_1.php", "http://www.securitytracker.com/id?1022914", "http://www.vupen.com/english/advisories/2009/3184"], "cvss": "7.5", "summary": "Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to \"missing sanity checks around exif processing.\""}, "CVE-2014-9427": {"verified": false, "references": ["http://advisories.mageia.org/MGASA-2015-0040.html", "http://git.php.net/?p=php-src.git;a=commit;h=f9ad3086693fce680fbe246e4a45aa92edd2ac35", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html", "http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html", "http://marc.info/?l=bugtraq&m=143748090628601&w=2", "http://marc.info/?l=bugtraq&m=144050155601375&w=2", "http://openwall.com/lists/oss-security/2014/12/31/6", "http://openwall.com/lists/oss-security/2015/01/01/1", "http://openwall.com/lists/oss-security/2015/01/03/4", "http://rhn.redhat.com/errata/RHSA-2015-1053.html", "http://rhn.redhat.com/errata/RHSA-2015-1066.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:032", "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "http://www.securityfocus.com/bid/71833", "https://bugs.php.net/bug.php?id=68618", "https://security.gentoo.org/glsa/201503-03", "https://support.apple.com/HT205267"], "cvss": 7.5, "summary": "sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or (2) trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping."}, "CVE-2011-1467": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=53512", "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "http://support.apple.com/kb/HT5002", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053", "http://www.php.net/ChangeLog-5.php", "http://www.securityfocus.com/bid/46968", "http://www.vupen.com/english/advisories/2011/0744"], "cvss": "5.0", "summary": "Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409."}, "CVE-2019-9641": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html", "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html", "https://bugs.php.net/bug.php?id=77509", "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html", "https://security.netapp.com/advisory/ntap-20190502-0007/", "https://usn.ubuntu.com/3922-1/", "https://usn.ubuntu.com/3922-2/", "https://usn.ubuntu.com/3922-3/", "https://www.debian.org/security/2019/dsa-4403"], "cvss": "7.5", "summary": "An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF."}, "CVE-2010-1130": {"verified": false, "references": ["http://securityreason.com/achievement_securityalert/82", "http://securityreason.com/securityalert/7008", "http://securitytracker.com/id?1023661", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/session/session.c?r1=293036&r2=294272", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/session/session.c?view=log", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/session/session.c?r1=293036&r2=294272", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/session/session.c?view=log", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_2_13.php", "http://www.vupen.com/english/advisories/2010/0479"], "cvss": "5.0", "summary": "session.c in the session extension in PHP before 5.2.13, and 5.3.1, does not properly interpret ; (semicolon) characters in the argument to the session_save_path function, which allows context-dependent attackers to bypass open_basedir and safe_mode restrictions via an argument that contains multiple ; characters in conjunction with a .. (dot dot)."}, "CVE-2018-15132": {"verified": false, "references": ["http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "https://bugs.php.net/bug.php?id=76459", "https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4", "https://security.netapp.com/advisory/ntap-20181107-0003/", "https://www.tenable.com/security/tns-2018-12"], "cvss": "5.0", "summary": "An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories."}, "CVE-2010-3065": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html", "http://www.debian.org/security/2010/dsa-2089", "http://www.redhat.com/support/errata/RHSA-2010-0919.html", "http://www.vupen.com/english/advisories/2010/3081"], "cvss": 5.0, "summary": "The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name."}, "CVE-2011-4885": {"verified": false, "references": ["http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html", "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041", "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html", "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html", "http://marc.info/?l=bugtraq&m=132871655717248&w=2", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://rhn.redhat.com/errata/RHSA-2012-0071.html", "http://support.apple.com/kb/HT5281", "http://svn.php.net/viewvc?view=revision&revision=321003", "http://svn.php.net/viewvc?view=revision&revision=321040", "http://www.debian.org/security/2012/dsa-2399", "http://www.exploit-db.com/exploits/18296", "http://www.exploit-db.com/exploits/18305", "http://www.kb.cert.org/vuls/id/903934", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:197", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "http://www.nruns.com/_downloads/advisory28122011.pdf", "http://www.ocert.org/advisories/ocert-2011-003.html", "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", "http://www.redhat.com/support/errata/RHSA-2012-0019.html", "http://www.securityfocus.com/bid/51193", "http://www.securitytracker.com/id?1026473", "https://exchange.xforce.ibmcloud.com/vulnerabilities/72021", "https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py"], "cvss": 5.0, "summary": "PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters."}, "CVE-2011-0752": {"verified": false, "references": ["http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://www.openwall.com/lists/oss-security/2010/12/13/4", "http://www.php.net/archive/2010.php#id2010-12-10-1", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_2_15.php", "https://exchange.xforce.ibmcloud.com/vulnerabilities/65432"], "cvss": "5.0", "summary": "The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOBALS superglobal array and (2) the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended to depend on external input, a related issue to CVE-2005-2691 and CVE-2006-3758."}, "CVE-2011-0755": {"verified": false, "references": ["http://bugs.php.net/46587", "http://www.php.net/ChangeLog-5.php", "https://exchange.xforce.ibmcloud.com/vulnerabilities/65426"], "cvss": "5.0", "summary": "Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax."}, "CVE-2011-3267": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", "http://support.apple.com/kb/HT5130", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165", "http://www.php.net/archive/2011.php#id2011-08-18-1", "http://www.php.net/ChangeLog-5.php#5.3.7", "http://www.securityfocus.com/bid/49241", "https://exchange.xforce.ibmcloud.com/vulnerabilities/69428"], "cvss": 5.0, "summary": "PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors."}, "CVE-2010-2190": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://www.php-security.org/2010/05/30/mops-2010-047-php-trimltrimrtrim-interruption-information-leak-vulnerability/index.html", "http://www.php-security.org/2010/05/30/mops-2010-048-php-substr_replace-interruption-information-leak-vulnerability/index.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/59220"], "cvss": 5.0, "summary": "The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature."}, "CVE-2010-2191": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "http://www.php-security.org/2010/05/31/mops-2010-049-php-parse_str-interruption-memory-corruption-vulnerability/index.html", "http://www.php-security.org/2010/05/31/mops-2010-050-php-preg_match-interruption-information-leak-vulnerability/index.html", "http://www.php-security.org/2010/05/31/mops-2010-051-php-unpack-interruption-information-leak-vulnerability/index.html", "http://www.php-security.org/2010/05/31/mops-2010-052-php-pack-interruption-information-leak-vulnerability/index.html", "http://www.php-security.org/2010/05/31/mops-2010-053-php-zend_fetch_rw-opcode-interruption-information-leak-vulnerability/index.html", "http://www.php-security.org/2010/05/31/mops-2010-054-php-zend_concatzend_assign_concat-opcode-interruption-information-leak-and-memory-corruption-vulnerability/index.html", "http://www.php-security.org/2010/05/31/mops-2010-055-php-arrayobjectuasort-interruption-memory-corruption-vulnerability/index.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/59221"], "cvss": 6.4, "summary": "The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. NOTE: vectors 2 through 4 are related to the call time pass by reference feature."}, "CVE-2011-3268": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", "http://support.apple.com/kb/HT5130", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/php_crypt_r.c?r1=311300&r2=311390&pathrev=315218", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165", "http://www.php.net/archive/2011.php#id2011-08-18-1", "http://www.php.net/ChangeLog-5.php#5.3.7", "http://www.securityfocus.com/bid/49241", "https://exchange.xforce.ibmcloud.com/vulnerabilities/69427"], "cvss": 10.0, "summary": "Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483."}, "CVE-2012-2336": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00004.html", "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html", "http://www.php.net/archive/2012.php#id2012-05-08-1", "http://www.php.net/ChangeLog-5.php#5.4.3", "https://bugs.php.net/bug.php?id=61910", "https://bugs.php.net/patch-display.php?bug_id=61910&patch=CVE-2012-1823.patch&revision=1336251592&display=1", "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"], "cvss": 5.0, "summary": "sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823."}, "CVE-2009-4143": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", "http://marc.info/?l=bugtraq&m=127680701405735&w=2", "http://support.apple.com/kb/HT4077", "http://www.debian.org/security/2010/dsa-2001", "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:045", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_2_12.php", "http://www.securityfocus.com/bid/37390", "http://www.vupen.com/english/advisories/2009/3593"], "cvss": "10.0", "summary": "PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive."}, "CVE-2009-4142": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=49785", "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", "http://marc.info/?l=bugtraq&m=127680701405735&w=2", "http://securitytracker.com/id?1023372", "http://support.apple.com/kb/HT4077", "http://www.debian.org/security/2010/dsa-2001", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_2_12.php", "http://www.securityfocus.com/bid/37389", "http://www.vupen.com/english/advisories/2009/3593"], "cvss": "4.3", "summary": "The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character."}, "CVE-2009-4018": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=49026", "http://marc.info/?l=bugtraq&m=127680701405735&w=2", "http://marc.info/?l=oss-security&m=125886770008678&w=2", "http://marc.info/?l=oss-security&m=125897935330618&w=2", "http://svn.php.net/viewvc/?view=revision&revision=286360", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360", "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360", "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303", "http://www.openwall.com/lists/oss-security/2009/11/23/15", "http://www.php.net/ChangeLog-5.php", "http://www.securityfocus.com/bid/37138"], "cvss": "7.5", "summary": "The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable."}, "CVE-2010-1128": {"verified": false, "references": ["http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_2_13.php", "http://www.redhat.com/support/errata/RHSA-2010-0919.html", "http://www.securityfocus.com/bid/38430", "http://www.vupen.com/english/advisories/2010/0479", "http://www.vupen.com/english/advisories/2010/3081"], "cvss": 6.4, "summary": "The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function."}, "CVE-2010-1129": {"verified": false, "references": ["http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083", "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html", "http://securitytracker.com/id?1023661", "http://support.apple.com/kb/HT4312", "http://www.php.net/ChangeLog-5.php", "http://www.php.net/releases/5_2_13.php", "http://www.securityfocus.com/bid/38431", "http://www.vupen.com/english/advisories/2010/0479", "http://www.vupen.com/english/advisories/2010/1796"], "cvss": 7.5, "summary": "The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function."}, "CVE-2012-0788": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html", "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html", "http://www.php.net/ChangeLog-5.php#5.3.9", "https://bugs.php.net/bug.php?id=55776", "https://bugzilla.redhat.com/show_bug.cgi?id=783605"], "cvss": 5.0, "summary": "The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server."}, "CVE-2013-2110": {"verified": false, "references": ["http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html", "http://support.apple.com/kb/HT5880", "http://www.php.net/ChangeLog-5.php", "http://www.securityfocus.com/bid/60411", "http://www.ubuntu.com/usn/USN-1872-1", "https://bugs.php.net/bug.php?id=64879"], "cvss": 5.0, "summary": "Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP before 5.3.26 and 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted argument to the quoted_printable_encode function."}, "CVE-2018-19395": {"verified": false, "references": ["http://www.securityfocus.com/bid/105989", "https://bugs.php.net/bug.php?id=77177", "https://security.netapp.com/advisory/ntap-20181221-0005/"], "cvss": 5.0, "summary": "ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM(\"WScript.Shell\")."}, "CVE-2012-2386": {"verified": false, "references": ["http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html", "http://git.php.net/?p=php-src.git;a=commit;h=158d8a6b088662ce9d31e0c777c6ebe90efdc854", "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html", "http://openwall.com/lists/oss-security/2012/05/22/10", "http://support.apple.com/kb/HT5501", "http://www.php.net/ChangeLog-5.php", "https://bugs.php.net/bug.php?id=61065", "https://bugzilla.redhat.com/show_bug.cgi?id=823594"], "cvss": 7.5, "summary": "Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow."}, "CVE-2012-0789": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html", "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html", "http://www.php.net/ChangeLog-5.php#5.3.9", "https://bugs.php.net/bug.php?id=53502", "https://bugzilla.redhat.com/show_bug.cgi?id=783609"], "cvss": 5.0, "summary": "Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache."}, "CVE-2017-16642": {"verified": false, "references": ["http://php.net/ChangeLog-5.php", "http://php.net/ChangeLog-7.php", "http://www.securityfocus.com/bid/101745", "https://access.redhat.com/errata/RHSA-2018:1296", "https://bugs.php.net/bug.php?id=75055", "https://github.com/derickr/timelib/commit/aa9156006e88565e1f1a5f7cc088b18322d57536", "https://github.com/php/php-src/commit/5c0455bf2c8cd3c25401407f158e820aa3b239e1", "https://security.netapp.com/advisory/ntap-20181123-0001/", "https://usn.ubuntu.com/3566-1/", "https://www.debian.org/security/2018/dsa-4080", "https://www.debian.org/security/2018/dsa-4081", "https://www.exploit-db.com/exploits/43133/"], "cvss": "5.0", "summary": "In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145."}, "CVE-2011-1470": {"verified": false, "references": ["http://bugs.php.net/bug.php?id=53579", "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "http://support.apple.com/kb/HT5002", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053", "http://www.php.net/ChangeLog-5.php", "http://www.securityfocus.com/bid/46969", "http://www.vupen.com/english/advisories/2011/0744"], "cvss": "4.3", "summary": "The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function."}}, "isp": "China Mobile Guangdong", "transport": "tcp", "cpe": ["cpe:/a:php:php:5.2.9"], "data": "HTTP/1.1 200 OK\r\nX-Powered-By: PHP/5.2.9\r\nSet-Cookie: PHPSESSID=78f492f5fc80996ecda149c70e89fbd9; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-cache,must-revalidate\r\nPragma: no-cache\r\nContent-type: text/html\r\nTransfer-Encoding: chunked\r\nDate: Tue, 23 Jul 2019 22:44:56 GMT\r\nServer: rchttpd/1.0\r\n\r\n10cc\r\n\r\n\n\n\n\n\nWeb user login\n\n\n\n\n\n\n\n\n\n\n\n", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1680756703}, "os": null, "_shodan": {"crawler": "0636e1e6dd371760aeaf808ed839236e73a9e74d", "ptr": true, "id": "ad688f66-3878-443a-a80d-8811e7b9823e", "module": "https-simple-new", "options": {}}, "ip_str": "213.178.206.244"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "UTF8": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 854928527}, "product": "ProFTPD", "hostnames": [], "hash": 1366944054, "ip": 1083972243, "isp": "Level 3 Communications", "transport": "tcp", "cpe": ["cpe:/a:proftpd:proftpd:1.3.3a"], "data": "220 ProFTPD 1.3.3a Server (4Admin(tm) FTP Server) [64.156.26.147]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n UTF8\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "e9392a930ba74a5a7a9a04c307d8f2d045dad4b4", "ptr": true, "id": "60c1b31f-6a6e-4f97-ac6d-0025b1d6c163", "module": "ftp", "options": {}}, "port": 21, "version": "1.3.3a", "location": {"city": "Tampa", "region_code": "FL", "area_code": 813, "longitude": -82.4622, "country_code3": "USA", "latitude": 27.95779999999999, "postal_code": "33602", "dma_code": 539, "country_code": "US", "country_name": "United States"}, "timestamp": "2019-07-23T20:56:22.362168", "domains": [], "org": "Neucom", "os": null, "asn": "AS3064", "ip_str": "64.156.26.147"}, {"hash": 497278899, "ip": 1482761598, "org": "Zen Internet Ltd", "isp": "Zen Internet Ltd", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx/1.12.1\r\nDate: Tue, 23 Jul 2019 20:54:44 GMT\r\nContent-Type: text/html\r\nContent-Length: 746\r\nLast-Modified: Fri, 31 Aug 2018 03:01:46 GMT\r\nConnection: keep-alive\r\nETag: \"5b88af9a-2ea\"\r\nExpires: Tue, 23 Jul 2019 20:54:44 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 0\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no -cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS13037", "port": 5001, "ssl": {"dhparams": {"prime": "e2a07a46de9479070887ee4a542249ab7aacbe420cd120ef191c04e4c69a64914d93b9c34453557e286b6d6746dc3b2e83df41543092be6de50d9d4003d2b6ad8ddca22acf1f8db65f8f9a5d3cc5b1b1b05d4df4ac7862dcd7fe79fdbc59240e71a3666d9a4f870e32ffd6bfdfe953d94599d31db59afcb48693b2ca651c415eec021f4938ec696b412f009a8bb0e458b1bcaa15e628b946b7ee3883e38272781b670324a2229208a57d41863af799ea31c3ca07105ca1a49769fe431e4f4e2d0de42307f11952fe3195ed320a5fdb2cd5b9fcfd0f9399be315bf23951f394479c90082f856b673cae67d8fdea65ce58e2a03f71b86cf889ebaf44fd4300fee9", "public_key": "3f954014469ef9570ee6b77242200e50ff86649401137a8fd72683328bc9bf844edf785239906dcf5b8563d66a0d479abc8acec9eb37be83d6009456587a8dbb57cb6061b245757955b9fffcd31cfe569172e83bb3cb7d9640a46055ab889feb5f6b48036ef9e43d005cfedc1f6e80d25d5a3b2e4eb426228a5e7c6882f333cfa57a7a01b5996b628e19edb361bac0165e98728e8f33cde9222aded758d8c2fe07fe8305aa55d1ee1536203c23b959da0d8b97936a127c9b8e786d5917cf6a231d1111855702f832883bb5aee1451c4a1d4044b235e9051ade4c39a3c6f5db3921067ad2ae4e87260a097283bbd911e8ed9b2d0ab2f874897b7aecbbfaca227d", "bits": 2048, "generator": "63c693e80249361ea6cd811276a25aee91d875db0d9fdb7da4f7b44c712b283058b28b842e71fa2f390a2fb8710e5025463f61fc22f47be224c8089f1d2076d7bb4f96472d0d9542ed0a80611c0c7cdcb766f626e025c003d101acb83e6844880fd0cd25e624fa3ca7a1fe3fcd765d6ed8298acd6aa49be8459281c9c4a2c902a8181584d5c5f30c0dbafe191dbf82f3557f88c4dea6aacb7caf527d1a8f82de6f01f50ed8d1f506a8aea14f9e4b5dc9681df47474b6c083e153cb13acf525151f30abe843be2ed8a12080071ff60bb4963637c1b4da1395cc11a25fdcd8e729a2b88121876c394f9e356aaede55dda0edb9626a2d486dbb9d92fcab490eea7b"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190707032624Z", "expires": "20191005032624Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14*\\x85\\xa7\\xb1f\\xcd\\xb8\\x88\\xc8\\'*\\xa8/\\x8fq\\x8d\\x97D9\\x87", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x11\\x82\\x0fvicta.3cx.co.uk", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00u\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01k\\xca\\xae\\xd7\\xda\\x00\\x00\\x04\\x03\\x00F0D\\x02 ~\\xe6@\\xad-\\xb2\\xf3\\xa8x\\xf10\\xf5E\\x9b\\xde%_\\x13\\xbey\\xd4^\\xa6\\xc2\\xe4\\x18\\xab\\'\\xbc!kZ\\x02 @UG\\x99\\x88\\x1b\\x9b\\x0b\\x13V\\xbb`C^\\x0f\\x06\\xd7\\xb8\\x00\\xb6@*\\x98\\xdd\\xa0C\\x9c\\x85N\\x94UM\\x00w\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01k\\xca\\xae\\xd7\\xcc\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\xf8\\x03\\xe0z\\x9b\\x13B;\\x19\\ny\\x7f\\xe7\\x97\\x0f\\xaf\\xd3\"4\\xa2\\x85\\xf1\\xd8{E\\xbax\\x9b\\xecex\\xa9\\x02!\\x00\\xf8+\\xfa>\\x9b$g`\\x8f\\xa7\\xbe41\\xb7W\\xec\\xa1\\xd6\\xd0\\xefo\\xdf\\x8c\\xcd\\xedfUj\\\\\\xdeG ", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "09923e506a42e06a8179d86507a067dbf04d69677a339318f2e0fa32afe0dedd", "sha1": "67f1d496dd1a1a0b6946ccc0512141d69a7bc748"}, "serial": 331018398867203106373988965066151876475361, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "victa.3cx.co.uk"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFVjCCBD6gAwIBAgISA8zGkKbzEZO5UwdrxGgWabnhMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MDcwMzI2MjRaFw0x\nOTEwMDUwMzI2MjRaMBoxGDAWBgNVBAMTD3ZpY3RhLjNjeC5jby51azCCASIwDQYJ\nKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKF4zxtuHChwyFCJx6u5NKICO1+r7/8t\nK3BgEXx2LSCHMKffc3fE2w9fabGRsdh1Igjgf6sZgJfXD1RPLJlRkeFpkJ8cr5zc\nL+GuX6G+b2stPw8jhxUey70SQ2clNVEBQcJMfctPtSJC6KsQ8dTafG32JUHV9OL5\nFFVhCiqcnxZH19Bgfi3ZY0tdeZ3tt4PlyrdICIApF56Q52IRyQbqvQdtvAlDc+Tg\nAl5ACV+zbluQlh8g87m2O4BE7HFl1+CXjBp4zGmlz7J7B13TavLkQX04G8ZSwUiw\ndhdixJJX9YxsMlp+NnDEulLTK2dV+ybyS+Mj7pNeLxsPlGK2ZThAJ0UCAwEAAaOC\nAmQwggJgMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB\nBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUKoWnsWbNuIjIJyqoL49xjZdE\nOYcwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE\nYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu\nb3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu\nb3JnLzAaBgNVHREEEzARgg92aWN0YS4zY3guY28udWswTAYDVR0gBEUwQzAIBgZn\ngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s\nZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQDiaUuuJujp\nQAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWvKrtfaAAAEAwBGMEQCIH7mQK0t\nsvOoePEw9UWb3iVfE7551F6mwuQYqye8IWtaAiBAVUeZiBubCxNWu2BDXg8G17gA\ntkAqmN2gQ5yFTpRVTQB3AGPy283oO8wszwtyhCdXazOkjWF3j711pjixx2hUS9iN\nAAABa8qu18wAAAQDAEgwRgIhAPgD4HqbE0I7GQp5f+eXD6/TIjSihfHYe0W6eJvs\nZXipAiEA+Cv6PpskZ2CPp740MbdX7KHW0O9v34zN7WZValzeRyAwDQYJKoZIhvcN\nAQELBQADggEBADHez+u7ioRYbiSyxznKvVmf0T4Tl9LDs3X1z2JfU7Dr9iV/NIHS\n+lszBdCTUjnnGqwBtjXZynTNH1URrFMSgH3e0qfQtjmBNhIV8p7h/Gj0ktt6YW5y\nINykKKx5w0E1f6rscxUuDaF5uRid3XMdst2ScuUOk1mEBRQQGT9r+WJA1LvbCDkd\nxXHEs+Vtd7ui6Xg8lK263AVhIVxSsdqwy5BagTQCPNa2wMD6Mym8DBWl54h7d70J\nfzgvFVqtGxfj4YCVxB+5BtmfZqHtjiDrM/sZTQT1oakO7zSJ3ArQ+WbjeyWjnnUZ\nXdEtwsFXxhSl0AnhvfoTbAdEInJIPq5iUA0=\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["http/1.1"]}, "hostnames": ["88-97-37-126.dsl.in-addr.zen.co.uk"], "location": {"city": "Saint Albans", "region_code": "F8", "area_code": null, "longitude": -0.33330000000000837, "country_code3": "GBR", "latitude": 51.75, "postal_code": "AL1", "dma_code": null, "country_code": "GB", "country_name": "United Kingdom"}, "timestamp": "2019-07-23T20:54:44.732499", "domains": ["zen.co.uk"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://88.97.37.126:5001/favicon.ico"}, "host": "88.97.37.126", "html": "\n\n\n \n 3CX Phone System Management Console\n \n \n \n \n\n\n
\n
\n\n\n", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx/1.12.1", "sitemap": null, "html_hash": 1680756703}, "os": null, "_shodan": {"crawler": "0636e1e6dd371760aeaf808ed839236e73a9e74d", "ptr": true, "id": "64145fba-d712-44c9-ac1d-06a125abd856", "module": "https-simple-new", "options": {}}, "ip_str": "88.97.37.126"}, {"hash": 1483822811, "ip": 3642064203, "org": "Liquid Telecommunications Ltd", "isp": "Liquid Telecommunications Ltd", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:55:47 GMT\r\nContent-Type: text/html\r\nContent-Length: 746\r\nLast-Modified: Tue, 12 Jun 2018 15:23:56 GMT\r\nConnection: keep-alive\r\nETag: \"5b1fe58c-2ea\"\r\nExpires: Tue, 23 Jul 2019 20:55:47 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 0\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS30844", "port": 5001, "ssl": {"dhparams": {"prime": "af75e481d7645e84ed69c5f5c06850d927405b5928230a22d7a7774949fde41f3db4bdea803154eca8b3ece6ed00c953f0a0feb26a35953bccd49acc18234fcb75f2f9ea34adb5e3ddaa1551acc828377556c845c07c8bb223f78fb0392d6a5c7d90ffc028b9f5b8b1379d2058419b98b03544b13b24bc8224b37329bf31cba51bbf4a0f7c92ef25817fde9d9f96aca976b7e4927f0bdf29df637ff3880cf2f596cc7fa02ceccdfec8992c8add0f18fd72843d31fb5331c779d1d8a38762049aade9efcbbf0057cba279f236c86bb4e86a78a369119a33e6876fc28c00a0718f7d9023c22ef9a5ff03481dc6f102f2822e89ffd6b54152772117ffd332d5e62b", "public_key": "79d0637b5b79d261c16a268d4f0107b8daed01d35c0609fd3b5c96a14d21e90f59c2fe01211a0eb46cc3518c5c6d841b63942c06ef88cdd30774f9a0410159e84d7b08b642e253f734ec9b54a636ca380244a9dec42462e1200363ed974a6ebb2fa6995c7b767735f1d901fea0764fca252ac8330415f70e54d16411f530b7c9073b5fa1023776875cc3dc187507cd8e1030d391c79a9795076de283abd01152fbf373b1baf01c4c7da44385ba29323c250c9404dcd90c8b3f043034685318c06deffa6d20c114bd771e7e615d7460a4b447edc995156c3423f0cd3d73fcd6eb2a914855c78af7c820f4c1803dbcbd167c7a437e40734f88f06cc7bebf26dddb", "bits": 2048, "generator": "5ed16c58d12db318300485d0ecdde826a93e096117a6ff5394f5b9006561fccd6b7715e9d84569ba9d501f692b681f9c33137ca037c33920074a024eb63f9e62dccb1204d589c913f1caba95da04c7c7d449518d6aa38ef0939ba3fb684133145f358e78ccdc7ccafdbad6264a96485c1769820b1c337bcf33763b7522529c7d5e455cc56c76e8ccf19d20befe031b8e93fdf1a29524ceb226f869fb8e3884905d273744c575a200e6cd42020567400d2a1660a8081dd4d4b7d658b582df5ba0752d32479f9df2b62af56e436dc5b2a63bb7d0baebcdd110c91fe770ff24f7a9a1073e5183a02cabbbc12cd56b98cf55a46a6885f8fedb471681335409ac9e6a"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190723005618Z", "expires": "20191021005618Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x144\\xb9\\xf9\\x12\\x89\\xbf\\x02E:\\xa26\\x80`\\x8er\\x08\\x97\\xf4\\xff\\xfa", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x13\\x82\\x11westcom.3cx.co.za", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00v\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01l\\x1c\\x8b-\\xbc\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\x97\\xb3\\x1e\"\\x077\\x0e\\x93\\x18\\xd2l\\x9d\\x98\\xf4\\xa5\\xcf\\xe1\\xa6\\x83\\xda\\xbc\\xfaqP&\\xd0\\xbc\\xbe\\x7f\\x8a\\x05\\x13\\x02 KP\\x8a4\\x82\\xf5\\xd7*\\xb8\\xc0\\xfaa\\xe3_\\xb5\\xce\\r\\x83\\x92\\xbdn|\\xca\\xe9_\\x9d-\\x1f\\x8c\\xdb\\x94c\\x00v\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01l\\x1c\\x8b-\\xe0\\x00\\x00\\x04\\x03\\x00G0E\\x02 _\\x85;,\\xa8\\x9a\\x11\\xb9\\x16\\xacZ`5\\xe6\\r9[\\xc7H#\\xae\\xe0b\\x7f\\x12\\x9d\\xf7K\\x93k\\xa5\\x13\\x02!\\x00\\x9b\\x9b\\xe6b\\xf4V4\\x13\\xe3b\\x83\\xda\\xa1\\xef\\xe6{\\x8b)I%\\xadR#\\x14\\xc8@Q\\x80A\\xa1\\xd6\\xdf", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "e20510daf5381e4ad4e3c081676744d3524cc1960c16313e478283bdb9eeaf8a", "sha1": "6ddce7e0b4805e19c418401e74c4a10f1c0d7a8e"}, "serial": 288532349901291899113243398842121395182824, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "westcom.3cx.co.za"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFWjCCBEKgAwIBAgISA0/rnUKK3ItKTIVh2LhaxRzoMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MjMwMDU2MThaFw0x\nOTEwMjEwMDU2MThaMBwxGjAYBgNVBAMTEXdlc3Rjb20uM2N4LmNvLnphMIIBIjAN\nBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nHkbHR7oD93rpOL31YladjiDpTj\npSdL2fyx4r5bklpayekDLx2BwdOLkF36i4dz3v4CUqppoOZnBzme53oqVns7d2yj\nBiPCJGDu9wmIHtYm9LO7q/PRUKzZJqZp0H14Ct2/9cw+C5kf3PA0N6k95YsqaqP8\n2zpbOQeADNzC29u5Ufs0wUC4rvRBsOuXOk5zMsLy0PMQPWd/BlvMVeBa1cqz0mkq\nj4bXCZdh+UAwO3rNpyW9Q7hP6IhwP7X0v7ks2HMrqyy8BXeqqsm2RD6qjwYWtAwX\nW2ZRtTV4roy4vHRrhPs7Pby0biBHNvV2abZYRgLtOvLUOgf7hsQAYzDVkQIDAQAB\no4ICZjCCAmIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr\nBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ0ufkSib8CRTqiNoBgjnII\nl/T/+jAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcB\nAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlw\ndC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlw\ndC5vcmcvMBwGA1UdEQQVMBOCEXdlc3Rjb20uM2N4LmNvLnphMEwGA1UdIARFMEMw\nCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j\ncHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA4mlL\nribo6UAJ6IYbtjuD1D7n/nSI+6SPKJMBnd3x2/4AAAFsHIstvAAABAMARzBFAiEA\nl7MeIgc3DpMY0mydmPSlz+Gmg9q8+nFQJtC8vn+KBRMCIEtQijSC9dcquMD6YeNf\ntc4Ng5K9bnzK6V+dLR+M25RjAHYAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWmOLHH\naFRL2I0AAAFsHIst4AAABAMARzBFAiBfhTssqJoRuRasWmA15g05W8dII67gYn8S\nnfdLk2ulEwIhAJub5mL0VjQT42KD2qHv5nuLKUklrVIjFMhAUYBBodbfMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFkm/wR/saRMcJ8PQRZus18kbWHKYXOaLQRjX16kZWt0cs\n2n7/TqgLYgpz0xyotHHo2QvqGZ2fdP4634I5YZAJIz7WVc08sdhn4vuovkAXSHq/\nH/GmFLDiyMYkecDRWt8l//qCn0k/POQQzWJEpSAZJohPM+DOnCBZf7nvI9RI9rpK\nmdhs2/fO+NmZJFjdbF5/uLK9iO1iJlvWZkeLbXpCyYAMujYr7O303P0OPLk318zA\nq3poe5fteIsB9m8g+vZLCYaE9Qvs+u/jL5JXQOXgMAqqPX2z70+9PpEb/8c7zZNI\nUl1sDOMQ+CIsDHEtTS8nGAFA8JDheKSfNUW1ftBM\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["http/1.1"]}, "hostnames": ["217.21.125.75.liquidtelecom.net"], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 38.0, "country_code3": "KEN", "latitude": 1.0, "postal_code": null, "dma_code": null, "country_code": "KE", "country_name": "Kenya"}, "timestamp": "2019-07-23T20:55:47.460617", "domains": ["liquidtelecom.net"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://217.21.125.75:5001/favicon.ico"}, "host": "217.21.125.75", "html": "\n\n\n \n 3CX Phone System Management Console\n \n \n \n \n\n\n
\n
\n\n\n", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": -359021997}, "os": null, "_shodan": {"crawler": "545144fc95e7a7ef13ece5dbceb98ee386b37950", "ptr": true, "id": "ae91ca75-d4e8-4b1e-835d-9ad470bb185d", "module": "https-simple-new", "options": {}}, "ip_str": "217.21.125.75"}, {"hash": 658235651, "ip": 773948092, "org": "ICUK Computing Services Limited", "isp": "ICUK Computing Services Limited", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:56:47 GMT\r\nContent-Type: text/html\r\nContent-Length: 746\r\nLast-Modified: Wed, 17 Oct 2018 17:14:37 GMT\r\nConnection: keep-alive\r\nETag: \"5bc76dfd-2ea\"\r\nExpires: Tue, 23 Jul 2019 20:56:47 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 0\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS51561", "port": 5001, "ssl": {"dhparams": {"prime": "a7f80676bf5e6c93750849e8222b6b4e47bcea408a1c366ec30ed20dfe279cf709354cd1bd803a6615828d781622763c3d09e99e117f471f683ca26fa3c3076dcd9f4d64890b619a73c559f6f48b608000f10fcac053453edae1a5b9965aa1c4b0391581adae52962c1af9dbe38ca0ff3d736e2ec5036df5612a94cbd110449c5c297ee72040af2ca32da6f3108d40e7fbbed98479dea7d82bfcc094b33205b41f4951380a0aee63933d0ca63d78f978e9e27d30991e6e35cdf4054ab5d6a1add72fa3b04db2114d7a2ef6aa441605e4600b9add7eae6d0f673bb3806552c613b7817acb9e9347eaccbb84d5aad95ecc420c17dc79d6f5f94abe5d8aaee839ef", "public_key": "a2a3df1f3f2ed9948a6e71c52be185deb8e82a9185119f852b645381d6f1cb53bae02e514a902c7e32bc60a74b34e02029fdcb793ce679f3fa12204e59e6eb9c646a3d825c115484e331ac8585197a195d9c46c2e08fd318b7794438640e56746dac3eab25d4a050ad49d75733776e77aefff8722cc3aea23e64b17268027643b51cb0a34f308b53cced48859a31dca4e71a436300578b780c8adbbf33a78876553b89d36525f4f0861eb2c82e3339f39a06a178666e9bb817880092b35f237134bb0601863e37c954f5628041db0088a1dd2774bdb714ad3ff8bc34a03b5c06645a4a7bab3454bb2e7f4ecb8bde4188efeef45562669da3e87f4085b82b3252", "bits": 2048, "generator": "0ab8dbfb4d3b361396c59b563f5259e41d1043c8e5316253572b77256822cd774e8b10543914026070afc4ed407114a9f3a6ca2ef357991351bcf99d1f5cbb2129fec338cd5fcd67e5c4ef66ff961fd4063a2587452f55c6b22ada9f37f35f9d442f37eea7525f08c93ebfbd101af61ee4dbdd48ad793790adcdf109e36b049871d013c143d5399d5faba1a3c55a6cc548031be442a34d8d7d28dca0b1575dff744f159edd65843843d99d3aece26bc58748f53437f322ef63234c7c3146d36841f1f1cf2ddc6a17edc5e35e0972ff341669704d767f7a94fe6c921055ca6a414685407dc79cc6da8b083bc278dcbe6987323daa3c4d5af2bed6650ce66fe346"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190712021004Z", "expires": "20191010021004Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14N|\\xbc\\xa3\\xdbN\\xd3\\x1d\\xe4P\\xb4\\xe7]~\\x9dt\\x0b/.\\x0b", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x14\\x82\\x12trinarch.3cx.co.uk", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00v\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01k\\xe4(\\xc2D\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xa6\\xec\\xe5\\x16\\xea\\xc1\\r\\xa3\\x94\\x05\\xdb\\xf5U\\x8fA\\xf6\\xe2GJ\\x17\\x8bs\\t\\xb5\\xeb\\xf3\\xa3\\xca?E\\xf8i\\x02 \\x7f|j\\x0e\\xfc\\x11[\\x14\\xd3Ga\\x07\\x83\\xbe\\xdd\\x19\\xec-\\x8d\\x03\\x1d\\x91\\xc1?\\xec\\x08y\\xd0\\x9f:$<\\x00v\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01k\\xe4(\\xc2f\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xa2<\\xf6\\x10G\\x7f \\x04\\xf6\\x02\\xe5\\x87\\x94\\xc9L\\xc6\\xce\\xa0[K`\\x0e\\x90\\xff_p\\xed\\xaa[5(\\xaa\\x02 {\\xa2o\\xe62\\x1av\\xd9\\x16\\xb9\\xd5*eshU\\xef\\xf8\\x97!\\x00\\xf7\\r\\x87\\x0f\\x85\\xd3\\xb0\\xa2\\x1a!\\xca", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "d22154843498fa5bd94ed8839c6d6413259e73055c8ed69bdbfd085441bfc033", "sha1": "9f236aee399b65faa6b5a24db353b8f39e4c92be"}, "serial": 309498981875451710102360192623401617826111, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "trinarch.3cx.co.uk"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFXDCCBESgAwIBAgISA42JJ7H0AXupGt3uqGSrO6E/MA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MTIwMjEwMDRaFw0x\nOTEwMTAwMjEwMDRaMB0xGzAZBgNVBAMTEnRyaW5hcmNoLjNjeC5jby51azCCASIw\nDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN0Xck/+0zD76KSrhTG2IW/ldD+k\ny5nw1hYKYfMX7bwXweHi8NRAkYDgkmn9qO0Ss6sOd5zhGl0OrLtHDrUghQ2djezX\nlGO5YdETrH1zZn67Nc9EOgYf1qzH/bDsR1GFa8Qqnn/FUBc7aHu0SoL8Xk7AU9Kq\njH3gR/dXOxqw4akUR3iiV/B2otb+nXejtRB+i29OE9jVpbCEdZhYpTotyN0W69ic\nWEg7Jq0UmkInVfCrR6mRuiNQN4LEKFJtSTOyEV80lsC8ObGEy/CHKwQQUoMCo8Hx\n9Cw6N8NXvN4tMKZ71KEYs6jhx/SQ05DPmjtExZaXOOuBgSfrJL6N3WUuN8MCAwEA\nAaOCAmcwggJjMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUTny8o9tO0x3kULTnXX6d\ndAsvLgswHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUH\nAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5\ncHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5\ncHQub3JnLzAdBgNVHREEFjAUghJ0cmluYXJjaC4zY3guY28udWswTAYDVR0gBEUw\nQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDov\nL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDi\naUuuJujpQAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWvkKMJEAAAEAwBHMEUC\nIQCm7OUW6sENo5QF2/VVj0H24kdKF4tzCbXr86PKP0X4aQIgf3xqDvwRWxTTR2EH\ng77dGewtjQMdkcE/7Ah50J86JDwAdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4\nscdoVEvYjQAAAWvkKMJmAAAEAwBHMEUCIQCiPPYQR38gBPYC5YeUyUzGzqBbS2AO\nkP9fcO2qWzUoqgIge6Jv5jIadtkWudUqZXNoVe/4lyEA9w2HD4XTsKIaIcowDQYJ\nKoZIhvcNAQELBQADggEBAH18O/vct9LK6KlFiDvVnd6QyNSFAjEYdulLTGOiahTn\nsgBizD2U81aPq+wGcUuhbC7Gj7GOEG/aWZtSAdOyh5NrXuMl7Oy+CZNSp0gdTOrs\n1x+pXsh9E5/HUKAJxqUrteuw8mrOy1/QqIRL4rHBqvBxVLfU8cgFopYzqnUpRjF/\n3fwAFvduTn1mi/mwNG18v4GcKvDxufa8pUf0qAGnI4BBNPFf1Sx5EYx3jUmxzjw2\nxb1qxtaLFR68Qahx73AkBlEd398OlJAlnDqgqgDQ4o2J+hDbaScZjyJCI8NbWo+0\nCXt+VafOPVU07yYi/GQXn/1M/Fc5ousKJjifKYyYkWM=\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["http/1.1"]}, "hostnames": ["dsl-fixed-46-33-130-188.interdsl.co.uk"], "location": {"city": null, "region_code": null, "area_code": null, "longitude": -0.12239999999999895, "country_code3": "GBR", "latitude": 51.496399999999994, "postal_code": null, "dma_code": null, "country_code": "GB", "country_name": "United Kingdom"}, "timestamp": "2019-07-23T20:56:47.923692", "domains": ["interdsl.co.uk"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://46.33.130.188:5001/favicon.ico"}, "host": "46.33.130.188", "html": "\n\n\n \n 3CX Phone System Management Console\n \n \n \n \n\n\n
\n
\n\n\n", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1680756703}, "os": null, "_shodan": {"crawler": "339d3eded941e01ca426596e93f3fdf4c9346ccd", "ptr": true, "id": "93ef9f7f-aeb6-4a77-8e27-dc6502b9ea79", "module": "https-simple-new", "options": {}}, "ip_str": "46.33.130.188"}, {"product": "Apache httpd", "hash": 1544686127, "ip": 1879925415, "isp": "China Mobile", "transport": "tcp", "cpe": ["cpe:/a:apache:http_server"], "data": "HTTP/1.1 200 OK\r\nDate: Tue, 23 Jul 2019 20:53:40 GMT\r\nServer: Apache\r\nX-Frame-Options: SAMEORIGIN\r\nLast-Modified: Thu, 17 Aug 2017 19:29:23 GMT\r\nETag: \"869-556f8079f163b\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2153\r\nVary: Accept-Encoding\r\nContent-Type: text/html\r\n\r\n\r\n\r\n \r\n Bitnami Redmine Stack\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n
\r\n
\r\n \r\n \r\n \r\n \r\n
\"Bitnami\"
\r\n
\r\n
\r\n

Awesome! Redmine is now installed.


\r\n

Access Redmine

\r\n
\r\n
\r\n \r\n \r\n \r\n \r\n
\r\n

You just installed Redmine using Bitnami - the fastest, easiest and most secure way to deploy your favorite app.

\r\n
\r\n \r\n \r\n \r\n \r\n
\r\n \"Bitnami\r\n  \r\n
    \r\n
  • Visit the Bitnami Redmine wiki page for more information on managing your installation.
  • \r\n
  • Access the built-in management tool phpMyAdmin. For security reasons it is only accessible when using 127.0.0.1 as the hostname.
  • \r\n
  • Find answers to common questions or pose a new question on our community forum.
  • \r\n
\r\n
\r\n

Thanks for using Bitnami!

\r\n
\r\n \r\n\r\n", "asn": "AS56041", "port": 8081, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 113.72660000000002, "country_code3": "CHN", "latitude": 34.77250000000001, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:56:52.910208", "domains": [], "org": "China Mobile", "os": null, "_shodan": {"crawler": "c4f6dbc45caa04f64112a93cf20c797b31978655", "ptr": true, "id": "c8734683-4055-45c7-b22a-937ce2620ecb", "module": "https-simple-new", "options": {}}, "ip_str": "112.13.98.167"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "EPRT": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": true, "features_hash": -16549768}, "hash": 1662729300, "ip": 3107919880, "isp": "Sprintel s.r.o.", "transport": "tcp", "data": "220 storage-server\r\n230 Anonymous access granted, restrictions apply\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n TVFS\n MFMT\n SIZE\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n UTF8\n LANG en-US*\n EPRT\n EPSV\n211 End", "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "25d7bcbc-5869-47f4-a707-1609ef3d3b4d", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 14.411200000000008, "country_code3": "CZE", "latitude": 50.0848, "postal_code": null, "dma_code": null, "country_code": "CZ", "country_name": "Czech Republic"}, "timestamp": "2019-07-23T20:56:12.410142", "domains": [], "org": "Sprintel s.r.o.", "os": null, "asn": "AS197013", "ip_str": "185.63.24.8"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1618571074}, "hash": -1204035539, "ip": 2039038990, "isp": "Korea Telecom", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (ipTIME A7NS-F925D1) [::ffff:192.168.0.1] EUC-KR\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "0636e1e6dd371760aeaf808ed839236e73a9e74d", "ptr": true, "id": "2038ff19-b442-416e-89df-3afeaffa47b7", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Yongin", "region_code": "13", "area_code": null, "longitude": 127.20100000000002, "country_code3": "KOR", "latitude": 37.233599999999996, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:56:12.288956", "domains": [], "org": "Korea Telecom", "os": null, "asn": "AS4766", "ip_str": "121.137.68.14"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1618571074}, "hash": -611128061, "ip": 31533573, "isp": "SK Broadband", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (ipTIME A704NS BCM-71B47B) [::ffff:192.168.0.1] EUC-KR\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "93b89eaabe5431ba7f29e8d442c5903ef6e244f6", "ptr": true, "id": "241d7929-597a-4157-a6f2-c107859306f7", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Seoul", "region_code": "11", "area_code": null, "longitude": 126.97829999999999, "country_code3": "KOR", "latitude": 37.5985, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:56:08.059081", "domains": [], "org": "SK Broadband", "os": null, "asn": "AS9318", "ip_str": "1.225.42.5"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US.UTF-8"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.groupname", "UNIX.mode", "UNIX.owner", "UNIX.ownername"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "HOST": {"parameters": []}, "CLNT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": -618130258}, "hash": 1115962793, "tags": ["starttls"], "ip": 1073309523, "isp": "Cruzio", "transport": "tcp", "data": "220 ProFTPD Server (ProFTPD) [63.249.103.83]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n STOR STOU APPE REST ABOR USER PASS ACCT* \n REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n AUTH TLS\n CCC\n CLNT\n EPRT\n EPSV\n HOST\n LANG en-US.UTF-8*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;\n PBSZ\n PROT\n REST STREAM\n SIZE\n SSCN\n TVFS\n UTF8\n211 End", "_shodan": {"crawler": "8cd926590a400feb4b683f8337a77287ddf3d2c7", "ptr": true, "id": "098f03c1-0c46-437f-b4a8-29c48f54c155", "module": "ftp", "options": {}}, "port": 21, "hostnames": ["berlimages.com"], "location": {"city": "Boulder Creek", "region_code": "CA", "area_code": 831, "longitude": -122.1514, "country_code3": "USA", "latitude": 37.16149999999999, "postal_code": "95006", "dma_code": 828, "country_code": "US", "country_name": "United States"}, "timestamp": "2019-07-23T20:57:39.974979", "domains": ["berlimages.com"], "org": "Cruzio", "os": null, "asn": "AS11994", "ip_str": "63.249.103.83"}, {"hash": 1571438409, "ip": 3337323706, "org": "Intelligent Technology Solutions", "isp": "Intelligent Technology Solutions", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:53:37 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 28 Mar 2019 08:23:00 GMT\r\nConnection: keep-alive\r\nETag: \"5c9c8464-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:53:37 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS54611", "port": 5001, "ssl": {"dhparams": {"prime": "a6e1fd79fbc3895d19c638804717af6cd779646901c034cdcb409f85cb377811c76b2e17d795d90022a83b6e7d2d89aa80d682ce1dd400c1aeca1c5eb85c1db541fd1e370541ed56e87c7858d85302a46370bdf1eeae3de0fc7186a0c135e9ce657aad0bfc5bdd719b3fac6e9e8d7fff313dd6e9f667a3c9811e3363f9ee5ca63d4b746869a9344e88ac549b55dd59159050d37100433f8615ba1987fbbb1a20b0d7454e71f89d7a8db9ec5a97899cbb8c3008152bac2f4a9299f0a472208549fbcd46d0dd9ee72e15975018d32b0680379df8ed583fd5feb4bc9255f5c47db26ee5745c296fa23f4cef5a5f3fd4954c3a3d88e995a15e013a82f43719aaa483", "public_key": "9a94e6096860b70627525a74c989fe9a2e0939b482d53b59319786bc9c844062254fd38e489b62c0aee4fa9255a681c05e88ca4e8bdc223a34c1e426e2a77223ccfcf7e49f244629956b29405209a6f14ff17e1bdcbd0fdc257086814dc1f6726a4d952ea499aa518f47b58e313c21afe26cfe3d742a3e4ef8e37d080517008473f1da8cb7c39d7b71a96efb503e53d7f412c7c34f36dd16eaee0102bb86cf189cb560fadb42256e738b83803e3d8d1dea00a176a87da3c4d9435855c436c137f8c45509d2e22d536bc046b781fc26529472629dd60a8c1ca96480efa0ecc6039c07dddf9ae8d3f28956a38d71150b2e7be86b32f772dff97fa11bae0ef54622", "bits": 2048, "generator": "a365377c0e76e94ea84324b9616c2f4abd6f84951d189ce58ecac4c7b791fff41346cefea027d923caa716cb13f009800b319191ad7a73424cc047b38fd2e6594cb42f34dc0f297028c3abf9d5c5094909244bf4f34b60131250b57af6ed1dc356efeb112075077a692cca04491b4d190147caec94f2c2e54e1c5caf276adf028003b02d71940dac6c549fe5efef61769fb3c4da38f420a5f15c09f78588683a054253b90ba1b961580e19fb44097b7953bf26e30c99310bf48f29b8735c4de9aebf6179f7231f1e4464e09635d060c35bea0ba7b4d690b9d86d4d36b000e598f18f7bb6f97c0708fe25d5d4010a4ec8fc93b368e096ac5fcdaaae4190a4a597"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190529064211Z", "expires": "20190827064211Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\x04>M\\xf7\\xa3\\xd0\\x0eT\\xa5j\\x9c\\xd1p\\x06\\x06\\x80\\xe9\\xf6<\\xe9", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x10\\x82\\x0ekmecpbx.3cx.us", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00v\\x00t~\\xda\\x831\\xad3\\x10\\x91!\\x9c\\xce%OBp\\xc2\\xbf\\xfd^B \\x08\\xc675y\\xe6\\x10{\\xccV\\x00\\x00\\x01k\\x02\\x8a\\x12\\xbf\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xbf\\x9c\\x8f\\xf4\\xec\\xa5\\xf1\\xee\\x91Yl\\x12G@\\x92\\xd4\\xa6Q\\x10n\\xcf\\xdb\\xe5\\x08\\xb4\\x15\\xc6<\\xdd\\xd2\\xe2x\\x02 j\\x07\\x9f\\xcf\\xf4y\\x16G\\xc7\\xf8\\xd8\\x92\\xe4\\xbe\\xbd\\xd8\\x7fQ\\x98O\\x9eEg\\xab\\x00v\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01k\\x02\\x8a\\x12\\xd6\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\x87n`l\\x08w9\\xd41\\x90F\\xd3W\\xff\\xc7\\tP\\xb6~:\\xbe\\xfeJ\\xe3\\x07#\\x80\\x80\\xa5\\x1a\\xea\\xf7\\x02 s\\nz|\\xae\\x01\\x88\\xbb\\xbb\\xa8hr\\x97\\xc89\\x816\\x14\\x1f\\x14P\\x00\\xd9\\xe2\\xd6\\x9e\\xbb\\xed\\xdf& 5", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "60728d98a1f9e9ca139d6de4af0d8a9110c4c6c2aae3d2152a057f5341ae5f4f", "sha1": "df8f97951fee422f23ee076b3b9521e8b562bc54"}, "serial": 299477921443064404799627897849623924683562, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "kmecpbx.3cx.us"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFVDCCBDygAwIBAgISA3AWJai0howWq1wBvfF7C7MqMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MjkwNjQyMTFaFw0x\nOTA4MjcwNjQyMTFaMBkxFzAVBgNVBAMTDmttZWNwYnguM2N4LnVzMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wsgN5Czbr9fmli7uzgRTwrplhklyme0\npU3xzGrCMeTq5vzkBNWWOZZa6j2yALwGVzFhH1hn9aD5hSDEjNl+F4W8E91bbwsM\n6sZt9c8iouDSM7QC9KU4uSnXoU9nOEMBZ9ZKuoxqAgHHz6LkODbG+56LINVYHr8O\n9ftf26eymLg7q9vGb//mtULKfgYUN2SoTDCf7dk57fjuo+I8FjBternmx7oBVwBJ\nzxyST4w0jg7Luq0PQlO8D6OOpLzBkWi2IRahgr7K9xVSBvhlxwGaXos+aHv3yax2\nJAfHqA80JilhFhwvA7JRO7UxGEwF4WgAWNRkT52+MqAjPeWwBN52jwIDAQABo4IC\nYzCCAl8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF\nBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQEPk33o9AOVKVqnNFwBgaA6fY8\n6TAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRj\nMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5v\ncmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5v\ncmcvMBkGA1UdEQQSMBCCDmttZWNwYnguM2N4LnVzMEwGA1UdIARFMEMwCAYGZ4EM\nAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0\nc2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAdH7agzGtMxCR\nIZzOJU9CcMK//V5CIAjGNzV55hB7zFYAAAFrAooSvwAABAMARzBFAiEAv5yP9Oyl\n8e6RWWwSR0CS1KZREG7P2+UItBXGPN3S4ngCIGoHn888dmjMKx1LPvR5FkfH+NiS\n5L692H9RmE+eRWerAHYAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWmOLHHaFRL2I0A\nAAFrAooS1gAABAMARzBFAiEAh25gbAh3OdQxkEbTV//HCVC2fjq+/krjByOAgKUa\n6vcCIHMKenyuAYi7u6hocpfIOYE2FB8UUADZ4taeu+3fJiA1MA0GCSqGSIb3DQEB\nCwUAA4IBAQAnUDsxwlmLhPm0pXQr2zmn1u5Vl3pJqvUQ0YgLXBiyIp6PBW04Xt/Q\nEIRPWS4zfGMdwzo54XBj8ac/4TeS4alWcstSoY5VPhJprl+VtRyqFPSz5/l2GpXk\nI0ARPJkInOY/5R2Wa+/i5hBj23W0NgZpI6ChWbvtJnfFI/f/k7jYQ/mUGN228DBJ\nwMFKLU7pN+DlkYXymUokkwubGg50AIbcwwb62xPHaXxz0fonne7M1XNw1ckXMJQr\nahBg/SVmsMCpB0FlwcUfouljPc46la5ZW1XnWnKj9aVnBxG0QVL5kXk15s7fD7cQ\nERBMPxD0pliu5nZ3jai3pPzKlXvBIWBB\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["h2", "http/1.1"]}, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": -97.822, "country_code3": "USA", "latitude": 37.751000000000005, "postal_code": null, "dma_code": null, "country_code": "US", "country_name": "United States"}, "timestamp": "2019-07-23T20:53:37.867110", "domains": [], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://198.235.132.186:5001/favicon.ico"}, "host": "198.235.132.186", "html": "3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": -157832278}, "os": null, "_shodan": {"crawler": "f7946cbe2dc20c40fcbcb81ad90aa01731b690ab", "ptr": true, "id": "d61c1976-6e19-4209-9d77-099a68878953", "module": "https-simple-new", "options": {}}, "ip_str": "198.235.132.186"}, {"ftp": {"features": {}, "anonymous": false, "features_hash": 911419308}, "hash": 1246194877, "tags": ["starttls"], "ip": 3204893380, "isp": "IPV6 Internet Ltda", "transport": "tcp", "data": "220 ::ffff:191.6.202.196 FTP server ready\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n214-CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n214-EPRT EPSV ALLO RNFR RNTO DELE MDTM RMD \n214-XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n214-NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n214-ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n214-STOR STOU APPE REST ABOR RANG USER PASS \n214-ACCT* REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n211-AUTH TLS\n211-CCC\n211-CLNT\n211-EPRT\n211-EPSV\n211-HOST\n211-MDTM\n211-MFF modify;UNIX.group;UNIX.mode;\n211-MFMT\n211-MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;\n211-PBSZ\n211-PROT\n211-RANG STREAM\n211-REST STREAM\n211-SIZE\n211-SSCN\n211-TVFS\n211 End", "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "561b9c25-3528-4d5d-87bc-ef259d22dd60", "module": "ftp", "options": {}}, "port": 21, "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "-TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190722000000Z", "expires": "20210721120000Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"data": "0\\x16\\x80\\x14S\\xca\\x17Y\\xfck\\xc0\\x03!/\\x1a\\xae\\xe4\\xaa\\xa8\\x1c\\x82V\\xdau", "name": "authorityKeyIdentifier"}, {"data": "\\x04\\x14\\x95L\\xfe:\\xa0\\x9e\\x94\\xf9\\xa7\\xb4\\xd0\\x1fLy\\x87z\\xc5\\xfe\\xa7\\xd0", "name": "subjectKeyIdentifier"}, {"data": "0\\x1e\\x82\\x0e*.kinghost.net\\x82\\x0ckinghost.net", "name": "subjectAltName"}, {"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"data": "0503\\xa01\\xa0/\\x86-http://cdp.rapidssl.com/RapidSSLRSACA2018.crl", "name": "crlDistributionPoints"}, {"data": "0C07\\x06\\t`\\x86H\\x01\\x86\\xfdl\\x01\\x020*0(\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1chttps://www.digicert.com/CPS0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x01", "name": "certificatePolicies"}, {"data": "0g0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\\x1ahttp://status.rapidssl.com0=\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x861http://cacerts.rapidssl.com/RapidSSLRSACA2018.crt", "name": "authorityInfoAccess"}, {"data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x82\\x01l\\x01j\\x00w\\x00\\xa4\\xb9\\t\\x90\\xb4\\x18X\\x14\\x87\\xbb\\x13\\xa2\\xccgp\\n<5\\x98\\x04\\xf9\\x1b\\xdf\\xb8\\xe3w\\xcd\\x0e\\xc8\\r\\xdc\\x10\\x00\\x00\\x01l\\x19\\xc1\\xf1{\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\x87\\x86\\x85Gm\\x08>\\xca\\xe66:6\\xfe\\xb0\\xbd\\xac\\xfb\\xa0\\xd3^\\xad\\x975\\x1e\\xefo\\xb89-]\\xf0;\\x02!\\x00\\x86\\x8b\\x97\\xa1?;\\xdd\\rtJ\\xf8*O\\x92\\xca\\xd7(\\xfbL\\x7fe\\x8c\\xfc\\x0c\\xd3\\x11f\\xc1\\xb3\\xd6\\xbd;\\x00w\\x00\\x87u\\xbf\\xe7Y|\\xf8\\x8cC\\x99_\\xbd\\xf3n\\xffV\\x8dGV6\\xffJ\\xb5`\\xc1\\xb4\\xea\\xff^\\xa0\\x83\\x0f\\x00\\x00\\x01l\\x19\\xc1\\xf1\\xbb\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\xd7\\xa9q\\rL\\xb0\\xa2\\x96&\\xf60L\\xc6\\x9c\\x90B\\x17:>\\x86\\xcb\\xec\\x85\\x94o\\x9aM\\xb2\\x9aN\\xd1\\xba\\x02!\\x00\\xe1\\xd2\\xa7\\x8e\\xb1\\xc7\\x1a\\x11\\x10\\xf7Sz\\r\\xaa\\x14\\xc2\\x0e|\\xdf\\x1d\\xf7H\\xb5\\xbb\\x7fZEw\\x85\\xb0/f\\x00v\\x00D\\x94e.\\xb0\\xee\\xce\\xaf\\xc4@\\x07\\xd8\\xa8\\xfe(\\xc0\\xda\\xe6\\x82\\xbe\\xd8\\xcb1\\xb5?\\xd33\\x96\\xb5\\xb6\\x81\\xa8\\x00\\x00\\x01l\\x19\\xc1\\xf0\\x95\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xa4\\xba\\xe0NT\\x016\\x9e\\x1e\\''s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US.UTF-8*\n UTF8\n EPRT\n EPSV\n MDTM\n TVFS\n MFMT\n SIZE\n211 End", "_shodan": {"crawler": "70752434fdf0dcec35df6ae02b9703eaae035f7d", "ptr": true, "id": "4724d0ee-5814-443d-aa33-cf9bb8aa6f9f", "module": "ftp", "options": {}}, "port": 21, "version": "1.3.5d", "location": {"city": null, "region_code": null, "area_code": null, "longitude": 9.491000000000014, "country_code3": "DEU", "latitude": 51.29929999999999, "postal_code": null, "dma_code": null, "country_code": "DE", "country_name": "Germany"}, "timestamp": "2019-07-23T20:57:38.944128", "domains": ["rmedya.net"], "org": "Contabo GmbH", "os": null, "asn": "AS51167", "ip_str": "213.136.94.207"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "UTF8": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 854928527}, "hash": 454533916, "ip": 2948910190, "isp": "Korea Telecom", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (siwonas-2932EC) [::ffff:192.168.0.75] UTF-8\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR RETR2 STOR \n STOU APPE REST ABOR USER PASS ACCT* REIN* \n LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n UTF8\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "2e0cd63a-d2ca-410e-af04-5d2980b2fa85", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Seoul", "region_code": "11", "area_code": null, "longitude": 126.97829999999999, "country_code3": "KOR", "latitude": 37.5985, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:55:37.586520", "domains": [], "org": "Korea Telecom", "os": null, "asn": "AS4766", "ip_str": "175.196.204.110"}, {"hash": -1034285075, "ip": 643962669, "org": "Cogent Communications", "isp": "Cogent Communications", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:55:44 GMT\r\nContent-Type: text/html\r\nContent-Length: 746\r\nLast-Modified: Mon, 27 Aug 2018 15:34:00 GMT\r\nConnection: keep-alive\r\nETag: \"5b8419e8-2ea\"\r\nExpires: Tue, 23 Jul 2019 20:55:44 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 0\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS174", "port": 5001, "ssl": {"dhparams": {"prime": "ec1966cfe827026aa47163e55299514227b686ba3522a0056e7ab06bee7becf53b679a76f99bc263b81e68fdb5817bb2a06baa6ce36395af24c8e18dd52c0ca34b97db5fe9b7dad452f8bc6d65828ff0dde54b2527c7bebd794b2cbc2a588b02c9d64cb9347dc03a0fa067d59b17f3c15cf46750bb619baf4e2afb9cad8d53a2ad05ea5b32c6bef09dcb8d359831a2c7b9698c95df207833a89d3b721a840c05149a5c14e559cf9305b46ab19f9725dfdd3573468d38a09f9d3928ba6c350e6a83a79a8dc87e3e02e4846a66cae4f2a51920f555e26fa203f0897a9e4c6d6c14d6fff94f9abbb0441ccd2738c1759acab093dff29c8cfc7238b77e806f13c8fd", "public_key": "e2b398958bd0e0bda86b97075afd1c609551225bf9618b2e0319586e3ade813be2175a3c9f70ef448b1d4817738f7eec446ab9ce7b9d6bb06e7dbd297dabea37a813293f7993310a4cd147934171b86d023bd85754d99854cf7d26a834be98a0c573358a484f1705c6d8e1a6ac61da707fd1e667eeedac5e00251e5216be663eff865f6d314e1180bbe9cbe53f775acf075d9b8d75566d41bd54c848005f6953c19edcc648638b55ffa527c48e4721926ed04198d67d6fb194e85f44a4d93e2c85f0b7f02b5b0b94ebec660ff1e5ed181ab6f5e11579fd87c2eb89dfb52fefc083105699e182dc04798bf2477321d68eb5e5561c15d0a9c223a1c6d5073a2343", "bits": 2048, "generator": "2e00cbd3b54f468b9055c288b759f0fc3d7798c771bee6c65ba26a0576a52afb7ef6b3aab56d38bd440a3c9bfab848bdf0b60187aafdad163e4b27146db1d75c314b34962fcd09e853a8dc97276d5eda20e27436317b896aec1c62cf0a92f5495a88c9a7b541d704fa7b7ed251f401e0545f7df1da49bf43271a08403a42cc3add44b3ce80b8eabe7792de027fef6eb88bc241fec54e41e204dddf8da93842e231ee8035736a5e622326d14a4eb4fd69e0e7c29cb0451a0c02745fb96d217be6341bb13f255c30b6a19e8e7b87fbb2d3fa4e642274419ea78970d40a5150cb3efd5579fec87482d7b262fa0a8813d6470875bca2784e1d44496f412326bfcf50"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}, {"id": 15, "name": "heartbeat"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190617113511Z", "expires": "20190915113511Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\xeb\\x14t\\x0b\\x17(\\xc0bpY\\xad\\xd0\\x8a\\xa9E\\xea\\xea\\x08\\xd6\\xf2", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x15\\x82\\x13uschillel.ca.3cx.us", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf1\\x00\\xef\\x00v\\x00oSv\\xac1\\xf01\\x19\\xd8\\x99\\x00\\xa4Q\\x15\\xffw\\x15\\x1c\\x11\\xd9\\x02\\xc1\\x00)\\x06\\x8d\\xb2\\x08\\x9a7\\xd9\\x13\\x00\\x00\\x01keo%>\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\x9a\\x95\\x85\\x0f\\xbf\\xaeq\\xd2\\xeb\\x03\\xd9\\xc5$\\xa2)\\xfa\\xc3\\xdd\\xcf\\xbe\\xf6!UyO9\\xab\\x0f\\xe7\\x94\\xcf7\\x02 I\\xd0|\\xeb\\xf40_\\x8e\\t(\\x97\\xccB\\x17{\\x9cV\\x84w\\xa9DUZ\\x17n)\\xcb0\\xb3\\x88\\xd7\\x89\\x00u\\x00)", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "f503a8395982b2286704c07d829e85683af7036601cbeb5991d8a42ca1c74b4f", "sha1": "4a1bbbe1c0384a7d02df447374fbde67d9cafcf2"}, "serial": 330494251819714587882360803756616244349831, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "uschillel.ca.3cx.us"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFXTCCBEWgAwIBAgISA8s8PZpNdQ4csWDujJav/UuHMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MTcxMTM1MTFaFw0x\nOTA5MTUxMTM1MTFaMB4xHDAaBgNVBAMTE3VzY2hpbGxlbC5jYS4zY3gudXMwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxp1mvtcY8L60N8ZIOMny7t49p\nQmUv3d7CwFIQyodKdTitUmugaAmnMEivX0Ra7T+rFakyM9j0AUTYME5TXiln881i\nhZWSEXHAlpaCaRzrhIc9ZYkL0pBSKiuaKe80uSV81HmdhZEYVU6vDGEeBzcWVyLr\nRWC965UURj+24o/o129yowqX/IBWe6BS8e76Dh4Vmbqzfwp0xkOcGTzS0kgwsV3A\nSVhGyyvbcl40GxIwgM8ZhwZQ4LP9b3LLIKFNV+mNPdU8QkQC1QAB/b3CPD3CMt9v\nAKqlupTlC6b6y0aOW3S3sQn/8WurBzP0NG/npxfJ1RmJZ+MLaFWzXh+jpTrBAgMB\nAAGjggJnMIICYzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOsUdAsXKMBicFmt0Iqp\nRerqCNbyMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUF\nBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNy\neXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNy\neXB0Lm9yZy8wHgYDVR0RBBcwFYITdXNjaGlsbGVsLmNhLjNjeC51czBMBgNVHSAE\nRTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw\nOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2\nAG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa2VvJT4AAAQDAEcw\nRQIhAJqVhQ+/rnHS6wPZxSSiKfrD3c++9iFVeU85qw/nlM83AiBJ0Hzr9DBfjgko\nl8xCF3ucVoR3qURVWhduKcsws4jXiQB1ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLc\npMMM9OVFR/R4AAABa2VvJQoAAAQDAEYwRAIgfQR9EDOF3qwgeaTZ6szpc5kF1G2y\nQVmOpB+IpEASWPUCIFtxTZbeeH62oMnHdGZkPQtWDdo2Ib/c9Mrugr1YvqA+MA0G\nCSqGSIb3DQEBCwUAA4IBAQB9rKE3RVl3toloPrOQYyKXqnTgLbhQ4FzMyCLm0Mdq\nxF71aQ+pSA8CiARTRqdgBUiSSGwChFaLUZwZyQwhd0fhaY//LNdgMfie0iRj9JOo\nWFMa7WDwN1666/5CBnoxTXBUyuprvgQz+kO2QMhlZgB1OkKhqEZ7/+uOllRIP0XN\nk62p7Eq6CKinZryfrQbPoOMoUamY6xZgwSX3QEtJ870e0kf1Azs0RA2IAOoYqnFk\nl1K2szz9IZdFMaRh2kZlYwbFowpB5gpqVFrF69eu4MBuchVb9EtwTDt9wlOF0sD9\n3tlOBEOneWSTc8c30Me08JboOOzhPB27J3PFO+WP4HhA\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["http/1.1"]}, "hostnames": [], "location": {"city": "Lomita", "region_code": "CA", "area_code": 310, "longitude": -118.3184, "country_code3": "USA", "latitude": 33.7919, "postal_code": "90717", "dma_code": 803, "country_code": "US", "country_name": "United States"}, "timestamp": "2019-07-23T20:55:45.938968", "domains": [], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://38.98.23.45:5001/favicon.ico"}, "host": "38.98.23.45", "html": "\n\n\n \n 3CX Phone System Management Console\n \n \n \n \n\n\n
\n
\n\n\n", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1680756703}, "os": null, "_shodan": {"crawler": "c4f6dbc45caa04f64112a93cf20c797b31978655", "ptr": true, "id": "90559fac-7c1d-4556-9799-1c6b8ed014c3", "module": "https-simple-new", "options": {}}, "ip_str": "38.98.23.45"}, {"ftp": {"features": {"LANG": {"parameters": ["de-DE.UTF-8"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPRT": {"parameters": []}, "PBSZ": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "MDTM": {"parameters": []}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "SSCN": {"parameters": []}, "CCC": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -518580963}, "product": "ProFTPD", "hash": 1666423562, "tags": ["starttls", "self-signed"], "ip": 1384974165, "isp": "KAMP Netzwerkdienste GmbH", "transport": "tcp", "cpe": ["cpe:/a:proftpd:proftpd"], "data": "220 82.141.7.85 FTP server ready\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n PBSZ\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n UTF8\n EPRT\n EPSV\n MDTM\n SSCN\n TVFS\n MFMT\n SIZE\n PROT\n LANG de-DE.UTF-8*\n CCC\n211 End", "_shodan": {"crawler": "ac284849be0745621b3c518f74c14cf43cafbf08", "ptr": true, "id": "eb7d0301-7c46-47ce-a776-93feb3f75cc9", "module": "ftp", "options": {}}, "port": 21, "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20160706092818Z", "expires": "20170706092818Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 0, "extensions": [], "fingerprint": {"sha256": "5fb43fbd9579e8734080378f8c2e84105364f9ccce6ab4d437c8a23a7c0b019b", "sha1": "750c8235c50cb1c7d7336117cc9cc9ac12ad0b7b"}, "serial": 1467797297, "issuer": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}, "expired": true, "subject": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIDfTCCAmUCBFd8zzEwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw\nEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMQ0wCwYDVQQKDARP\nZGluMQ4wDAYDVQQLDAVQbGVzazEOMAwGA1UEAwwFUGxlc2sxHTAbBgkqhkiG9w0B\nCQEWDmluZm9AcGxlc2suY29tMB4XDTE2MDcwNjA5MjgxOFoXDTE3MDcwNjA5Mjgx\nOFowgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH\nDAdTZWF0dGxlMQ0wCwYDVQQKDARPZGluMQ4wDAYDVQQLDAVQbGVzazEOMAwGA1UE\nAwwFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaOyT4+USY580wQZ6FZMkctWdNqs/lMG\n6JbcnMSCw0ibuOZ9swtOvHKZxXBrQOI+qeWRT3nZ4SzP+WUuOClI4TqUwIaOvY3a\nR1sXT8Ylafa1z64XfvnzuekFMKdx8V+9tmn53Xk9qfflIbrhinUABbIw5bX+u9WM\nhbtpqiRTUfdHUmmqtqGT3TFlN/Zum8Gb+R2VbC+AV2+tFNfavLB8V72c2kq8AeqZ\nTAA/PDhEf3Jan1gyKw2Aj2Qvi68cvoN+aCGnE/nrKNEIF445TJgRXMiaP/RXwMLV\nHuby5OgXh4uBU/ZKoZgGDZQ4wML4pNUMhFuU0lCqLlTUcL8N98K1LQIDAQABMA0G\nCSqGSIb3DQEBCwUAA4IBAQBJxFboH2OzPo96q4lMszqgaqOIUVXKBGjsCxDKRAGe\nkq4M7GQh0s7dC2VpNBe/q215fMN5mBUpubqzTs/BJNM50kS/L5h2AXTfDQChcGvM\n5BnzbqlXEB7lzwFZv/WW6Hzc5Cqw1wswNgs49BBw84tGP1WdBjh1mF983bHbcMVA\nHiZS8lDYkNB0KsyG8jHJYrGFYdGHiHX5XelO9gplw78WVKSk9tZ+k/M5QusFNkzW\nSqu/8NQb6ekDmwq+rDmlcNsiWtHIz+FRpKFxzV1uTf74tRpSZk5LjNNsi/e1OXUw\njtuhwY1Dzbml2ImFjxpcjaHI+zkHB1NBTt6xocyhwDTo\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 9.491000000000014, "country_code3": "DEU", "latitude": 51.29929999999999, "postal_code": null, "dma_code": null, "country_code": "DE", "country_name": "Germany"}, "timestamp": "2019-07-23T20:56:47.162544", "domains": [], "org": "KAMP Netzwerkdienste GmbH", "os": null, "asn": "AS8648", "ip_str": "82.141.7.85"}, {"info": "SIP end point; Status: 200 OK", "hash": 756667943, "ip": 3662812173, "isp": "China Telecom", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=876528-0-13c4-5e62a-6127fd3c-5e62a\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=42.109.242.203;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer,path\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS4812", "port": 5060, "hostnames": ["13.20.82.218.broad.xw.sh.dynamic.163data.com.cn"], "location": {"city": null, "region_code": "23", "area_code": null, "longitude": 121.3997, "country_code3": "CHN", "latitude": 31.045600000000007, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:54:23.908178", "domains": ["163data.com.cn"], "org": "China Telecom Shanghai", "os": null, "_shodan": {"crawler": "c4f6dbc45caa04f64112a93cf20c797b31978655", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "218.82.20.13"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US.UTF-8"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.groupname", "UNIX.mode", "UNIX.owner", "UNIX.ownername"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "HOST": {"parameters": []}, "CLNT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": -618130258}, "hash": -296542577, "tags": ["starttls"], "ip": 3286329355, "isp": "Host Europe GmbH", "transport": "tcp", "data": "220 ProFTPD Server (ProFTPD) [195.225.104.11]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n STOR STOU APPE REST ABOR USER PASS ACCT* \n REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n AUTH TLS\n CCC\n CLNT\n EPRT\n EPSV\n HOST\n LANG en-US.UTF-8*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;\n PBSZ\n PROT\n REST STREAM\n SIZE\n SSCN\n TVFS\n UTF8\n211 End", "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "51058b89-5c87-48bc-bcdf-27d3dc9deec6", "module": "ftp", "options": {}}, "port": 21, "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190714074908Z", "expires": "20191012074908Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\x01\\xb5\\xf8\\x11\\xf5~[\\x93\\xae\\xca\\x81=%\\x9b\\xe3j=\\xafZ\\xc7", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x12\\x82\\x10v1251.vanager.de", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf4\\x00\\xf2\\x00w\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01k\\xef\\xab\\xe4\\xa5\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\xe6\\xaf\\x1bZ\\x06R\\xbbB\\x02\\x05\\xe1\\x87\\x92\\xc4b\\xf0\\xae\\x16\\xb6Lo|\\x01\\xcf\\xd5\\xe9\\xcd\\x89\\xba<_\\x00\\x02!\\x00\\xc5\\xd5h\\x8ay#\\xb1\\xb8\\xbeh\\xfc\\xcd\\xfe\\xf0\\xf8\\xde&\\xb0\\x91\\x83\\xf2\\xf1+\\x84\\xd5\\xf4\\xee5 s\\xcb\\xe6\\x00w\\x00)'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n UTF8\n LANG en-US*\n EPRT\n EPSV\n MDTM\n SSCN\n TVFS\n MFMT\n SIZE\n PROT\n CCC\n PBSZ\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n211 End", "asn": "AS131921", "isp": "DIX Co.", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5"], "domains": ["ptrcloud.net"], "ip_str": "153.122.97.144", "os": null, "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "538e52d4-7d06-429c-8331-87ad701a1b40", "module": "ftp", "options": {}}}, {"hash": 643784115, "ip": 1425902051, "org": "Mc-link SpA", "isp": "Mc-link SpA", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:57:33 GMT\r\nContent-Type: text/html\r\nContent-Length: 746\r\nLast-Modified: Sun, 02 Sep 2018 03:00:17 GMT\r\nConnection: keep-alive\r\nETag: \"5b8b5241-2ea\"\r\nExpires: Tue, 23 Jul 2019 20:57:33 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 0\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS5396", "port": 5001, "ssl": {"dhparams": {"prime": "aa034317a4a8a13b07629253adfd8f8fe72a92c6f0bcac8096d9dda76cd4670d258c8d49fa74e7d3ffeb0306aac0efd4c9b941703bcd1747cd4fc4b2e5382c1f44e9924c9d4c357f203c61e97a069cbaa7f29cb810787de5597e29da518d12e0ef271d33357cc313d1d24dbe4b506dc3e62bcd82dddc166c461b681dc1cca097ede599a610725c87b0551e882ea5e333b9e5f91055812a889b9015c9ddf681ce71bf7b8aad027d5c408da48b1cd891c01a1d26cbb1aa15760fc6b6136198874a046ae56bc20d21d42b6eb55eb8024fd9ec726d74d936cf7fe6d691fbae8eb8d99c711d24945fc27a8a879649a8d7c713496ffeb437e861846faa58d53c96218f", "public_key": "59f726a644e2a58e0bf63387d217c6e9c334546e8d52ba824733e22f9406558663cb48cba8789ce477db18fb0cdac53403177ea770bbd481956809e79bac0104740b2ca0da6d8293b25f5b69a68990f2b23aa29d8695f1e1c772bbed6549f494bb727a15255e83cd2b8b037e6c5873fd49bd742f0ea6419ca12b5c6364f84cd85abee97ac8568c943a1555e7a59a64abdd247aca0b54747f5b7ad76760786e4e09d87fcc02f6827dd745bdfaf06941d3b143e4008bcc921b20b6c6e418e82b0df47e57ee57eefa119f500a0c318de2500c551d63f2307adddeef038c1f18f51a7ea7e149402a866b8f201209fcc5523f735d45ca038db0f7b849cac1468326ba", "bits": 2048, "generator": "942797860dedc4d7d0495fb7919f29a3e76a2f20f301ce96cfabece80ac354c568ebd720fb9e530c0d232b90f10e659f0fcdba4f8b051ffcabcef7904fbd4516bc31fde7966795e34a525c1aa8f15a64a876fd317e5ade5237d58baf692bfd357ea93878c3eee0df150368ece8a61f3bffc8fe3edd116813f9e10515523a91556047d652cb0e27286b364701f1fc7ef4d8d15b1cd87a565af20315132f827fb99eb017b30aa2824528c2ef8e243978fbb52ab9f48542cdb7af635c81b72d0953b382a1f693d2673106d0cb9db3516653deb9d9f3aefd837161f02c167d91e5fd58d5b688b9998024feda46c7ebaf5f88722e8cb167b5b098e4bb7ef4bceb70f7"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190714044511Z", "expires": "20191012044511Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14R;\\x8e\\x9c\\xd4w\\x18SK\\tk\\x04\\xc1\\xdc\\xdd+\\xf2\\xc7\\xdb,", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x0f\\x82\\rgeosrl.3cx.it", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf1\\x00\\xef\\x00u\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01k\\xef\\x03{\\x99\\x00\\x00\\x04\\x03\\x00F0D\\x02 :\\xe0\\xdcl\\\\\\x12\\x8c\\x82\\x15\\xfa\\xcd}bq\\xfec\\x9b/\\xd8\"-b\\x11+.i5q>\\xa7\\xe1\\x03\\x02 #0X\\x03+iI\\xc6\\x88\\x15\\x01D\\xe0Z \\x1a\\xacu\\xb4L\\x0eY2\\xb8a\\xf1U@\\x9b\\xab)\\x99\\x00v\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01k\\xef\\x03{\\x8b\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xd7\\xbd\\xae\\x07P3\\x01\\xd8\\xd2\\x0c\\x85\\xd3\\xdbx\\xb6\\xde/`a\\xbb[$j3\\xc0c\\xabz\\xb5@\\x18\\xe7\\x02 \\x14\\xbe\\x9da\\x83k\\xb5\\xba\\x12\\xfc\\xbeA\\x8c\\xbe&\\x8c\\x05\\xdaq\\xb7x?\\xc2)\\xb2,l3>\\x83\\x89\\x14", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "1a3cd9f426fa1471091b9c0cae7f1989b1a55b6a6e752f57bac4169e195d4b40", "sha1": "f637fa872a13a49ab8b66728eb5492d703faf1fe"}, "serial": 275516092728623514028220720110220625155358, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "geosrl.3cx.it"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFUTCCBDmgAwIBAgISAymrRVCNuxRnHzsTt0o47ZUeMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MTQwNDQ1MTFaFw0x\nOTEwMTIwNDQ1MTFaMBgxFjAUBgNVBAMTDWdlb3NybC4zY3guaXQwggEiMA0GCSqG\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBCb+FmSFV63KXD+1zvRT+4nRT7SqbP4kH\nof9GozmVJn9gTDJX5sxQzaxGommj6GciynV79RRmMpH9CLo1XOPGIx5AuEXoJjqr\n0RPoWkwgQKTk8ODd7HfcIHcEsfGv3Po/2jU/pPlkG4DBPnocxx51bIuazQ4n+V9f\n8EWwE5Fp85THPK9RzNJ3Fs0jhq7JIo5A597bfeFQWA9+G9dmXy7Y/VIA1qPVRjUk\nZjKHY5YWV8zCh4s2sHiMtf73EsU4WPTWeNTWejDB82DXV6f3p3InvMWBoQvZEozu\nGADwx734oAqz2K0VAMg0xBz9BBqcOxDJxkYUVo5qCDB9S7Y5uwytAgMBAAGjggJh\nMIICXTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF\nBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFI7jpzUdxhTSwlrBMHc3Svyx9ss\nMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw\nYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y\nZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y\nZy8wGAYDVR0RBBEwD4INZ2Vvc3JsLjNjeC5pdDBMBgNVHSAERTBDMAgGBmeBDAEC\nATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNl\nbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AOJpS64m6OlACeiG\nG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABa+8De5kAAAQDAEYwRAIgOuDcbFwSjIIV\n+s19YnH+Y5sv2CItYhErLmk1cT6n4QMCICMwWAMraUnGiBUBROBaIBqsdbRMDlky\nuGHxVUCbqymZAHYAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWmOLHHaFRL2I0AAAFr\n7wN7iwAABAMARzBFAiEA172uB1AzAdjSDIXT23i23i9gYbtbJGozwGOrerVAGOcC\nIBS+nWGDa7W6Evy+QYy+JowF2nG3eD/CKbIsbDM+g4kUMA0GCSqGSIb3DQEBCwUA\nA4IBAQCVfWdwrM1fiE+NtcpTkWMP+CIDDg0eAFRNwO4UtK4WS87XTduQJHJmRo8J\nMHKKLGylExsmJALm1ANiJdQUR1I8EvNb2rddTl8LzFRYjCGD1zJ9FfI5yfRo7BTf\nx7DU9VE188HDdJJPPeh5/p5yi/HAtzwuZM0X834tbXIH3zNNgteA8oHNUpZPm+nY\nwKFBmhJhl5iKPUnbaEJiLDJOaw4z8zMzetr5h/nL5CbTosmXAV2JTyttbqYYy+nA\nWSBM9mA4Y2/PIMVoP1KczM9jWCnNne/cJ9QNsy3c13IRx29PrmYOCTxIfxxFRvxJ\nILV/XST+duG6l0E1npJ9/79LA4Ft\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["http/1.1"]}, "hostnames": ["net84-253-137-227.mclink.it"], "location": {"city": "Rome", "region_code": "07", "area_code": null, "longitude": 12.483300000000014, "country_code3": "ITA", "latitude": 41.900000000000006, "postal_code": "00132", "dma_code": null, "country_code": "IT", "country_name": "Italy"}, "timestamp": "2019-07-23T20:54:48.360880", "domains": ["mclink.it"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://84.253.137.227:5001/favicon.ico"}, "host": "84.253.137.227", "html": "\n\n\n \n 3CX Phone System Management Console\n \n \n \n \n\n\n
\n
\n\n\n", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1680756703}, "os": null, "_shodan": {"crawler": "0636e1e6dd371760aeaf808ed839236e73a9e74d", "ptr": true, "id": "431bb84a-dce5-4732-b116-eeeeb220839c", "module": "https-simple-new", "options": {}}, "ip_str": "84.253.137.227"}, {"hash": 745164885, "ip": 860617348, "org": "OVH SAS", "isp": "OVH SAS", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:54:53 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 28 Mar 2019 08:23:00 GMT\r\nConnection: keep-alive\r\nETag: \"5c9c8464-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:54:53 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS16276", "port": 5001, "ssl": {"dhparams": {"prime": "92eb4de2d523ea73b0c0ea3ee38b1aff99e5a26bb4972c12b17f999d35a122ff4a08a4645574d2c7c700c89df1abfe2102ddbb474f43588276a910066ee86311d38c4f2053f86dac37ffbb76c6101883405481b09c50228848df9bd62ed5870b0fcb438df87cb7a5ad5cafbcb431605ca84dc8d844e9c4bd0c0106f3cfb76464a91412235d38312bc8c89573e6b89137b90f5b47b17045e704e64e6878700b32fbabd88120b7e4b1a49f29bca8c80da4f03d55c48d958a1c79f5bbc464804849e2990abd0cf0c95b76dbe01e20a495404e2e30e5263b1f9de042a496487086ae3ad5f06cfd2e8587e45774299e96ac8a6ed8a66fbcaa1b971fbb9e8a3bea9afb", "public_key": "70d789cb98868649f62b4380fd84bf039d1e49cb3731661b441e6e54115ed3103c8d3ff0c16ee990524566c68357109b4a4aa0329f0e7979ba8706b32ec98cc4054f714cdec316c317bc3975c3d6d9050f408a779d8c064ce2cf71a8d50da3ca570ed82de51825661f7fd427185cf1f53eff2940794e8ba0e60b72cda9a6563b7e20204c6db5f5f7c1ff3cd25c760aed479812b09ace4d648e4f1d406cec5d237830d723d2e84339fbadd21bbaa9d1bdd9b1dc6936b61931511a616a3941344fc41e992e9af0416a44667843844c355d62d3484549ae156a0bb6e121426c9d860b6ca26a84d977c47a79ae34cb0d40b7000655ac9ea201a27fdfa893328cb647", "bits": 2048, "generator": "10039103a6f58f34b19db87945291eb7c542e9a04db6368b1590ed9cb5bcc7822046f1a6124c62a74ea1b350a74993d5906978d964ba33f88163629875a5c03ceca077299d0961eddfc9531ad6928c25209c472e2fe38327ab53e74aecfbe57e7c13989c563ed9920d35c11be5b617f20444e8f17bf90d988c9da16733ed83878140f0c8eb629cbc3721fb5e002a2c587e99e5bd8a5c420b3758118943009e5672477e6bfcd4cb104f1ffa9eafd503aa91359371d7ce9df59ab023f3926196cc80d4d71b396917778d52d0eedfb347a3a0debc85c5c68fb72df107d0fd19779dd304a94095c06619efe3cc8945855db98e883c569db4059bf022a6333277ac89"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190710232210Z", "expires": "20191008232210Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\x1d\\x05B\\xac\\xf3\\xa0wM\\xaeh\\xfbw\\xd2\\xcd\\xcdO\\x06\\t,N", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x0f\\x82\\rnovait.3cx.fr", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf1\\x00\\xef\\x00w\\x00oSv\\xac1\\xf01\\x19\\xd8\\x99\\x00\\xa4Q\\x15\\xffw\\x15\\x1c\\x11\\xd9\\x02\\xc1\\x00)\\x06\\x8d\\xb2\\x08\\x9a7\\xd9\\x13\\x00\\x00\\x01k\\xdeh\\xb0\\x16\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\xb9h\\x16\\xe4\\x9c\\x9c\\x17\\xc5o\\xf9&\\x0cu\\r\\xe3I@&5\\xaa\\xc4\\xfb\\xa2d\\xa76\\xeb\\xb6\\xbe\\x14A4\\x02!\\x00\\xb3;\\xa1\\xb0{b\\t\\xb4\\xc3\\x99\\x1b\\xfbp&k\")o\\xb1\\x87\\xab\\x94\\x16\\x1by\\xe7\\x93\\x02a\\xb2\\xf1&\\x00t\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01k\\xdeh\\xb0\\xaf\\x00\\x00\\x04\\x03\\x00E0C\\x02 R\\x91\\xd2\\x1c\\xd3\\\\\\xe7z\\xa6l\\xe0V[\\x1a\\x8bwKL\\xbe\\x99\\x00a\\x94m\\xb3\\xa1b\\xb96\\xcf\\xe3\\x91\\x02\\x1fkx\\\\0\\xd3!P\\x0f\\x18\\xb4k}\\xc3\\xbb\\x02\\xc3\\x06\\t`\"3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": -157832278}, "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "7ee3404e-0abd-4175-9b94-307f0e6d7978", "module": "https-simple-new", "options": {}}, "ip_str": "51.75.250.132"}, {"ftp": {"features": {"LANG": {"parameters": ["en-GB.UTF-8"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.groupname", "UNIX.mode", "UNIX.owner", "UNIX.ownername"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "HOST": {"parameters": []}, "CLNT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": -1806531448}, "hash": 1271588425, "tags": ["starttls"], "ip": 3108375520, "isp": "Sandyx Systems Limited", "transport": "tcp", "data": "220 ProFTPD Server (ProFTPD) [185.70.11.224]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n STOR STOU APPE REST ABOR USER PASS ACCT* \n REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n AUTH TLS\n CCC\n CLNT\n EPRT\n EPSV\n HOST\n LANG en-GB.UTF-8*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;\n PBSZ\n PROT\n REST STREAM\n SIZE\n SSCN\n TVFS\n UTF8\n211 End", "_shodan": {"crawler": "70752434fdf0dcec35df6ae02b9703eaae035f7d", "ptr": true, "id": "47817438-0517-4de4-a02b-1dcd34da6610", "module": "ftp", "options": {}}, "port": 21, "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190710071423Z", "expires": "20191008071423Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\xb7\\x8a\\xbe\\x92L\\xb7\\xbf\\xd5\\xf8\\xaf\\x9bt\\xedn\\xdd\\x96oC\\xbaP", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0&\\x82\\x0flexiconnect.net\\x82\\x13www.lexiconnect.net", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf3\\x00\\xf1\\x00v\\x00)'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n STOR STOU APPE REST ABOR USER PASS ACCT* \n REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n AUTH TLS\n CCC\n EPRT\n EPSV\n HOST\n LANG en-US*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n PBSZ\n PROT\n REST STREAM\n SIZE\n SSCN\n TVFS\n UTF8\n211 End", "asn": "AS20857", "isp": "Transip B.V.", "cpe": ["cpe:/a:proftpd:proftpd:1.3.6rc2"], "domains": ["transip.net"], "ip_str": "149.210.143.49", "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "5ac5d782-1a41-484f-9540-99e392227a86", "module": "ftp", "options": {}}}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.groupname", "UNIX.mode", "UNIX.owner", "UNIX.ownername"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "HOST": {"parameters": []}, "CLNT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": -1760067815}, "hash": -1732553355, "tags": ["starttls", "self-signed"], "ip": 1208627816, "isp": "Media Temple", "transport": "tcp", "data": "220 ProFTPD Server (ProFTPD) [72.10.50.104]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n STOR STOU APPE REST ABOR USER PASS ACCT* \n REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n AUTH TLS\n CCC\n CLNT\n EPRT\n EPSV\n HOST\n LANG en-US*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;\n PBSZ\n PROT\n REST STREAM\n SIZE\n SSCN\n TVFS\n UTF8\n211 End", "_shodan": {"crawler": "c4f6dbc45caa04f64112a93cf20c797b31978655", "ptr": true, "id": "feb2a1fa-311c-4100-8dcb-a6598e22e1a7", "module": "ftp", "options": {}}, "port": 21, "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20151214070256Z", "expires": "20161213070256Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 0, "extensions": [], "fingerprint": {"sha256": "052fe610180648156f4dbe2d36874435792e39a19a106684b4aeb5169d8637b1", "sha1": "5d0ce69be044948e70564360cb35f2fff1965781"}, "serial": 1450076576, "issuer": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}, "expired": true, "subject": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIDfTCCAmUCBFZuaaAwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw\nEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP\nZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B\nCQEWDmluZm9AcGxlc2suY29tMB4XDTE1MTIxNDA3MDI1NloXDTE2MTIxMzA3MDI1\nNlowgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH\nEwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE\nAxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PZYvg+FyIQwzAHfyhxEIeFFsHf4gOv8\nJ4KU2foVAQtrHso9jUdrt8+XENUZZSF+ZcwfcpH37Umf/tlTVDyVOun811ctinKW\nZPwvL0a2Izyk7DVL/idk99/tbSlUWv41kA1BGIuZjHBCFf1G6Bwedb6A79wtqa6L\nyG+VYD1c1NmU4iChVMN0185o3gNE0qnpGhk9i/wEJp0uiCdoaMH2NNUgjdWW2281\nnRmea2GDJZU6yiiihXqPryhAE/04YzVZTvI6gLjQysVcAIYpGQVTdUtqTCnNJFoh\nAHS3+OT6PUK4M8aOZFJFEfOj/JP/DiXgTo9FI3KUhACIF972VleQrQIDAQABMA0G\nCSqGSIb3DQEBCwUAA4IBAQANzfpwy7G1T9ZIBOxQ4NYdSU5fhzuNczR+3SUjd2nA\nCo0RGVDPeRKuBSmAj0W/8iLHL91ZXvs9H06Yr76ezH0bv3rfNOl0Up5xeVnCENMn\nHRSQpeu8QL5gkCHeM/CyEP05+bvI7VYvkoNbF1hDh4PkuWJ3GSCxbEiz13uc3wPu\nJoSbWJWLMQiPLucew/o785UFQfWZH68luFyC+XBNjv/OhlA7ED19z6pJtqYw3aJf\n+q77vPW3YVsfp6/7I+xEuj7t8ZT4bf7QrDsXydSZy8k6G82sLyx6N6o6sqENrqYw\nKrrxuZ/MSn+cGziu905vX4Qtkf/PgJdZ0kcAIPU1TgIq\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["zekloud.com"], "location": {"city": "Culver City", "region_code": "CA", "area_code": 310, "longitude": -118.3928, "country_code3": "USA", "latitude": 34.02019999999999, "postal_code": "90232", "dma_code": 803, "country_code": "US", "country_name": "United States"}, "timestamp": "2019-07-23T20:56:59.534335", "domains": ["zekloud.com"], "org": "Media Temple", "os": null, "asn": "AS31815", "ip_str": "72.10.50.104"}, {"ip": 3106752679, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["es-ES"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": 37615389}, "version": "1.3.5b", "location": {"city": null, "region_code": null, "area_code": null, "longitude": -3.6839999999999975, "country_code3": "ESP", "latitude": 40.41720000000001, "postal_code": null, "dma_code": null, "country_code": "ES", "country_name": "Spain"}, "vulns": {"CVE-2019-12815": {"verified": false, "references": ["http://bugs.proftpd.org/show_bug.cgi?id=4372", "https://github.com/proftpd/proftpd/pull/816", "https://tbspace.de/cve201912815proftpd.html"], "cvss": 7.5, "summary": "An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306."}}, "product": "ProFTPD", "hash": -1267918755, "tags": ["starttls"], "timestamp": "2019-07-23T20:54:26.562673", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190712102208Z", "expires": "20191010102208Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\xffj\\xde\\xff0\\xa2C\\xffl\\xa1\\xec7\\x9ff\\xd1\\xa1X\\x92\\xb2\\xbe", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x15\\x82\\x13dns72167.phdns12.es", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00u\\x00t~\\xda\\x831\\xad3\\x10\\x91!\\x9c\\xce%OBp\\xc2\\xbf\\xfd^B \\x08\\xc675y\\xe6\\x10{\\xccV\\x00\\x00\\x01k\\xe5\\xebBG\\x00\\x00\\x04\\x03\\x00F0D\\x02 \\x16\\xc5\\xff\\xa3\\xbd\\xad\\xfc\\x9fI\\xabJ,\\xf0\\x0e\\n\\x08\\x8a\\xc0\\x99\\x83\\xff\\xf9ZPn\\xb4\\xa0\\xaeL\\xcch\\xf1\\x02 \\x01\\x7f\\x9a\\xb2*7\\xa0\\xdc3\\xa9\\xf6m\\xbb\\xad\\xd2\\x12Q\\xa6\\xb2\\xec\\x94\\x1dx\\x05\\x19\\xb8\\x0c\\x86a_\\\\U\\x00w\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01k\\xe5\\xebB:\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\xb25\\xe0\\xf7)\\r\\x90I\\x94\\x9c\\tl\\x92~^`\\x04C\\x87o\\x8f{\\xd3u\\xb1l\\xfe\\x0b>\\xf1\\xb4l\\x02!\\x00\\xb8\\xbaY\\xddP\\xee\\x9f*\\xf8\\xa6\\xe3?\\xa4\\xbf\\xado\\xb6\\x07Ey$`\\x0c\\xe4\\xfba\\xce\\xdb\\xacY\\xbe7", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "442097b388c5a0cce3ba97bb802804ed5030ac57cfd5c1a8aba621b204608869", "sha1": "9e5e7e37a66a991e23ae2dd0d6adf1a987c2936e"}, "serial": 269272921441020547858515863323131708285546, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "dns72167.phdns12.es"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFXjCCBEagAwIBAgISAxdSbkL3hJRVIXEIQem1RaJqMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MTIxMDIyMDhaFw0x\nOTEwMTAxMDIyMDhaMB4xHDAaBgNVBAMTE2RuczcyMTY3LnBoZG5zMTIuZXMwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnKfnwzcfRh1M2XvxYWuW592ac\npBKExBgersVxDhqeut7ujsWxUSegE01+WrF513ZvEIz60sq/4IlUaKCqrDSFDiE9\n94bS+5rFTW0A5BUs0/UsnVipiAOjLQBRyuydEzFR1gchIdG1190cLthCRCTiTC6h\nHh4b+hPXb5RvpvGX2VAWYKT1WxJWndal0Hp/ohjcEw36CtowwZf2W719DGsgVUoj\npQNxcLnCfmCksATlz1Q0+m2VFAlUIZygeb1p03TAbeOa1WlPzf7Y+XbuwSzvgLMM\njB93XOWqG6yMv/+vJ2XfriPZ+YnpIuMEqs0p95RnpcnxWErIDmnlvcPvc/sPAgMB\nAAGjggJoMIICZDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFP9q3v8wokP/bKHsN59m\n0aFYkrK+MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUF\nBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNy\neXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNy\neXB0Lm9yZy8wHgYDVR0RBBcwFYITZG5zNzIxNjcucGhkbnMxMi5lczBMBgNVHSAE\nRTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw\nOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1\nAHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABa+XrQkcAAAQDAEYw\nRAIgFsX/o72t/J9Jq0os8A4KCIrAmYP/+VpQbrSgrkzMaPECIAF/mrIqN6DcM6n2\nbbut0hJRprLslB14BRm4DIZhX1xVAHcAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWm\nOLHHaFRL2I0AAAFr5etCOgAABAMASDBGAiEAsjXg9ykNkEmUnAlskn5eYARDh2+P\ne9N1sWz+Cz7xtGwCIQC4ulndUO6fKvim4z+kv61vtgdFeSRgDOT7Yc7brFm+NzAN\nBgkqhkiG9w0BAQsFAAOCAQEADHKkFURvtpRxtacs8PkDnvmnWODCsWDScUxGpSpL\n2jU0I7X1DwZ5AU6LBgvvLasixYA3cAiMcdJQKhgHjOBzUNylxA+FU1jFcYUBgIJv\nxIkdERkvEcB+uizABdaPPZWE2q8TidO9Dh283L5epOtpOzKKuRiC+rfvnIqez/XB\nF4NUF5D4ZAxK6uNs9omHJH/pKMPY2QUr3ynwSIbe7HVl/c4kMLPglPHCU8/YlAP1\nwbk5mi5R7oO9igyluEh+r9Ue3zXj4rBH1wdBje4BpsGPf1EM4kNEhI19BmgR9X18\nZuHn9JzPEOAgYMTYVQtWneKVji+T1IGVFH/te2y9UJpIZA==\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["dns72167.phdns12.es"], "org": "Soluciones web on line s.l.", "data": "220 ProFTPD 1.3.5b Server (ProFTPD) [185.45.72.167]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n TVFS\n MFMT\n SIZE\n PROT\n LANG es-ES*\n CCC\n PBSZ\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n UTF8\n EPRT\n EPSV\n MDTM\n SSCN\n211 End", "asn": "AS200960", "isp": "Soluciones web on line s.l.", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5b"], "domains": ["phdns12.es"], "ip_str": "185.45.72.167", "os": null, "_shodan": {"crawler": "8cd926590a400feb4b683f8337a77287ddf3d2c7", "ptr": true, "id": "2ce11aae-41c2-48d8-8c10-35430fe0b3a9", "module": "ftp", "options": {}}}, {"ip": 3115423861, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["es-ES"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPRT": {"parameters": []}, "PBSZ": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "MDTM": {"parameters": []}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "SSCN": {"parameters": []}, "CCC": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 705085594}, "version": "1.3.5b", "location": {"city": null, "region_code": null, "area_code": null, "longitude": -3.6839999999999975, "country_code3": "ESP", "latitude": 40.41720000000001, "postal_code": null, "dma_code": null, "country_code": "ES", "country_name": "Spain"}, "vulns": {"CVE-2019-12815": {"verified": false, "references": ["http://bugs.proftpd.org/show_bug.cgi?id=4372", "https://github.com/proftpd/proftpd/pull/816", "https://tbspace.de/cve201912815proftpd.html"], "cvss": 7.5, "summary": "An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306."}}, "product": "ProFTPD", "hash": -1223069569, "tags": ["starttls"], "timestamp": "2019-07-23T20:56:16.852649", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190621195011Z", "expires": "20190919195011Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\x83F+\\x87\\xd7\\x7f\\xff\\x13)a%\\xf4W\\xe6Z\\x06f\\x97\\x03\"", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x15\\x82\\x13dns15265.phdns14.es", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf1\\x00\\xef\\x00u\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01k{\\xcd\\xc3\\xf8\\x00\\x00\\x04\\x03\\x00F0D\\x02 &\\xe2\\x925\\x82\\x18\\xcc\\x90V\\xd4\\xf2y\\xc8o\\xb8\\x92\\x83\\x11\\xa6\\xb8s\\xfd\\x815|[\\xa4T^\\xbd\\xe5+\\x02 \\x03d\\x0e\\x13e\\xa8\\x1bL\\x89\\xaa`\\x91\\xfdC\\xc1{\\xed\\xa7\\x161\\\\\\xf1\\xcfM:\\xb4]L |\\\\\\x9d\\x00v\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01k{\\xcd\\xc5\\xef\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\x8c\\xdc\\xb9\\xe2\\xb0\\xb1S\\xd7\\xaf\\ro&\\xed{L0c\\xab\\x8e\\xb4\\x19YVv\\x9cx_\\x156B3\\xaa\\x02 3\\x1bu\\xe7T^\\xe6(h\\xcea\\xf7\\x1d\\x17@ $\\x80\\xb9\\x02\\xb1\\xbb]p?3\"\\x81\\xb7J\\x18\\xba", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "937d48620f3879618399ba804c0ba19b6a56b6c634112ea350ce564a539b61c8", "sha1": "5688cc0102a133924bbe1c2cb7308402b904e481"}, "serial": 359438810978929431054755878827294744860468, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "dns15265.phdns14.es"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFXTCCBEWgAwIBAgISBCBLtOyGcFfHZmBBftzK21c0MA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MjExOTUwMTFaFw0x\nOTA5MTkxOTUwMTFaMB4xHDAaBgNVBAMTE2RuczE1MjY1LnBoZG5zMTQuZXMwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ehBcXnhbzmXL+wm/rRkLA1rw\nALuXqVcs3ATt+HMS2orKQJjKR6VVTjZBFIKP6/cb6NEJQl7EeRFbkwoXliXl40MG\nw5yYAQPQdJq6e9IysLs6MyFnRzQNYKlX9PpoBaqbWl8aTq5oIIeaHckxJKlB/ysw\nusLM0M7jyZbbPY9QGn0urNQWKWKfsRoiuqYHynrzrqfh8tWmQJCo1aXWIk+MYm2z\nV7eUv5ipCj86uaNNL+58vwDGSiXd0UOlWpBypfdJiFL84cWx4klXTp5xC5TPBaqo\nJ/SNvoGpITd/1ZgcEng73KKJVZfweMnqoXt8NeopJxYlPzUuzJ2yvphaDYkrAgMB\nAAGjggJnMIICYzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG\nCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFINGK4fXf/8TKWEl9Ffm\nWgZmlwMiMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUF\nBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNy\neXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNy\neXB0Lm9yZy8wHgYDVR0RBBcwFYITZG5zMTUyNjUucGhkbnMxNC5lczBMBgNVHSAE\nRTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw\nOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1\nAOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABa3vNw/gAAAQDAEYw\nRAIgJuKSNYIYzJBW1PJ5yG+4koMRprhz/YE1fFukVF695SsCIANkDhNlqBtMiapg\nkf1DwXvtpxYxXPHPTTq0XUwgfFydAHYAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWm\nOLHHaFRL2I0AAAFre83F7wAABAMARzBFAiEAjNy54rCxU9evDW8m7XtMMGOrjrQZ\nWVZ2nHhfFTZCM6oCIDMbdedUXuYoaM5h9x0XQCAkgLkCsbtdcD8zIoG3Shi6MA0G\nCSqGSIb3DQEBCwUAA4IBAQA4J2Cm+8bOifEa3UhLxFIpp5s4ipg7zQljKkS6G0W1\n7fGju7QwYRd6XAG+jfSg0Psrtfb6PAPaBD423gBvnzK8z45WqNH0TrumEOpC2pgY\njuvcubLuHCEauKE3z4QniNQAUPyxXF8JU5cMN6BfFTUMzSZ254hlIAygdCyZguJw\ns8WJQVSRLKcDdtYGAKpPZHAXcuXEWyHQFwzaFmVoAO2CihK0o5MXfp9AwMczMvaP\npph0ckPRF5o7uf4Lq5jIkOlVLAtnU6gjjUnd2/4EU67WcR7HrhX/6c6SSEjhEjya\nCkXV11ty8G0J1T3AUZil0J59S0UsrWWTtwr1VQuL496P\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["dns152117.phdns14.es"], "org": "Ecommerce Profesionalhosting S.l.", "data": "220 ProFTPD 1.3.5b Server (ProFTPD) [185.177.152.117]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n UTF8\n EPRT\n EPSV\n MDTM\n SSCN\n TVFS\n MFMT\n SIZE\n PROT\n LANG es-ES*\n CCC\n PBSZ\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n211 End", "asn": "AS201446", "isp": "Ecommerce Profesionalhosting S.l.", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5b"], "domains": ["phdns14.es"], "ip_str": "185.177.152.117", "os": null, "_shodan": {"crawler": "b0f0de701beef55d9f52a22b2c071d0ea384bc26", "ptr": true, "id": "7db84365-8a0d-4163-b320-fbda3975d2ec", "module": "ftp", "options": {}}}, {"hash": -577124197, "ip": 1299705818, "org": "Hutchison Drei Austria GmbH", "isp": "Hutchison Drei Austria GmbH", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:55:53 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 27 Jun 2019 07:24:42 GMT\r\nConnection: keep-alive\r\nETag: \"5d146f3a-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:55:53 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS25255", "port": 5001, "ssl": {"dhparams": {"prime": "ba79c0cc4e9bde4a11e5907c7b0f4242047c3d51ca98dddf4c13023747eb96bc700a1c1036a2e2f7294c43301bfd9175d04c0c4d7c14c15c2778bb850f50a593ca47d594e628576d960193919f29d1c7c07db03880198c286a0383a3d02cdc94f858f86979dc78b1125acff059380266042fa8d02588ebfd744755dcced0433bc88c1d2d8e6ae2406ac9c67a06d12b940b00d04da7fcccc63685a3fc9749b7e3c361d22b1beca7c9e332cdb4d6c9f51df578afceacbbf06a58b2194ac97417f538b8eb2b65565940c5ba4c80942257603eccabe22b084c822c2e34b9ae26849c55793b1c7db322dabca171a5e764aceb9543666607931feaa8d6e4e5ac43c987", "public_key": "8ea62d2ab2361c86f41e882e66b58d8c0dc6391e9729b9fb89b22e997263651f12220adaf2e27f2d278a200109d3d96428ebb451610bd4b687f42ce1d360583a51ac7a4a21ea450a031114e8085a0fae86f9cecd158731c46e631628817cb0b62fb8cdccbe7c07fc6bb04ba055ae266b99048edadd67afec8edba4433da66980ba2925bba22efdf159047fc737892a39139db19661bfcde91c206450a37dc73059c9af9bf89a0614466f236b08057a38c6440be99a8a346dfd6f7e9012ebbc1d46c032a7281fd1ff38ee5d69c6a30571806b3d4be5ad12f490e4ce95630b6894882059b49f2d514e202b047be64a06a212e0152d3e94dc891b5a5fe70e3a9899", "bits": 2048, "generator": "983259a82f399e8762971829bd36a0d2d8c05ebeca66e78730ef7805374d16080db8082a362d6bc8014e9782c4216bb47dd7e835f88b1a1180c59f322330730aa541ef01dcf05feafbd0d167ebc0ecd3bcebbda8921528a5e23533167c63de147ef4224a0705c9f90cb546cc3a58b7993f77b94c404526377e4f38a592dcb32d40dc90a6318804f27271cc56c51d588b62b42b4b2837fe7d748e800c9e8dd95580b25224bb7656f802bedde5cdc91a36c7e546ba371efe231c209fb4f1c8f322ddf0a722462144a0151d3aaa3e4132a1a13de1ad32c05860534e4ed23eb7cdf3050facd7bd639610997959426102f6ff616b32fedc013ca981c20dccd360adf2"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190608013210Z", "expires": "20190906013210Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\xffij\\xb5Y2d\\x1aJkE\\x182\\xd8?/1\\x92\\xc3v", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x16\\x82\\x14fuchsberger.my3cx.at", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00v\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01k4\\xed\\xd4l\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xcd\\xad~\\xc2\\xdd!\\xd4*\\xc3\\xc9\\xf0\\xd8[K\\x1dq\\x12~\\xd3d\\xd5=F\\xde3\\xf1Y\\x07\\x06J\\x8cP\\x02 \\x04J\\xb6i\\xf6\\x84_$>&\\x06\\xae\\xde\\xe3\\xd8\\x13\\r\\xbbe>\\x8c\\xf3`a\\x80\\xf3\\xb7E\\x8f!T\\x8b\\x00v\\x00)3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1026100908}, "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "22ed5492-390c-412f-8ce8-2181ee85c5fd", "module": "https-simple-new", "options": {}}, "ip_str": "77.119.239.218"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "UTF8": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 854928527}, "hash": 639327604, "ip": 2039384784, "isp": "Korea Telecom", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (ipTIME A6004NS-M-C1F775) [192.168.0.1] UTF-8\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n UTF8\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "53f090c1-7406-4c6d-bd76-dbe940283fa9", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Incheon", "region_code": "12", "area_code": null, "longitude": 126.73169999999999, "country_code3": "KOR", "latitude": 37.453599999999994, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:56:55.348034", "domains": [], "org": "Korea Telecom", "os": null, "asn": "AS4766", "ip_str": "121.142.138.208"}, {"product": "ntpd", "hash": -363516978, "timestamp": "2019-07-23T20:57:24.297085", "ntp": {"root_delay": 0.0, "clock_offset": -505.8433027267456, "frequency": 0.0, "rootdisp": 0.0, "sys_jitter": 0.0, "poll": 3, "clk_wander": 0.0, "clock": "0xe0e1f13a.4305419f", "system": "FreeBSD/11.2-RELEASE-p3", "mintc": 3, "delay": 0.36274242401123047, "leap": 0, "version": "ntpd 4.2.8p12@1.3728-o Wed Sep 5 00:14:54 UTC 2018 (1)", "rootdelay": 0.0, "stratum": 12, "tc": 3, "precision": -21, "reftime": "0x00000000.00000000", "offset": 0.0, "peer": 0, "refid": "127.0.0.1", "monlist": null, "root_dispersion": 0.0, "processor": "amd64", "clk_jitter": 0.0}, "isp": "Algar Telecom S/a", "transport": "udp", "hostnames": ["187-032-197-090.static.ctbctelecom.com.br"], "data": "NTP\nversion: ntpd 4.2.8p12@1.3728-o Wed Sep 5 00:14:54 UTC 2018 (1)\nprocessor: amd64\nsystem: FreeBSD/11.2-RELEASE-p3\nleap: 0\nstratum: 12\nprecision: -21\nrootdelay: 0.000\nrootdisp: 0.000\nrefid: 127.0.0.1\nreftime: 0x00000000.00000000\nclock: 0xe0e1f13a.4305419f\npeer: 0\ntc: 3\nmintc: 3\noffset: 0.000000\nfrequency: 0.000\nsys_jitter: 0.000000\nclk_jitter: 0.000\nclk_wander: 0.000\n\n", "asn": "AS16735", "port": 123, "version": "ntpd 4.2.8p12@1.3728-o Wed Sep 5 00:14:54 UTC 2018 (1)", "location": {"city": "Campo Limpo Paulista", "region_code": "27", "area_code": null, "longitude": -46.758399999999995, "country_code3": "BRA", "latitude": -23.216000000000008, "postal_code": "13230", "dma_code": null, "country_code": "BR", "country_name": "Brazil"}, "ip": 3139487066, "domains": ["ctbctelecom.com.br"], "org": "Algar Telecom S/a", "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "e7d216a9-4f66-45df-90a4-771061412acd", "module": "ntp", "options": {}}, "ip_str": "187.32.197.90"}, {"hash": -1081912836, "ip": 2752467504, "isp": "Universite Libre de Bruxelles", "transport": "tcp", "data": "Zookeeper version: 3.4.13-2d71af4dbe22557fda74f9a9b4309b15a7487f03, built on 06/29/2018 00:39 GMT\nClients:\n /73.151.110.66:52074[0](queued=0,recved=1,sent=0)\n /127.0.0.1:39770[1](queued=0,recved=315533,sent=315534)\n\nLatency min/avg/max: 0/0/13\nReceived: 315541\nSent: 315541\nConnections: 2\nOutstanding: 0\nZxid: 0x1f\nMode: standalone\nNode count: 25\n", "asn": "AS2611", "port": 2181, "hostnames": ["gc-pc27.ulb.ac.be"], "location": {"city": "Brussels", "region_code": "11", "area_code": null, "longitude": 4.333300000000008, "country_code3": "BEL", "latitude": 50.83330000000001, "postal_code": "1012", "dma_code": null, "country_code": "BE", "country_name": "Belgium"}, "timestamp": "2019-07-23T20:55:46.887374", "domains": ["ulb.ac.be"], "org": "Universite Libre de Bruxelles", "os": null, "_shodan": {"crawler": "b62ffd314c544b826a5d3925d78a3d686e1b0ea3", "ptr": true, "id": null, "module": "zookeeper", "options": {"scan": "npJehTVfsIw5Iwav"}}, "ip_str": "164.15.82.48"}, {"info": "SIP end point; Status: 200 OK", "hash": -874669645, "ip": 1881447117, "isp": "China Mobile Shandong", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=35e9b8-0-13c4-30b1-239f8485-30b1\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=2.50.45.116;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer,path\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS24444", "port": 5060, "hostnames": [], "location": {"city": "Jinan", "region_code": "25", "area_code": null, "longitude": 116.99720000000002, "country_code3": "CHN", "latitude": 36.66829999999999, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:54:23.089420", "domains": [], "org": "China Mobile Shandong", "os": null, "_shodan": {"crawler": "339d3eded941e01ca426596e93f3fdf4c9346ccd", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "112.36.154.205"}, {"ip": 1255162167, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["en-US.UTF-8"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "SSCN": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "EPRT": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 32835763}, "version": "1.3.5b", "location": {"city": "Wayne", "region_code": "PA", "area_code": 610, "longitude": -75.4083, "country_code3": "USA", "latitude": 40.0548, "postal_code": "19087", "dma_code": 504, "country_code": "US", "country_name": "United States"}, "vulns": {"CVE-2019-12815": {"verified": false, "references": ["http://bugs.proftpd.org/show_bug.cgi?id=4372", "https://github.com/proftpd/proftpd/pull/816", "https://tbspace.de/cve201912815proftpd.html"], "cvss": 7.5, "summary": "An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306."}}, "product": "ProFTPD", "hash": 794517203, "tags": ["starttls"], "timestamp": "2019-07-23T20:56:48.010503", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190526122806Z", "expires": "20190824122806Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\xd8\\xd5\\x03\\xfa\\xdfO\\x01\\x94\\'\\xedX\\xbc\\xb8r\\x10\\xb2?\\xd4\\xa5\\xaf", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x1c\\x82\\x1amail.stocktradersdaily.com", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf1\\x00\\xef\\x00u\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01j\\xf4S\\xb1y\\x00\\x00\\x04\\x03\\x00F0D\\x02 y\\x0c|\\x9c\\xc7\\xa8\\x03\\xc1n\\xfc\\x8c\\xcf\\x06\\x80%\\xbe\\xc7\\x0b\\xc5(\\x7fG\\x10\\xc4\\xb6\\xf7t/c\\xbcB?\\x02 \\x12\\x89\\xe2\\xd7d\\x92uu\\x83\\x88\\xea}\\xd8p$\\x89Rf\"\\x94\\x0eL\\x00;\\x16N\\xc0\\xb7\\xa7\\xe8\\xbaB\\x00v\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01j\\xf4S\\xb1l\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\x9e\\xf4P\\xd0#:\\x86\\x90~PO\\xfb\\xd2\\xf1u\\xdcb_\\x18\\x08K\\xea\\x0b\\xd3m\\xc9A\\x83\\xd3M\\xcax\\x02 w\\xe6X\"\\xff\\x97P\\xbe\\xeb\\xfbs\\xe8\\xf24\\x96\\x7f\\xef\\xb0\\x7f\\x00\\x8aI\\x94_|\\r\\xa8\\xde\\xce\\x90R\\xb7", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "784311f205b779d1a0da5b135395596ce779605ffef31a2c98b1850fd3dcaa11", "sha1": "5922e56a8fc326fff2f272842226cd762422dfaa"}, "serial": 272932443430624769681957938101798331534325, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "mail.stocktradersdaily.com"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFazCCBFOgAwIBAgISAyITjI9N2BMdg8H4Yd8eKMv1MA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MjYxMjI4MDZaFw0x\nOTA4MjQxMjI4MDZaMCUxIzAhBgNVBAMTGm1haWwuc3RvY2t0cmFkZXJzZGFpbHku\nY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr3pyWmqyeYOd/u7\nDwA536dzii38viyLiFty8y+67ueP2XjvFwPxJrqN2sNcJ7XhNkBXpIavYPDhdHJA\n8rQlr91S5b5rux6spgaK4FTUZ+kFdTQU7tJ1vj9EfjDrj5Wd651AILBr/HKcahKp\nUsaDMRObpUDpc1LCAEKLuiKUddBSev33czT2c11t3oizgVrrgh7NoLwyeDdRjxO3\nq+beQ+G+sPxSG9rn0pNPWTebMN2AwfsyGTR/BdAcxmUaJqclc3m/IySe1ORQht+B\nMLAwhYOd8IvQi6mJ7qQDLHpJqm+noTYsuIL/c3REs6Z+55NcIwAVuyxeqXcfqAEe\nYCSgRQIDAQABo4ICbjCCAmowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG\nAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTY1QP6308B\nlCftWLy4chCyP9SlrzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBv\nBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5s\nZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5s\nZXRzZW5jcnlwdC5vcmcvMCUGA1UdEQQeMByCGm1haWwuc3RvY2t0cmFkZXJzZGFp\nbHkuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI\nKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHW\neQIEAgSB9ASB8QDvAHUA4mlLribo6UAJ6IYbtjuD1D7n/nSI+6SPKJMBnd3x2/4A\nAAFq9FOxeQAABAMARjBEAiB5DHycx6gDwW78jM8GgCW+xwvFKH9HEMS293QvY7xC\nPwIgEoni12SSdXWDiOp92HAkiVJmIpQOTAA7Fk7At6foukIAdgBj8tvN6DvMLM8L\ncoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWr0U7FsAAAEAwBHMEUCIQCe9FDQIzqG\nkH5QT/vS8XXcYl8YCEvqC9NtyUGD003KeAIgd+ZYIv+XUL7r+3Po8jSWf++wfwCK\nSZRffA2o3s6QUrcwDQYJKoZIhvcNAQELBQADggEBAGniD0/20wnOqaAlYga+9Emp\nVZ4femqExXEFlIbg+BDdX0VEWHmzf6TqNkZrUEGl7Hh3c9GIFZPgqeh5zf2+GTv/\nEm5thhVkl/Qx8+Unvt+CXDii6JSQznoc0oCN0lTIGFWBm4IR9EhaQ5F57ZSazlXk\nQeCrk8UhJpHYXwAnYeORWhxTKAq+kZwzS77CKZQXjws/GSp/fligxhFeWysmFcgl\nK8JsJk701JiZ98XO5AhMIOtIG0YDijeYHLewCaJIxMCxdR3b22joONNM7pLUqpum\n2DEAInNAC3uFKhIWH9H4OtV6J7l6bploBg7UWK9haOXe3iuHOeKXCcwqDOGxpLs=\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["mail.stocktradersdaily.com"], "org": "1&1 Internet AG", "data": "220 ProFTPD 1.3.5b Server (ProFTPD) [74.208.65.55]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n CCC\n PBSZ\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US.UTF-8*\n UTF8\n EPRT\n EPSV\n MDTM\n SSCN\n TVFS\n MFMT\n SIZE\n PROT\n211 End", "asn": "AS8560", "isp": "1&1 Internet AG", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5b"], "domains": ["stocktradersdaily.com"], "ip_str": "74.208.65.55", "os": null, "_shodan": {"crawler": "8b12b9d21d5e4a5a9fa0795990088dea63dff9c6", "ptr": true, "id": "8b1007e1-3081-470a-83c7-dea7bf0bc997", "module": "ftp", "options": {}}}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1618571074}, "hash": 406234637, "ip": 833360642, "isp": "Lg Powercomm", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (ipTIME A1004NS-332801) [192.168.0.1] UTF-8\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "8eeac077-a6ab-4717-9273-9d99d509121a", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Seoul", "region_code": "11", "area_code": null, "longitude": 126.97829999999999, "country_code3": "KOR", "latitude": 37.5985, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:55:28.197118", "domains": [], "org": "Lg Powercomm", "os": null, "asn": "AS17858", "ip_str": "49.172.19.2"}, {"product": "Apache httpd", "hash": 2013976097, "ip": 3736742245, "org": "China Telecom jiangsu province backbone", "isp": "China Telecom jiangsu", "transport": "tcp", "cpe": ["cpe:/a:apache:http_server"], "data": "HTTP/1.1 301 Moved Permanently\r\nServer: Apache\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Length: 0\r\nCache-control: no-store\r\nLocation: http://127.0.0.1\r\nConnection: close\r\n\r\n", "asn": "AS23650", "port": 80, "hostnames": [], "location": {"city": null, "region_code": "04", "area_code": null, "longitude": 118.77780000000001, "country_code3": "CHN", "latitude": 32.0617, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:56:49.432598", "domains": [], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": null, "sitemap_hash": null, "robots": null, "server": "Apache", "host": "222.186.41.101", "html": "", "location": "/", "securitytxt_hash": null, "sitemap": null, "html_hash": 0}, "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "20f181b3-3b2c-4a6e-a9d7-177fc23c1443", "module": "http", "options": {}}, "ip_str": "222.186.41.101"}, {"hash": -749373009, "ip": 1425266974, "org": "Voiceworks BV", "isp": "Voiceworks BV", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:55:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 27 Jun 2019 07:24:42 GMT\r\nConnection: keep-alive\r\nETag: \"5d146f3a-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:55:14 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS39647", "port": 5001, "ssl": {"dhparams": {"prime": "95ff6eb8950b72965587c45f123aa7eda6405d105615622b320c74f0f16beca99909775a61808f87ebbf984d3c6e64dd8d86c45e612e6474456775edd62f87c4ad122625ec92fd9161ad64a5a5b86c8d4c71e7dfd1578ca910cf12b86473ca36036d80cd18551908d9e9bca82ef25248851d7b26b4d08e2fb2c3dccc6ff21a371c677f0d9b5f55ac0906d036f74cdcccba01ca71414645e2fa1edc545492ddad04f49f251c7c2f56c3afeb680039947dbb5076738a975056bed36a0eb5113d0af2172d406ca7c2c1669809d3c64dcec75fc494000d42612eb7c0f17d26271c37eb6bb83ec8caef58ba087f5a8929021d34522367bbbc0319fbd379354482b7e7", "public_key": "200c56bde94ed0b60dccd6cf20478b83164988adc53dc634a518f4477b65cb1ab2587e3e911fd6139b73d9086048e45eb9300627ee942274b406d6bc169422f56ca877b724bb97bce869b3a8efc05ac23d4ae8cf9d9dbc680e40c6e7588b4cf813ebcbd4cd6a5e7131dd82167136cf19a6ecfee9cca69df081fbd10439395f2ce2c6e4778c8952e1cde64b0bac10c9f44b7248a0c5be7b7b9de384b0c025b173714047d993267becaef954024b2836c2136c812c7cf19a84e15d7f581cf57bfbd36583ea9741ed6078182c122702771149712a4f92f5fc6808d00d364dc271f52845b5d530eb686f4c7454c3e5655c15bc45f634986e5fda033df73c29fd029d", "bits": 2048, "generator": "15cfb8a0f6c6ee8aa93822c671bd29839ec72213c85ea805b40382fd78e1bc210e7127a265903c33216f3b9c2d384ba9f67e01278ce88b97c6f46fd25324b1326b2371a854f1f61f33e6df13ddaf77ce90827f28db6dcbb73a8301d0ec73c84d91e8d075c4f6714ee062be127231aa5ce1f4d67dbac3f05194c1095aa45e0d0334613c45330e9be21e95f03aaaf8d37c2cf9e99a428b4eca07c7e30a700217c07f907546fe2b7d788f89548c22beef2c2caea1870f2abe29cfdeb38c1a328ff09f9a297c8b40cbe1d913a182ed050cdd4131e733fa2317ce52ea316c165981b159ecff94f7384d83bc2ff174ece180bc00d88a506315b0829bb78e835c0dba7c"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190712152339Z", "expires": "20191010152339Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14F\\x00\\xd6\\xf4\\x16%\\x19\\xa1uh\\xbd\\xf7\\x9ee5\\x04\\xedf\\xd4\\x02", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x0c\\x82\\nvit.3cx.eu", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf0\\x00\\xee\\x00u\\x00t~\\xda\\x831\\xad3\\x10\\x91!\\x9c\\xce%OBp\\xc2\\xbf\\xfd^B \\x08\\xc675y\\xe6\\x10{\\xccV\\x00\\x00\\x01k\\xe6\\xffK\\xb7\\x00\\x00\\x04\\x03\\x00F0D\\x02 2\\x8a\\x8bT*@>\\xf6\\x1c\\xbc\\x8c\\xc7\\x87,x\\xce0\\xf8\\xa2\\xe4\\x8dR\\x18\\x10{\\xc5\\xab\\xd7+\\xd6MP\\x02 b\\x15?\\xf0\\xc0\\xe8*\\xe5\\xb4c\\xa18P\\xb1\\xca\\xcd\\x1bB-\\xf3?T/Lb{\\xc8\\xa7\\xe7\\x8b\\xc7p\\x00u\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01k\\xe6\\xffK\\xb1\\x00\\x00\\x04\\x03\\x00F0D\\x02 3\\xd0\\x84\\xbd\\x12\\x0bX=\\x82\\x07\\x9b4\\x85\\xb5\\xe7\\xe4\\x13\\xdeqG\\x88\\xf9\\xc6\\x9bQ\\xc2\\xe1f\\xd4C\\x0b\\x02 \\x13D\\xde \\x19\\xdb\\xc3\\xba\\x86\\x7f\\xb4>\\x91\\xf5\\r\\x9e\\xf9\\xaa1\\xfd\\xac\\xeb\\x89\\x9f\\xb9\\xca\\xd2\\x90(5j]", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "ecbb1027523951d1d3ef0dd0ddc245beec2deafd624a2145358843c84ced95c6", "sha1": "17709c6514e7a1e318267f83e0d43a76aef65afd"}, "serial": 261701630694962235424771636140764149058288, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "vit.3cx.eu"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFSjCCBDKgAwIBAgISAwESbLR9fEOMgOQw22mIbArwMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MTIxNTIzMzlaFw0x\nOTEwMTAxNTIzMzlaMBUxEzARBgNVBAMTCnZpdC4zY3guZXUwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDBaB+o6WQsk4TG+Kwo3ag+jnaMHQzSlthYq8iD\nXu9dCJrkP7t43nlBNOkj2g0OSN7+tw+8rsmCqG5zHoL1Y9agI7UabeRW3XrrETG7\nelwnFcJnSSOPP0L73NTDz0r2Wy40DKdxdixq7/6jvN4xvlVWNlRmTOSsDr45HPQa\nJxaeyfBvNTSu5rJ4dCR+FcdNoR2BqQ7BOi1IfsFW1gyYYTksX1EuHsVjaxL05+DK\n6BM8haioU07jpsb4OsAwicyzDmssvtHakLgk1IUpGPsocOPtNMJOIeXNccAGCL8F\nHGBlOhOH7UeoqwFxDSzld5V5oGrIEU7R0SylPFtIs3XISqVJAgMBAAGjggJdMIIC\nWTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\nMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEYA1vQWJRmhdWi9955lNQTtZtQCMB8G\nA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAu\nBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAv\nBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8w\nFQYDVR0RBA4wDIIKdml0LjNjeC5ldTBMBgNVHSAERTBDMAgGBmeBDAECATA3Bgsr\nBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0\nLm9yZzCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AHR+2oMxrTMQkSGcziVPQnDC\nv/1eQiAIxjc1eeYQe8xWAAABa+b/S7cAAAQDAEYwRAIgMoqLVCpAPvYcvIzHhyx4\nzjD4ouSNUhgQe8Wr1yvWTVACIGIVP/DA6CrltGOhOFCxys0bQi3zP1QvTGJ7yKfn\ni8dwAHUAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWmOLHHaFRL2I0AAAFr5v9LsQAA\nBAMARjBEAiAgM9CEvRILWD2CB5s0hbXn5BPecUeI+cabUcLhZtRDCwIgE0TeIBnb\nw7qGf7Q+kfUNnvmqMf2s64mfucrSkCg1al0wDQYJKoZIhvcNAQELBQADggEBAHMP\nR7mdUQajZtB00jhEqnIQRuTGuSen2OIytnFZcpX4A5sqrQHyOZ7/HssLjKPc28Yn\nwoerJ6U6Iu6dpMbshbZeFizlyLD385E0A3eKq16O+Qx8nZCKBnraQvHlEgNxpUML\nNlUR4yO9M8gR2PZWpSsIRWKvHbD1VyPG6hy4yNXjDPxa0+B58IoD7xdZDVL3gLGV\nOR6B+8R/vlt9HgzF3jTtIi2ppSZ2jyR/SlCc53eIgHUNKEe0a9HnYCp4mp5kdWwq\nvgHK9YYZh3pTcBvw2QCoZ/bCyWtjGREyCf5gWZRwiI0mXPl22Oj/OSK9bVFGbLUV\ndFT/h5o7476NZ5n2oeU=\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["h2", "http/1.1"]}, "hostnames": ["mail.verbugt.com"], "location": {"city": "Naaldwijk", "region_code": "11", "area_code": null, "longitude": 4.216000000000008, "country_code3": "NLD", "latitude": 51.99340000000001, "postal_code": "2672", "dma_code": null, "country_code": "NL", "country_name": "Netherlands"}, "timestamp": "2019-07-23T20:55:14.651581", "domains": ["verbugt.com"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://84.243.217.30:5001/favicon.ico"}, "host": "84.243.217.30", "html": "3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1026100908}, "os": null, "_shodan": {"crawler": "545144fc95e7a7ef13ece5dbceb98ee386b37950", "ptr": true, "id": "cae161af-2c29-4957-8882-56467b5f7c98", "module": "https-simple-new", "options": {}}, "ip_str": "84.243.217.30"}, {"info": "SIP end point; Status: 200 OK", "hash": -140453834, "ip": 665395713, "isp": "China Mobile", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=35e5c8-0-13c4-38fe10-6e0dfdb8-38fe10\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=129.144.17.54;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer,path\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS9808", "port": 5060, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 113.72660000000002, "country_code3": "CHN", "latitude": 34.77250000000001, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:53:45.855967", "domains": [], "org": "China Mobile Guangdong", "os": null, "_shodan": {"crawler": "b0f0de701beef55d9f52a22b2c071d0ea384bc26", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "39.169.34.1"}, {"ip": 3521879703, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "HOST": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": 598694143}, "version": "1.3.6rc2", "location": {"city": null, "region_code": null, "area_code": null, "longitude": -97.822, "country_code3": "USA", "latitude": 37.751000000000005, "postal_code": null, "dma_code": null, "country_code": "US", "country_name": "United States"}, "product": "ProFTPD", "hash": -1902827365, "tags": ["starttls"], "timestamp": "2019-07-23T20:56:51.358874", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190130000000Z", "expires": "20200229120000Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"data": "0\\x16\\x80\\x14S\\xca\\x17Y\\xfck\\xc0\\x03!/\\x1a\\xae\\xe4\\xaa\\xa8\\x1c\\x82V\\xdau", "name": "authorityKeyIdentifier"}, {"data": "\\x04\\x14\\x06\\xf2\\xa1\\x96\\x84\\x19m\\xb3\\xb1\\xce<\\x9f\\xe1\\xd4^\\xe6\\x18\\xb0\\xf4t", "name": "subjectKeyIdentifier"}, {"data": "0\\x18\\x82\\x16mail2.thewalshgroup.ca", "name": "subjectAltName"}, {"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"data": "0503\\xa01\\xa0/\\x86-http://cdp.rapidssl.com/RapidSSLRSACA2018.crl", "name": "crlDistributionPoints"}, {"data": "0C07\\x06\\t`\\x86H\\x01\\x86\\xfdl\\x01\\x020*0(\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1chttps://www.digicert.com/CPS0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x01", "name": "certificatePolicies"}, {"data": "0g0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\\x1ahttp://status.rapidssl.com0=\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x861http://cacerts.rapidssl.com/RapidSSLRSACA2018.crt", "name": "authorityInfoAccess"}, {"data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00u\\x00\\xb2\\x1e\\x05\\xcc\\x8b\\xa2\\xcd\\x8a N\\x87f\\xf9+\\xb9\\x8a% gk\\xda\\xfap\\xe7\\xb2IS-\\xef\\x8b\\x90^\\x00\\x00\\x01h\\x9f4\\xbd\\xdb\\x00\\x00\\x04\\x03\\x00F0D\\x02 \\x11\\x8c\\xb0/D\\x1b\\x08\\x1d\\xe4\\xf8~\\x08\\xa6\\xdeF\\x0f\\x10,\\x01\\xa9\\x86\\x91\\xa6p\\xd7\\xd3\\xc8\\xaf_5\\xe3@\\x02 \"\\x98\\xbe\\x1c\\x1e~\\x83\\x037\\x08\\x82\\xc5$\\xf4\\x87{\\x1a]J\\x7f\\x1c\\xab\\xa7\\t\\x82\\x19\\xf2\\xd5&A\\xccH\\x00w\\x00\\x87u\\xbf\\xe7Y|\\xf8\\x8cC\\x99_\\xbd\\xf3n\\xffV\\x8dGV6\\xffJ\\xb5`\\xc1\\xb4\\xea\\xff^\\xa0\\x83\\x0f\\x00\\x00\\x01h\\x9f4\\xbe\\xa6\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\x86C\\xb0\\x9a\\xcbs\\xf4\\xbb\\xa1f\\xe4\\xe0\\xe5(\\xca\\xdc\\xea%\\x02\\xe7\\xb9\\xc4\\x0f\\x91%\\x05\\xd9%l~\\'I\\x02!\\x00\\xff\\r\\x99T\\x96\\xa6\\x8aZa\\x8b\\x9d\\xa4j\\xbf \\xbd\\x85@{!+\\xc2\\x1faqh2\\x85\\x15\\xcc\\x15\\x9e", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "4b4423c3189f4384eb3a2e174744c751ed2b77365d8b7882ab24f919944a0972", "sha1": "9455d87214f4848522e59a42bc8373dba48208b5"}, "serial": 14892154953851673681783963959854777666, "issuer": {"C": "US", "OU": "www.digicert.com", "O": "DigiCert Inc", "CN": "RapidSSL RSA CA 2018"}, "expired": false, "subject": {"CN": "mail2.thewalshgroup.ca"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFuTCCBKGgAwIBAgIQCzQf7WbBog2urLF0Rn5FQjANBgkqhkiG9w0BAQsFADBe\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRSYXBpZFNTTCBSU0EgQ0EgMjAxODAe\nFw0xOTAxMzAwMDAwMDBaFw0yMDAyMjkxMjAwMDBaMCExHzAdBgNVBAMTFm1haWwy\nLnRoZXdhbHNoZ3JvdXAuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB\nAQDllL4FN/TXQ1txOZyIT9scr3HLExmxlElwXcUAPYWKpVkUFG1XmcB6A6Lrj09a\nir8/d7yJHmoK5eWqJMlUH6e7wiV9Tmb6i5BEybtFVPJ8a1glMdclC2rFYgLVrxOr\n0jg/QF/8Xw1kkMiroEOjMQWQbq3U28F5eImAALzbyuDe9XRZonTBBLY7DtxM4D72\nLTjPrl3ZYR7ehNExeUtImUYfM/6T6RMDogw4RuNc0uS8wFSuNa/CVAOVvyw3Ltk7\nnrciy5a6tdrG9zUnyifWw1PmGUYlz2JMD8dJUXzoJnDq+9p7xrGysY09jTWGk++d\nozqr0GSpEPOP0EHGQ0fArWfxAgMBAAGjggKuMIICqjAfBgNVHSMEGDAWgBRTyhdZ\n/GvAAyEvGq7kqqgcglbadTAdBgNVHQ4EFgQUBvKhloQZbbOxzjyf4dRe5hiw9HQw\nIQYDVR0RBBowGIIWbWFpbDIudGhld2Fsc2hncm91cC5jYTAOBgNVHQ8BAf8EBAMC\nBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD4GA1UdHwQ3MDUwM6Ax\noC+GLWh0dHA6Ly9jZHAucmFwaWRzc2wuY29tL1JhcGlkU1NMUlNBQ0EyMDE4LmNy\nbDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczov\nL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcw\nJgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMucmFwaWRzc2wuY29tMD0GCCsGAQUF\nBzAChjFodHRwOi8vY2FjZXJ0cy5yYXBpZHNzbC5jb20vUmFwaWRTU0xSU0FDQTIw\nMTguY3J0MAkGA1UdEwQCMAAwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQCyHgXM\ni6LNiiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAWifNL3bAAAEAwBGMEQCIBGM\nsC9EGwgd5Ph+CKbeRg8QLAGphpGmcNfTyK9fNeNAAiAimL4cHn6DAzcIgsUk9Id7\nGl1KfxyrpwmCGfLVJkHMSAB3AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9e\noIMPAAABaJ80vqYAAAQDAEgwRgIhAIZDsJrLc/S7oWbk4OUoytzqJQLnucQPkSUF\n2SVsfidJAiEA/w2ZVJamilphi52kar8gvYVAeyErwh9hcWgyhRXMFZ4wDQYJKoZI\nhvcNAQELBQADggEBANdwL1ZqWy0ihRuJrosv+MRbDgU8SauFoX9VKnaNQrlAu3N1\nQWBTK7WZfqC8ZgUkp1NHXITze/rYLqCnMCT2SArtBD2+TVbpm0fwuHWT5uCOKI2D\n/pncchrmoPjPOsUcben8xo9nu0PxfBro0KzqLqTrXdxNNKscnL+/8zKIIvjL0xYa\nqAJUcMV5yBQIuThiDpuZt1iN7u/fUFBUAnk8ih/MdsOFqv1NBqQhZCSsPElVVbpD\nbLrhV7Hc4ZKO9fg8Weo16tigcvHJDUZ/eDKsOcMAjhb/eEgVblDaIe1rm/Aszx6h\noF7VGuoEPKvPpbIFCqmkJYiY2SMYeRoeZ0PO4m8=\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": [], "org": "Telus Communications", "data": "220 ProFTPD 1.3.6rc2 Server (ProFTPD) [209.235.158.151]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n STOR STOU APPE REST ABOR USER PASS ACCT* \n REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n AUTH TLS\n CCC\n EPRT\n EPSV\n HOST\n LANG en-US*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n PBSZ\n PROT\n REST STREAM\n SIZE\n SSCN\n TVFS\n UTF8\n211 End", "asn": "AS852", "isp": "InternetNamesForBusiness.com", "cpe": ["cpe:/a:proftpd:proftpd:1.3.6rc2"], "domains": [], "ip_str": "209.235.158.151", "os": null, "_shodan": {"crawler": "8cd926590a400feb4b683f8337a77287ddf3d2c7", "ptr": true, "id": "e944ee76-701f-444e-aab1-d5fa50e2e5c5", "module": "ftp", "options": {}}}, {"ip": 1509811741, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["en-US.utf8"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "SSCN": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "EPRT": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 116233811}, "version": "1.3.5b", "location": {"city": null, "region_code": null, "area_code": null, "longitude": 37.60679999999999, "country_code3": "RUS", "latitude": 55.73859999999999, "postal_code": null, "dma_code": null, "country_code": "RU", "country_name": "Russian Federation"}, "vulns": {"CVE-2019-12815": {"verified": false, "references": ["http://bugs.proftpd.org/show_bug.cgi?id=4372", "https://github.com/proftpd/proftpd/pull/816", "https://tbspace.de/cve201912815proftpd.html"], "cvss": 7.5, "summary": "An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306."}}, "product": "ProFTPD", "hash": 965375933, "tags": ["starttls", "self-signed"], "timestamp": "2019-07-23T20:57:11.624872", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190226111329Z", "expires": "20200226111329Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 0, "extensions": [], "fingerprint": {"sha256": "caf20e57b95dbfc4bc8d586748637ebf638c8b7aba96865eb5aaa762e35bc5e4", "sha1": "d4b5b72f813a33d25ff72d949365a617fe933aa3"}, "serial": 1551179609, "issuer": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}, "expired": false, "subject": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIDfTCCAmUCBFx1H1kwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw\nEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP\nZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B\nCQEWDmluZm9AcGxlc2suY29tMB4XDTE5MDIyNjExMTMyOVoXDTIwMDIyNjExMTMy\nOVowgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH\nEwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE\nAxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYsPOQCT32oYFryhFNyQAKah/bkvVBGf\niWHiSdR7LNgHb4nPf0mXy8ArZSHhi/ddzsN/1p3G0+/bqP6IK+ZqGkGxITjBenGY\nt43TApAUZzvfYjJtBW45b2K+/i9DA1hK+W50/LCPSkWNk9eZL2lyDSY6OLUbpgon\n6YaFyax8S2EsiKSw82jG9o7KoBRH5uebFlvL4KvnAx4se1RKtsH2rcMpc7/sdrzY\n98BeHDIyknuQtz4nel1zM14ziWisuykNfsv5ufsLSMu7BaF61f1bMvu4AYI5e4Pg\nY+AWqa3sXfd9ElSGQ/o7Ng7yeqoKVjsN/OGpnmAVGkwGdjP+RzMfiwIDAQABMA0G\nCSqGSIb3DQEBCwUAA4IBAQBdbOUTkjLxKKD+ASpd8sM0+IEMP7M9dsB/+DnhM22e\nIPrfcgEZT+2ybLba64z+AMYRqHur2O1FbqJhufqIs9xrp4MQtyRPigJh506nlRgm\nh0X6l1Swh9a+lomPi5FeZbg2N7WnnK0LBSF5x0dvh6sG2r4FAwt5tL0FaiuQoQ0B\n8/tUp5q/45gPxONb1Wzpj+nX9LbkePpOCFKvwlGqdtZT9NfXmhQZVE0alslP1JXl\niyxkcdB5Z0jJt86d9+zExaTbKoWPz8Ns7t1vabhqwv7nyxAptS50v8ssUM/9E5x8\n1pXoL8UQ8UakPVScUY+A/lz8AM4WXmIyPT3aFk381LfX\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["vps-1061792-21823.host4g.ru"], "org": "Rusonyx, Ltd.", "data": "220 ProFTPD 1.3.5b Server (ProFTPD) [89.253.230.29]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n CCC\n PBSZ\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n UTF8\n EPRT\n EPSV\n LANG en-US.utf8*\n MDTM\n SSCN\n TVFS\n MFMT\n SIZE\n PROT\n211 End", "asn": "AS41535", "isp": "Rusonyx, Ltd.", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5b"], "domains": ["host4g.ru"], "ip_str": "89.253.230.29", "os": null, "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "97262197-a960-414c-9f8c-0c111270fb4c", "module": "ftp", "options": {}}}, {"hash": -787012725, "ip": 2448379680, "org": "OVH SAS", "isp": "OVH SAS", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:57:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 28 Mar 2019 08:23:00 GMT\r\nConnection: keep-alive\r\nETag: \"5c9c8464-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:57:02 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS16276", "port": 5001, "ssl": {"dhparams": {"prime": "c22d24a234bc683bf0747c18060bb3a2fe00d024f547ea8ff3c6a00f7b527ce14bf4de9ebd7aa42971bb24729d5421625b9115b8e6ad3e302e87c8ae5ef81344b1318044535506105233e873bdbbf048b87a969482717f211fb3314365cf2152f173303b608535a98664d9a2dcc9038f313020fdf2fb4c60f5d446c9803736ca5971197a9c493e94f9b597ac305585b8b78d08c656f505c624ef27a1fc51ec8f3631b5d2d997f388121b66fbcb1cbdf591fa8e38dabc5bb648f374f269d9f5f03149ebe7ff30e171b58c93a4a53b35df49b7919f90af77b0f9db8367eadb7654372825b8cef382bf53dd80ce2d4baf5a35e06099ef531f52b9c5c7f37403fdd1", "public_key": "7ab1ebc022d6673e80a1a8fb5d3d9d465e4df9168d6701bb9df6bafbf33171d8dc4deb33271ca29f1b82bca53906b6dc0a54acb06456aba9aee2a1c71e1f3d1ab722f5a40a87a593df461c06088795777287ac4b5dfb56bfcf7264da67caffe60d094a1a7c6e76e24a33f69c6b1561eeadc3e0b92049d86674e7be1196dd78c49c1769f8054ce18ede98e8997eeed69dcee3b2fec4aa7d8b3c416e8f0603022009cecd3540bfee41fe26c8c2fbbcaac3f8b7a97daff45e9cd21c15f603e47bef3a5178a9ddf2c349fbc067b2ade9b59c75ea47f04bfcdfcb6325cdfe3011a570d5df51932599b13e73cfff0dd98bd827847faf60bf3b2406f8fd8f34c33cc554", "bits": 2048, "generator": "7a302b02fc48aa9da71a34f59ae21a89755aa12b3247012427d6b385ab6d9018b52d2fb5af956c100720ca7ada85ba23aa741688c5958ed481f5d538f387c7213a30167aee12ef632bac06a67e3ded509e09bd60cc394a6b7bd792c36c40f07070ddcf272f9bfad41158d0f85f518f3d61288c0b73b0b8b8c6a9a0af20a39525df2dc2008da2f40ca7045b73dd87acbc850a8989dc330e6ac6add72c9c49a670074af6665f0075d7e1abf63d46814f20bee1aba45399a8b77af91f26ea20b54157d9602403c8ddba0509390153e3871425bdca48c3ce866339a7532000387bc4fc8d3a152a178abc34c2a488fbadeecec8ea8452f19cb033e9f27bc402b4c637"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190524032854Z", "expires": "20190822032854Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14nw\\x8e\\xb8\\xda\\xf5\\xef\\x06=ov \\x80\\x81\\x04\\xdcP\\xab\\xc4\\xe4", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\r\\x82\\x0bfara.3cx.be", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf3\\x00\\xf1\\x00w\\x00)\\xb6\\x84\\x06;2\\x04\\xe6\\xa5\\x02!\\x00\\x8c;\\xf1\\x7f\\x86\\xe9{\\x88H\\xea\\xf7\\x97`\\x91\\xbb\\xa3\\xa5\\'\\x11\\x05\\xa1\\xe7\\xb4\\x87\\xe2?\\\\>V\\xcc%\\xc3\\x00v\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01j\\xe8\\x19Q\\xf0\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xb5H\\x96\\x03\\xcfX\\x90\\xec\\x95\\xb1\\xc0\\x13\\x04\\xaf\\xde\\x8a{G\\x05l\\xc1\\x7f\\x8e\\\\\\x92\\x00\\xcc\\x94f\\xe8\\x14\\x8e\\x02 \\x06\\xb1<\\xc5\\xfa\\xb9\\xa5]\\xb0\\xc8\\x85T\\xa6\\xd9\\xc3E\\xf8DpV\\xf8\\x1c\\xab\\xb6\\xb2\\xd5bM~\\x9d\\xf6Q", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "aa4bafca4214cd092c8ed0d238c8dc55192599d48cc6c59d83751f95084154bd", "sha1": "da152cbddae4716883cfb1d29927e270c959456f"}, "serial": 306652606115499129408742827703970853795381, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "fara.3cx.be"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFTzCCBDegAwIBAgISA4Urx6oKevpNmDDRNo9dw7Y1MA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MjQwMzI4NTRaFw0x\nOTA4MjIwMzI4NTRaMBYxFDASBgNVBAMTC2ZhcmEuM2N4LmJlMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HLmJpvwKKARJhGejstMXBy5vXSvTidbtKlB\nUWewbA2CVITHo5N8Zf/ccZPJAjaGivBbtBaBLJ4P7yYsPiO62gXsh/re3JAO4utw\nrn4OHwtIqyuiDDV5w6CJMGFmX+XKGCujAb9obLbnIW8m0sUBive2iA/hKuKpgKo1\nmLuG4isNRaxfIUXiwwDplXHibzStK9TkLqHUKDNmeql8MS280hHcyZoBoH0UNEXk\nwdxeDw17fqOjzlRP9xlDlXtEFlmcLzkJXCyfvmwI5ljc2cugiWR2JcrNWRrQFzDK\nC/wJSyGcSvbATIEdiIxLAW4dX5CWZE8sftlMpFRfG2iWpwMC2wIDAQABo4ICYTCC\nAl0wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD\nAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRud4642vXvBj1vdiCAgQTcUKvE5DAf\nBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEw\nLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcw\nLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcv\nMBYGA1UdEQQPMA2CC2ZhcmEuM2N4LmJlMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcG\nCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5\ncHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAKTxRllTIOWW6qlD8WAfU\nt2+/WHopctykwwz05UVH9HgAAAFq6BlQHwAABAMASDBGAiEAuTtdtCoYDsJlWmVv\nWgtngcQ/DjpknY0+toQGOzIE5qUCIQCMO/F/hul7iEjq95dgkbujpScRBaHntIfi\nP1w+VswlwwB2AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABaugZ\nUfAAAAQDAEcwRQIhALVIlgPPWJDslbHAEwSv3op7RwVswX+OXJIAzJRm6BSOAiAG\nsTzF+rmlXbDIhVSm2cNF+ERwVvgcq7ay1WJNfp32UTANBgkqhkiG9w0BAQsFAAOC\nAQEAZ6cQ02m9Yc4IBMFoU34hPvCIyM8o+TumDrR6wllQOmyIM/rqnHCbnNvcli5y\nQTSCjHxCaIxUStybPNaLPVox+wksLejcnPLEufB6uJGUTMUAM5jy5sF1z+nPKCeO\n1FFyFJGS62JS3MJUihUwiU5jg+i83lsTsHpmI8+ZnlfXd9DmMLfbCWxbKElY8nZu\na0ig3tXMwx/uAkgTYCPTn2FUbY+sjcNOJ1h4YI9OhNHPVA1MFOzftRoAetEbW4FW\nvI6WZybcwd93DsbrLsq+5UanSPOz5LMxA6BkAyLB60i3h3Ra78TDwuUd9SMj+230\ngHj6/Mu0Vos+rpk6WAQIkzneYA==\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["h2", "http/1.1"]}, "hostnames": ["32.ip-145-239-79.eu"], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 2.3386999999999887, "country_code3": "FRA", "latitude": 48.85820000000001, "postal_code": null, "dma_code": null, "country_code": "FR", "country_name": "France"}, "timestamp": "2019-07-23T20:57:10.746634", "domains": ["ip-145-239-79.eu"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://145.239.79.32:5001/favicon.ico"}, "host": "145.239.79.32", "html": "3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": -157832278}, "os": null, "_shodan": {"crawler": "65e79faecee26516a8ed6f16c1142432f303fbdc", "ptr": true, "id": "0aa9d3cd-97f3-480d-975b-cf8906caeac4", "module": "https-simple-new", "options": {}}, "ip_str": "145.239.79.32"}, {"ip": 1509810733, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["en-US.utf8"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "SSCN": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "EPRT": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 116233811}, "version": "1.3.5b", "location": {"city": null, "region_code": null, "area_code": null, "longitude": 37.60679999999999, "country_code3": "RUS", "latitude": 55.73859999999999, "postal_code": null, "dma_code": null, "country_code": "RU", "country_name": "Russian Federation"}, "vulns": {"CVE-2019-12815": {"verified": false, "references": ["http://bugs.proftpd.org/show_bug.cgi?id=4372", "https://github.com/proftpd/proftpd/pull/816", "https://tbspace.de/cve201912815proftpd.html"], "cvss": 7.5, "summary": "An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306."}}, "product": "ProFTPD", "hash": 1804437561, "tags": ["starttls", "self-signed"], "timestamp": "2019-07-23T20:56:37.960761", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20170928064950Z", "expires": "20180928064950Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 0, "extensions": [], "fingerprint": {"sha256": "22a1a7d6bfb2c0e9f6d4353380edefd3b4a58431c4aff7b5a76ce72b5d3e639b", "sha1": "4f553d65c6e7897d7de156a82dc2e8930638e4c9"}, "serial": 1506581390, "issuer": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}, "expired": true, "subject": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIDfTCCAmUCBFnMm44wDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw\nEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP\nZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B\nCQEWDmluZm9AcGxlc2suY29tMB4XDTE3MDkyODA2NDk1MFoXDTE4MDkyODA2NDk1\nMFowgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH\nEwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE\nAxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPyZ4eloaABAeuDsNTga4nOEwri0O1yZ\ngYy4g6ebmV1k39OtSKhLJyD16Eiy7gqZyGgdywHA5eiv8b2K2zrUiX2eTnr//Jkf\n/HWzvb1uLHpcQG/5/Z8rHREXBrNX4kMhR5/RSrDBXeg0FsGXWnM8iwq0oYsnXT2h\nxkM65yDqAzGxiPm0kp3fFuoOXZfRspizcjiedEYIbcRhUTtcx8Sfmgsja9WWZ2pT\nRNWLc33F26pW4accHMoMKck88K4OFnywuQYD5QDplgQT0pwmyviWtpYpzeW0efAs\n4LgaKGqo4v9xPOtrYeauEQhYR+9hL1prR50PSHtVZDmPjQ/I0B41YQIDAQABMA0G\nCSqGSIb3DQEBCwUAA4IBAQCju0RKhQJi/9YD2atZ2afr+AcdwRERp0+fjZCzrI1O\n3leuBvGiLKMLyHO13uUtixx/W2WoK4Gz2sBh7ZB0C+CiffqXSCGHx1VpSWA2mcdB\njxFauN6DOcy1JQ0oBOD8PWWa0mTbwzJcnBgXehnZbRQtox3naE4MBK375Tsy0WBC\nKF34EPPAF55xZt3fwktAeywLIRkM7U9G0TZdUk06ONM6TtGpf19D/Qq7/K6Y+wQ6\nzL/Lk3wU1I8/qWLtZZmHrhHaNff438Rog4BLUhns463ZLvxPd+3RQ4EXxziZ42Um\n1ATq7p7Y29kogCwDZYzYl94rM+Tyfm/H++zWRH92hrol\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["dds-1055792-19934.host4g.ru"], "org": "Rusonyx, Ltd.", "data": "220 ProFTPD 1.3.5b Server (ProFTPD) [89.253.226.45]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n CCC\n PBSZ\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n UTF8\n EPRT\n EPSV\n LANG en-US.utf8*\n MDTM\n SSCN\n TVFS\n MFMT\n SIZE\n PROT\n211 End", "asn": "AS41535", "isp": "Rusonyx, Ltd.", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5b"], "domains": ["host4g.ru"], "ip_str": "89.253.226.45", "os": null, "_shodan": {"crawler": "0636e1e6dd371760aeaf808ed839236e73a9e74d", "ptr": true, "id": "6503a049-b13f-4681-97eb-f5e9229d1782", "module": "ftp", "options": {}}}, {"hash": -460500224, "ip": 1379395722, "org": "Telecom Italia", "isp": "Telecom Italia", "transport": "tcp", "data": "HTTP/1.0 302 Found\r\nLocation: http://127.0.0.1:80\r\n\r\n", "asn": "AS3269", "port": 8000, "hostnames": ["host138-232-dynamic.55-82-r.retail.telecomitalia.it"], "location": {"city": "Castro Dei Volsci", "region_code": "07", "area_code": null, "longitude": 13.406299999999987, "country_code3": "ITA", "latitude": 41.50819999999999, "postal_code": "03020", "dma_code": null, "country_code": "IT", "country_name": "Italy"}, "timestamp": "2019-07-23T20:57:38.711572", "domains": ["telecomitalia.it"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "HTTP/1.0 404 Not Found", "sitemap_hash": null, "robots": null, "favicon": null, "host": "82.55.232.138", "html": "HTTP/1.0 404 Not Found\r\nContent-Type: text/html\r\nContent-Length: 112\r\n\r\nHTTP/1.0 404 Not Found\r\n

HTTP/1.0 404 Not Found.

\r\n", "location": "/", "components": {}, "securitytxt_hash": null, "server": null, "sitemap": null, "html_hash": 144425922}, "os": null, "_shodan": {"crawler": "4f9b846181c7a8a68bcc980ab6b9f2b340ab5fb2", "ptr": true, "id": "c94c33a9-64a9-445b-aa42-b1b34833ba40", "module": "http-simple-new", "options": {}}, "ip_str": "82.55.232.138"}, {"hash": 1408850012, "ip": 2045520818, "isp": "China Telecom jiangsu", "transport": "tcp", "data": "HTTP/1.1 400 Bad Request\\r\\nDate: Wed, 24 Jul 2019 04:46:13 GMT\\r\\nServer: Apache/2.2.15 (CentOS)\\r\\nContent-Length: 301\\r\\nConnection: close\\r\\nContent-Type: text/html; charset=iso-8859-1\\r\\n\\r\\n\\n\\n400 Bad Request\\n\\n

Bad Request

\\n

Your browser sent a request that this server could not understand.
\\n

\\n
\\n
Apache/2.2.15 (CentOS) Server at 127.0.0.1 Port 80
\\n\\n", "asn": "AS4134", "port": 81, "hostnames": ["178.43.236.121.broad.sz.js.dynamic.163data.com.cn"], "location": {"city": "Suzhou", "region_code": "04", "area_code": null, "longitude": 120.59539999999998, "country_code3": "CHN", "latitude": 31.304100000000005, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:54:03.181549", "domains": ["163data.com.cn"], "org": "China Telecom jiangsu", "os": null, "_shodan": {"crawler": "93b89eaabe5431ba7f29e8d442c5903ef6e244f6", "ptr": true, "id": "e6e6c1a0-5517-423c-bba4-cff015967a9d", "module": "xtremerat", "options": {}}, "ip_str": "121.236.43.178"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "UTF8": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 854928527}, "hash": 1337482215, "ip": 3739838387, "isp": "SK Broadband", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (NAS1-943FA6) [192.168.0.118]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n UTF8\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "65e79faecee26516a8ed6f16c1142432f303fbdc", "ptr": true, "id": "46e85e21-a1e3-4081-b68b-c3e6f38303fb", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Incheon", "region_code": "12", "area_code": null, "longitude": 126.73169999999999, "country_code3": "KOR", "latitude": 37.453599999999994, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:56:52.711969", "domains": [], "org": "SK Broadband", "os": null, "asn": "AS9318", "ip_str": "222.233.103.179"}, {"ip": 3671447683, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "SSCN": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "EPRT": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": 479786427}, "version": "1.3.5b", "location": {"city": "Kwun Tong", "region_code": "00", "area_code": null, "longitude": 114.2167, "country_code3": "HKG", "latitude": 22.316699999999997, "postal_code": null, "dma_code": null, "country_code": "HK", "country_name": "Hong Kong"}, "vulns": {"CVE-2019-12815": {"verified": false, "references": ["http://bugs.proftpd.org/show_bug.cgi?id=4372", "https://github.com/proftpd/proftpd/pull/816", "https://tbspace.de/cve201912815proftpd.html"], "cvss": 7.5, "summary": "An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306."}}, "product": "ProFTPD", "hash": -889758427, "tags": ["starttls"], "timestamp": "2019-07-23T20:54:18.603546", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190529153558Z", "expires": "21190505153558Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"data": "\\x03\\x02\\x05\\xe0", "name": "keyUsage"}, {"data": "0\\n\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01", "name": "extendedKeyUsage"}, {"data": "0\\x1a\\x82\\x0c*.vps360.net\\x82\\nvps360.net", "name": "subjectAltName"}], "fingerprint": {"sha256": "07cb3eb43474b9fa194a6e0793141af3695ab0f796826b536a5874201dd00442", "sha1": "2fabb9d385c89345d2c1e41b68e5112c306019f7"}, "serial": 13804219164334254699, "issuer": {"C": "HK", "ST": "HKSAR", "CN": "ns360.net", "O": "NS360", "OU": "NS360 Certification Authority"}, "expired": false, "subject": {"C": "HK", "CN": "*.vps360.net", "L": "Hong Kong", "O": "VPS360", "ST": "HKSAR", "OU": "I.T. Dept"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIDpDCCAoygAwIBAgIJAL+ScDEryGprMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNV\nBAYTAkhLMQ4wDAYDVQQIDAVIS1NBUjEOMAwGA1UECgwFTlMzNjAxJjAkBgNVBAsM\nHU5TMzYwIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQDDAluczM2MC5u\nZXQwIBcNMTkwNTI5MTUzNTU4WhgPMjExOTA1MDUxNTM1NThaMG0xCzAJBgNVBAYT\nAkhLMQ4wDAYDVQQIDAVIS1NBUjESMBAGA1UEBwwJSG9uZyBLb25nMQ8wDQYDVQQK\nDAZWUFMzNjAxEjAQBgNVBAsMCUkuVC4gRGVwdDEVMBMGA1UEAwwMKi52cHMzNjAu\nbmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWepI1R9GC5GPwvS\n8njWdDd/uOcvo+E7UvQFizPRn6kJB8OPHJDSRhyMWjE8Za+uSHmZWSp82/drtBpC\nPK6JId9vylF4cNOkQXbY6SqRZvIkbeezx8f4cMzy/B0m/gY56hUp9FxBEijB3HkB\nsKwKOJhu/WLiuIlsOIIS7LT8/tG+jjlDAxWeyvAY7XN/ro23SrBeFy/H34ZmP44o\nEsLQnkRERbNvWlEtJdSEUNc4i6spihfVnPXaQ6iUcfwPKGB7IlBCBiEMRuYe58tf\ndWbgYV5BBR39fV99FWTO32dLSMXsD19BsHCLD0ubfJc9zTedqyuKtO+T3FWal7Te\nUuZmYwIDAQABo0kwRzALBgNVHQ8EBAMCBeAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw\nIwYDVR0RBBwwGoIMKi52cHMzNjAubmV0ggp2cHMzNjAubmV0MA0GCSqGSIb3DQEB\nCwUAA4IBAQCvXpWcPxL3o/si8BldlAPjx1RKhJfyUTGeRRDdh0sq+KZhEXGsAquc\nzQfaoaNgRJKTOrWrXvkAVbHfY7jooHbyqBzNi8PHyjTQUvE3xxrpCgHILik4JRqc\nty2qMbsjREudrQA/xGYFVro2dKvmVn5L1+Nn6A1Nds0T2ONNRDKMCZqOslsYuCrO\nEm4mr9ezaXYz2ijsNPcB51KAQArbDXO2yETgKuHuhark9DS1EZN4Dv/i76Iw/raR\nrxGTAuvl/4cg4uotTEuezm3boNkPPd1oVIJkjmpZ7UYzwFA7mCUgVGbdk7kESnSF\ns5EPkE8UIHC/z28se3NFDgEMmkulNVal\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["218213216131.static.ns360.net"], "org": "NTT Com Asia Limited", "data": "220 ProFTPD 1.3.5b Server (ProFTPD) [218.213.216.131]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n SSCN\n TVFS\n MFMT\n SIZE\n PROT\n CCC\n PBSZ\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n UTF8\n LANG en-US*\n EPRT\n EPSV\n MDTM\n211 End", "asn": "AS9293", "isp": "HKNet Company Limited", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5b"], "domains": ["ns360.net"], "ip_str": "218.213.216.131", "os": null, "_shodan": {"crawler": "e9392a930ba74a5a7a9a04c307d8f2d045dad4b4", "ptr": true, "id": "629176ae-74e1-404f-868b-591c8fc627de", "module": "ftp", "options": {}}}, {"hash": 1436350497, "ip": 1633527325, "isp": "Spectrum", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nProShip EQS Server Status

ProShip EQS Server Status

As of 13:49:22 on 2019-07-23

Worker Instance Information

Worker NoOfficial StatusIn Use FlagRequests ServicedProcess HealthPIDMessage
1ReadyNo1197Alive5744Last Remote=192.168.3.92 (Tuesday 7/23 13:48:17)
2ReadyNo8Alive4100Last Remote=127.0.0.1 (Tuesday 7/23 12:45:46)
3ReadyNo0Alive2940Ready to serve...
\r\n\r\n\r\n\r\n

ProShip Services

EQS has 3/3 available slots (100%)
ILS/SDK service is Running
PSST service is Not Installed

Status Values

Approximate Memory Utilization34%
Incoming Backlog Wait Timeout (msec)15000
Total Connections2480
Total Requests2480
Socket Timeouts (since LME/total)0/0
Socket Errors (since LME/total):0/0
Simlt. Client Count (now/max)0/3
Average Transaction Time (sec)0.287
Average Trans + Wait Time (sec)0.302
Original Service Start TS:07:31:11 on 2019-07-22 (Local TZ)
Last Maintenance Event (LME)Completed Successfully at 05:01:08 on 20190723
Maintenance Scheduling ThreadPatiently waiting.
Maintenance MessageMaint Run Scheduled around next 05:00
\r\n", "asn": "AS20115", "port": 3299, "hostnames": ["97-93-166-29.static.mtpk.ca.charter.com"], "location": {"city": "Glendale", "region_code": "CA", "area_code": 818, "longitude": -118.2632, "country_code3": "USA", "latitude": 34.13589999999999, "postal_code": "91204", "dma_code": 803, "country_code": "US", "country_name": "United States"}, "timestamp": "2019-07-23T20:57:44.266431", "domains": ["charter.com"], "org": "Spectrum", "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "c2657e0f-061b-4359-94f6-75e8a4788adb", "module": "sap-router", "options": {}}, "ip_str": "97.93.166.29"}, {"ftp": {"features": {"LANG": {"parameters": ["ja-JP", "ko-KR", "fr-FR", "bg-BG", "zh-CN", "zh-TW", "en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "UTF8": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1952667231}, "hash": -98319021, "ip": 3641710714, "isp": "LLC masterhost", "transport": "tcp", "data": "220 FTP server ready.\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n UTF8\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG ja-JP;ko-KR;fr-FR;bg-BG;zh-CN;zh-TW;en-US\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "65e79faecee26516a8ed6f16c1142432f303fbdc", "ptr": true, "id": "95b4f68d-46cc-489e-9cf6-c3a3919d0408", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 37.60679999999999, "country_code3": "RUS", "latitude": 55.73859999999999, "postal_code": null, "dma_code": null, "country_code": "RU", "country_name": "Russian Federation"}, "timestamp": "2019-07-23T20:57:34.370340", "domains": [], "org": "LLC masterhost", "os": null, "asn": "AS25532", "ip_str": "217.16.24.122"}, {"ftp": {"features": {"LANG": {"parameters": ["ko-KR", "zh-CN", "fr-FR", "bg-BG", "ja-JP", "en-US", "zh-TW"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "UTF8": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1337946371}, "hash": 660795393, "ip": 1475494995, "isp": "LLC masterhost", "transport": "tcp", "data": "220 FTP server ready.\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n UTF8\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG ko-KR;zh-CN;fr-FR;bg-BG;ja-JP;en-US;zh-TW\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "c4f6dbc45caa04f64112a93cf20c797b31978655", "ptr": true, "id": "2bb35c3f-452e-4162-9707-b07baa5b9a98", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 37.60679999999999, "country_code3": "RUS", "latitude": 55.73859999999999, "postal_code": null, "dma_code": null, "country_code": "RU", "country_name": "Russian Federation"}, "timestamp": "2019-07-23T20:56:31.947669", "domains": [], "org": "LLC masterhost", "os": null, "asn": "AS25532", "ip_str": "87.242.68.83"}, {"ip": 1054114854, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "HOST": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": 598694143}, "version": "1.3.6rc2", "location": {"city": "Kwintsheul", "region_code": "11", "area_code": null, "longitude": 4.25630000000001, "country_code3": "NLD", "latitude": 52.0145, "postal_code": "2295", "dma_code": null, "country_code": "NL", "country_name": "Netherlands"}, "product": "ProFTPD", "hash": -597369657, "tags": ["starttls"], "timestamp": "2019-07-23T20:56:56.502667", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20180921000000Z", "expires": "20200920235959Z", "pubkey": {"bits": 4096, "type": "rsa"}, "version": 2, "extensions": [{"data": "0\\x16\\x80\\x14\\x90\\xafj:\\x94Z\\x0b\\xd8\\x90\\xea\\x12Vs\\xdfC\\xb4:(\\xda\\xe7", "name": "authorityKeyIdentifier"}, {"data": "\\x04\\x14\\x9d\\xe3y\\xefhU\\xaaK\\x17\\x12E+\\xc2k:\\xa8\\xd8\\x02 H\\xc8r\\xb2e\\x88\\x14t\\xbb3GUw8\\x0b\\xb0g)\\xfa\\xca\\xe7\\x1e\\xda\\xf4VR\\xe3[\\x18\\x93lJ\\x00u\\x00^\\xa7s\\xf9\\xdfV\\xc0\\xe7\\xb56H}\\xd0I\\xe02z\\x91\\x9a\\x0c\\x84\\xa1\\x12\\x12\\x84\\x18u\\x96\\x81qEX\\x00\\x00\\x01e\\xfbp\\xb6\\xf0\\x00\\x00\\x04\\x03\\x00F0D\\x02 W\\xa1\\xf4v\\x85\\xdb\\x94\\x883]]\\xa8\\xbb\\xba\\'\\x0e\\xd1\\x0e:$\\xa5\\xc1z\\xeeRE\\xa0\\xd0\\xf1fx\\xe0\\x02 ?\\xdc\\xae\\x0bj\\xa2\\xd1l\\xbe+\\x1f\\x9b\\xabRX\\xe2\\xd5\\xa1\\x9bX+4\\xea&\"0\\xf8\\x9d\\xbez\\x87\\xb0\\x00w\\x00U\\x81\\xd4\\xc2\\x16\\x906\\x01J\\xea\\x0b\\x9bW's unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n STOR STOU APPE REST ABOR USER PASS ACCT* \n REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n AUTH TLS\n CCC\n EPRT\n EPSV\n HOST\n LANG en-US*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n PBSZ\n PROT\n REST STREAM\n SIZE\n SSCN\n TVFS\n UTF8\n211 End", "asn": "AS15426", "isp": "XenoSite B.V.", "cpe": ["cpe:/a:proftpd:proftpd:1.3.6rc2"], "domains": ["virunga.nl"], "ip_str": "62.212.132.38", "os": null, "_shodan": {"crawler": "3ea066bd24a3322c814bdf04c5719c13161c3140", "ptr": true, "id": "1cd82183-195a-4629-b98c-2c6f4f0a382b", "module": "ftp", "options": {}}}, {"ip": 1744455711, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "PBSZ": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 1104241132}, "version": "1.3.4c", "location": {"city": null, "region_code": null, "area_code": null, "longitude": 139.69, "country_code3": "JPN", "latitude": 35.69, "postal_code": null, "dma_code": null, "country_code": "JP", "country_name": "Japan"}, "product": "ProFTPD", "hash": 1259452814, "tags": ["starttls", "self-signed"], "timestamp": "2019-07-23T20:54:44.701470", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}], "versions": ["TLSv1", "-SSLv2", "SSLv3", "-TLSv1.1", "-TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha1WithRSAEncryption", "issued": "20131023001444Z", "expires": "20141023001444Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 0, "extensions": [], "fingerprint": {"sha256": "324e563b0ce3da2277e9e20221eedfde40175c69c329847e8a999583be8c7669", "sha1": "8b701a02f339a319d53ba8cceedb25f23d068337"}, "serial": 1382487283, "issuer": {"C": "US", "CN": "Parallels Panel", "L": "Herndon", "O": "Parallels", "ST": "Virginia", "emailAddress": "info@parallels.com", "OU": "Parallels Panel"}, "expired": true, "subject": {"C": "US", "CN": "Parallels Panel", "L": "Herndon", "O": "Parallels", "ST": "Virginia", "emailAddress": "info@parallels.com", "OU": "Parallels Panel"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "DHE-RSA-AES256-SHA"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIDszCCApsCBFJnFPMwDQYJKoZIhvcNAQEFBQAwgZ0xCzAJBgNVBAYTAlVTMREw\nDwYDVQQIEwhWaXJnaW5pYTEQMA4GA1UEBxMHSGVybmRvbjESMBAGA1UEChMJUGFy\nYWxsZWxzMRgwFgYDVQQLEw9QYXJhbGxlbHMgUGFuZWwxGDAWBgNVBAMTD1BhcmFs\nbGVscyBQYW5lbDEhMB8GCSqGSIb3DQEJARYSaW5mb0BwYXJhbGxlbHMuY29tMB4X\nDTEzMTAyMzAwMTQ0NFoXDTE0MTAyMzAwMTQ0NFowgZ0xCzAJBgNVBAYTAlVTMREw\nDwYDVQQIEwhWaXJnaW5pYTEQMA4GA1UEBxMHSGVybmRvbjESMBAGA1UEChMJUGFy\nYWxsZWxzMRgwFgYDVQQLEw9QYXJhbGxlbHMgUGFuZWwxGDAWBgNVBAMTD1BhcmFs\nbGVscyBQYW5lbDEhMB8GCSqGSIb3DQEJARYSaW5mb0BwYXJhbGxlbHMuY29tMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAse/33TyEe1FcZlLd8/cNyCA1\ng+ralq1GKUDhKZlTR9yDenIPrX0LEiQVpDB+AHoj/stHEv7jHh/xMFsAX+86fVLS\nf/yEeX5TClzsVmshfiXEcjFYw18Q3tCqlLo+95+5lkm41oxgFwEzxHxQhpOOnrRc\nWKy71vPDe9zSloTOLKzGoBxw+vTmNkRKziz25lqQ2kRPvTNxj/GW6/UlMdlUxfsK\nsZlo9q8u0mgUhv5y0rcVexL7XSv9/OE4OkPC/XW59CPURxcbqL1tRKq3XgviH3Tm\nEOSztMDrvzfXfBEuQZsSIZeByPjbytxMgFpu0Z8xSvn7sF2VwgCa0BPVFhepmQID\nAQABMA0GCSqGSIb3DQEBBQUAA4IBAQCBBzpKFFHqkH8zbKWws9UijUKOMMFjAiyB\nmnr+e9Uj3vvymzTfqv9r3BydUEzFpg7Qw8uHqBAYNg5GxZYv8z3A8umpZMKIeA4q\nVgFwN7m84n7FTzZMNW3pplxjrm55fNqi4dGlRJMxhsiFxuZd3zRm5Mxtezki5PTO\nJwlV17gro/FkvxzNdVmm4/w/DaetWLDaKFzoSIff6W3IUcOVgbTw1khgnSgfpDSL\noQpgpnH1hsdL1WOQ/YlYDE2OfEtxGYysHivS0/xyyrIttd9zpLRSys9Un9VIBLuS\nh9RHz5XJB12Mosd7o87B4TAbtbiBWOoByctS2ZrrfFR2ek6BpSdW\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": [], "org": "Equinix Asia Pacific", "data": "220 ProFTPD 1.3.4c Server (ProFTPD) [103.250.72.31]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n UTF8\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n PBSZ\n PROT\n REST STREAM\n SIZE\n211 End", "asn": "AS17819", "isp": "Upright", "cpe": ["cpe:/a:proftpd:proftpd:1.3.4c"], "domains": [], "ip_str": "103.250.72.31", "os": null, "_shodan": {"crawler": "b0f0de701beef55d9f52a22b2c071d0ea384bc26", "ptr": true, "id": "2c6e9f89-8fc6-4362-b853-85b31720d38d", "module": "ftp", "options": {}}}, {"hash": -159476729, "ip": 704362456, "org": "Maroc Telecom", "isp": "Office National des Postes et Telecommunications O", "transport": "udp", "data": "NetBIOS Response\nServername: VODAFONE\nMAC: 00:00:00:00:00:00\n\nNames:\nVODAFONE <0x0>\nVODAFONE <0x3>\nVODAFONE <0x1d>\nVODAFONE <0x1e>\nVODAFONE <0x20>\n\u0001\u0002__MSBROWSE__\u0002 <0x1>\n\nAdditional Interfaces:\n127.0.0.1\n", "asn": "AS36903", "port": 137, "hostnames": [], "location": {"city": "Casablanca", "region_code": "45", "area_code": null, "longitude": -7.619200000000006, "country_code3": "MAR", "latitude": 33.59280000000001, "postal_code": null, "dma_code": null, "country_code": "MA", "country_name": "Morocco"}, "timestamp": "2019-07-23T20:53:42.204002", "domains": [], "ip_str": "41.251.183.216", "os": null, "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "22998c5d-182d-41fe-9570-55d080d33c36", "module": "netbios", "options": {}}, "netbios": {"username": null, "servername": "VODAFONE", "raw": ["80f08400000000010000000020434b414141414141414141414141414141414141414141414141414141414141000021000100000000009b06564f4441464f4e4520202020202020000400564f4441464f4e4520202020202020030400564f4441464f4e45202020202020201d0400564f4441464f4e45202020202020201e8400564f4441464f4e452020202020202020040001025f5f4d5342524f5753455f5f0201840000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", "80f08580000000010000000020464745504545454245474550454f454643414341434143414341434143414341000020000100003840000600007f000001"], "mac": "00:00:00:00:00:00", "names": [{"flags": 1024, "name": "VODAFONE", "suffix": 0}, {"flags": 1024, "name": "VODAFONE", "suffix": 3}, {"flags": 1024, "name": "VODAFONE", "suffix": 29}, {"flags": 33792, "name": "VODAFONE", "suffix": 30}, {"flags": 1024, "name": "VODAFONE", "suffix": 32}, {"flags": 33792, "name": "\u0001\u0002__MSBROWSE__\u0002", "suffix": 1}], "networks": ["127.0.0.1"]}}, {"product": "Apache httpd", "hash": -1420211986, "ip": 3245121572, "org": "Hellenic Open University", "isp": "Hellenic Open University", "transport": "tcp", "cpe": ["cpe:/a:apache:http_server"], "data": "HTTP/1.1 301 Moved Permanently\r\nDate: Tue, 23 Jul 2019 19:47:20 GMT\r\nServer: Apache\r\nLocation: http://127.0.0.1/\r\nExpires: Tue, 23 Jul 2019 19:47:20 GMT\r\nContent-Length: 225\r\nContent-Type: text/html; charset=iso-8859-1\r\nCache-Control: public, max-age=120, stale-while-revalidate=240, stale-if-error=480\r\nX-Varnish: 950899674 560101994\r\nAge: 3973\r\nVia: 1.1 varnish-v4\r\nX-Cache: HIT\r\nX-Cache-Hits: 1\r\nConnection: keep-alive\r\n\r\n", "asn": "AS20813", "port": 80, "hostnames": ["lib.eap.gr"], "location": {"city": "P\u00e1tra", "region_code": "38", "area_code": null, "longitude": 21.734399999999994, "country_code3": "GRC", "latitude": 38.24440000000001, "postal_code": null, "dma_code": null, "country_code": "GR", "country_name": "Greece"}, "timestamp": "2019-07-23T21:01:58.984598", "domains": ["eap.gr"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "301 Moved Permanently", "sitemap_hash": null, "robots": null, "favicon": null, "host": "193.108.160.36", "html": "\n\n301 Moved Permanently\n\n

Moved Permanently

\n

The document has moved here.

\n\n", "location": "/", "components": {}, "securitytxt_hash": null, "server": "Apache", "sitemap": null, "html_hash": -1547342568}, "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "c21210fa-011c-4fe8-8b1e-3795e5fe1e74", "module": "http", "options": {}}, "ip_str": "193.108.160.36"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1618571074}, "hash": -1270688200, "ip": 991466323, "isp": "Korea Telecom", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (NAS2-C90A0C) [192.168.0.4] EUC-KR\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR RETR2 STOR \n STOU APPE REST ABOR USER PASS ACCT* REIN* \n LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "f05fbe3c-739b-43e2-aa42-1bee54f74467", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Gumi", "region_code": "14", "area_code": null, "longitude": 128.3544, "country_code3": "KOR", "latitude": 36.21010000000001, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:54:46.817880", "domains": [], "org": "Korea Telecom", "os": null, "asn": "AS4766", "ip_str": "59.24.147.83"}, {"info": "SIP end point; Status: 200 OK", "hash": 541486411, "ip": 1475344104, "isp": "Virtual Telecom Sp. Z O.o.", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=8b6190-0-13c4-14879b-5fc960e9-14879b\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=5.29.209.65;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer,path\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS56391", "port": 5060, "hostnames": [], "location": {"city": "Lublin", "region_code": "75", "area_code": null, "longitude": 22.5574, "country_code3": "POL", "latitude": 51.24959999999999, "postal_code": "20-078", "dma_code": null, "country_code": "PL", "country_name": "Poland"}, "timestamp": "2019-07-23T20:56:25.365340", "domains": [], "org": "Virtual Telecom Sp. Z O.o.", "os": null, "_shodan": {"crawler": "122dd688b363c3b45b0e7582622da1e725444808", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "87.239.246.232"}, {"hash": -277704156, "ip": 1370369673, "org": "NGI SpA", "isp": "EOLO S.p.A.", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:46:29 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 27 Jun 2019 08:24:42 GMT\r\nConnection: keep-alive\r\nETag: \"5d147d4a-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:46:29 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS35612", "port": 5001, "ssl": {"dhparams": {"prime": "8ee00c3daa3e233f2e165539f5499b979aed0759013efb67565d2764e89fe448d013a642672268255ae89f58bae7f30a157b5fef5a52625186d3f036ea894d6f4480ac2939a3a0d69ade4061315378aeb622316b0c6d3358e32c48327fa7b442f27f804822356e293c8f2db27422b0589c84feb4e0bd33579e4bd87119d3be55e6151ae075f2aac45300614a1299fbccc9c2a5ff6dfdc81010b59cf46c2d7e2ba82f02cbaa988ecfb3029a5b6d60315dbbdf7cd2eb4032bb8d045978d16dc4c73ec81951b7adf3d2a398761856a44b1e71e7e6c97f9eb8a9abea3d1f51b3bd4830aea9533a4737ae246045cb42df3e8b8579516c482c74bd5c1d22c920c5c80b", "public_key": "23b75aedba38e74dd8eb4e5a67da3bcc18c9bbb21c73362ab1e9798ce922b337186274172c80d46912061f094467b46068e5bf21c80c888ce18794dccc51b1fe69d6fa72c621fe8828a9122026c121ccb3414abacea45fedebbc12526b978bf9ad5938b344cfffe34e7ee9819e99b76e45e8937f18761201945efa040a710fbc50c2741e10d19344f17a6987c650538d775a2c8e7e971ed0abeb8dd1e547633252df86406a9b6fa2967e7e75e7ffae9b1d86a77f85f61d7f9477d67be807e84f8689adc164001ff88a43ca62411f92644cd3d10ea112e4043e2f2468b517f54293a32cf166f5dcb67abf1d133c90c3f2a84d2c6f170a15e5fe2449543c9ef457", "bits": 2048, "generator": "520f6fe814c038f24ef15487983377b336f71967e409d15f5a0036f171c078737388f340a7b788bead495b89e308f79ca5c6d222b0f29bb4c9b960cffe1b6e4582740165313aa4edd1c9c86fb091b12829e8a675a0563c1128b060c41b3d1921c07180edadb3868922bd70212521de2d1632410e0ba47cf4de095284d55560febca4c6992a9a5dffc812e84b387aac602a154ca7d64ecae649d44b140dae04fa088f2df1ea989a0c860b7dbb2f5df633f80664e5eae60bf69705731fb1e7d48ef893ab17d7a5efd1aadffeaa511b10b6e65ea6a7566597849532d2e485a09bf5462cd0d1ff54da63b00d95fd9c4debff80a4185b80486c9de5d3ab0c1ece4937"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}, {"id": 15, "name": "heartbeat"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190710093948Z", "expires": "20191008093948Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\xbe]\\x9b\\x10V\\xb5\\xc9\\x19~\\xa7\\x83\\xb6\\r,a\\x02\\xbf\\x98\\x1c\\xcd", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x10\\x82\\x0enextsrl.3cx.it", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf1\\x00\\xef\\x00v\\x00t~\\xda\\x831\\xad3\\x10\\x91!\\x9c\\xce%OBp\\xc2\\xbf\\xfd^B \\x08\\xc675y\\xe6\\x10{\\xccV\\x00\\x00\\x01k\\xdbw\\xc5\\x81\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xcb*5\\x85H\\x88\\xe3f\\xbd\\x15l\\xcb\\xdc\\x18@^\\x1e\\xb4:\\xff_\\xc0X\\xf0[\\xf8\\t@\\xc3\\xfet\\xb4\\x02 \\x10-\\xf8\\x06Wp\\x05\\xff\\xa5~\\xd9\\xfb:\\x00\\x884\\x88S\\xf4\\x10t~XF\\x0c\\xe6r\\xf5\\xb5\\xc2 \\xb2\\x00u\\x00)3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1026100908}, "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "f01e32de-66de-4dad-bbeb-bd7823c9e8e7", "module": "https-simple-new", "options": {}}, "ip_str": "81.174.46.137"}, {"product": "Exim smtpd", "hostnames": [], "hash": 241336078, "ip": 1249839919, "isp": "Cybercon", "transport": "tcp", "cpe": ["cpe:/a:exim:exim:4.92"], "data": "220-kingscpw01.cybercon.com ESMTP Exim 4.92 #2 Tue, 23 Jul 2019 15:55:58 -0500 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-kingscpw01.cybercon.com Hello localhost [127.0.0.1]\r\n250-SIZE 52428800\r\n250-AUTH PLAIN LOGIN\r\n250 HELP\r\n", "asn": "AS7393", "port": 465, "ssl": {"dhparams": {"prime": "afcc2c900ae3e7ed55095b275adfd1511eed5e41c9ee6196ed7c6b2d23ce685c8ac967fc95986d8926362dce286b8670f3089b190ddf69e42efecf1fbcfabf6aa4f1626c873ca08ca337bbed0247b6b62d240a2c07d49808deece477b1c5be7fbd0e2a950b8e915ad90e264ef460b829a1fd9896270a802c5c38437ede894f4a1155282d6509d481614a4a1226f8956337de241acd1370111eb0f4cada0f175472bd1fc02d4946fd0705b6a83fd3e519a0340072b00a4e3ecdaf964c630078c972a7373be3a22262a293f5f6aed053663a4a9b33775964c1d1125908e59a2e50cef350f4d68d4469979ccf7369f4a2187b2f74d1ff97ef30b66c9c441e9f79cb", "public_key": "161c7b0e3ad2d62500238a76ecae05b307efb49f39bec34bdea695d0dc0485678b022af97e4d2b1973680e750fc75a93c9d83eaf5a12b28cba7870ba6c71717d085390670e507beecc3260b0b3c3e46a7823102599617365594c523cf7596a00507fc7644ce730351144e8a350c0fe1c28c0761498599faa9baee80d5651e0fc89b94d7dee0e8704c51c23e78d0f5dc388493bcd5955707ca56800161333e809c5c188cf31074d7e648be17c4a65694a5adc0a72ee5d279b0ec6ba16bded1d5e519220b1845e5270bd23b9150e669282497d73ae6c27f7740cf12dabf6728c227cca720ff46bab87eb2166896743ab087b689f37b028196306ca2f0c079d4d59", "bits": 2048, "generator": 2}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20181213000000Z", "expires": "20210111120000Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"data": "0\\x16\\x80\\x14S\\xca\\x17Y\\xfck\\xc0\\x03!/\\x1a\\xae\\xe4\\xaa\\xa8\\x1c\\x82V\\xdau", "name": "authorityKeyIdentifier"}, {"data": "\\x04\\x14\\x18uA\\xb0\\xff\\xbaI0T\\xf3G\\xbf\\xcf\\x92\\x17\\x9d\\xd9h\\xf8\\xfa", "name": "subjectKeyIdentifier"}, {"data": "0\\x1e\\x82\\x0e*.cybercon.com\\x82\\x0ccybercon.com", "name": "subjectAltName"}, {"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"data": "0503\\xa01\\xa0/\\x86-http://cdp.rapidssl.com/RapidSSLRSACA2018.crl", "name": "crlDistributionPoints"}, {"data": "0C07\\x06\\t`\\x86H\\x01\\x86\\xfdl\\x01\\x020*0(\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1chttps://www.digicert.com/CPS0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x01", "name": "certificatePolicies"}, {"data": "0g0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\\x1ahttp://status.rapidssl.com0=\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x861http://cacerts.rapidssl.com/RapidSSLRSACA2018.crt", "name": "authorityInfoAccess"}, {"data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x82\\x01i\\x01g\\x00u\\x00\\xf6\\\\\\x94/\\xd1w0\"\\x14T\\x18\\x080\\x94V\\x8e\\xe3M\\x13\\x193\\xbf\\xdf\\x0c/ \\x0b\\xccN\\xf1d\\xe3\\x00\\x00\\x01g\\xa8f$r\\x00\\x00\\x04\\x03\\x00F0D\\x02 \\x1c\\xab]\\x16 ms\\xd6:B\\x9e\\x86\\xc49\\xaf\\x1b;Td\\xa3U\\xdejt\\xf6 (U\\xea\\xd7\\xd1z\\x02 M\\xd5R\\xa5\\xed\\xee\\xc5\\xe5\\x90\\xf6Rd&\\x9e\\r^w\\xf9y\\xc1\\xa9rz\\x1f\\x17\\xe8\\xe7y\\xf7\\x98S\\xda\\x00v\\x00\\x87u\\xbf\\xe7Y|\\xf8\\x8cC\\x99_\\xbd\\xf3n\\xffV\\x8dGV6\\xffJ\\xb5`\\xc1\\xb4\\xea\\xff^\\xa0\\x83\\x0f\\x00\\x00\\x01g\\xa8f%K\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xb1uE|W\\xd9X\\xeb&:\\xe2\\x9d\\xa9\\xec\\x0e\\xfe\\xd2\\xbeA\\xe3\\xccy\\x01q\\x94\\xc9F\\x8b\\xa2\\x1aX{\\x02 hs\\xd0\\xb3)~Dh\\x02\\x0c\\xe3\\xe4S\\x02\\x84{\\x19\\xe1\\x05\\x91\\xa33\\xb1!\\xe5]X\\x8c..SF\\x00v\\x00oSv\\xac1\\xf01\\x19\\xd8\\x99\\x00\\xa4Q\\x15\\xffw\\x15\\x1c\\x11\\xd9\\x02\\xc1\\x00)\\x06\\x8d\\xb2\\x08\\x9a7\\xd9\\x13\\x00\\x00\\x01g\\xa8f%\\xd0\\x00\\x00\\x04\\x03\\x00G0E\\x02 \\x0b_\\x03\\xeb\\xd1\\xe7\\xd5@\\x12%\\xa1Zb%\\x08\\\\\\xc0\\x82d:]N\\xb4\\xb8\\xfe\\x92\\xdd\\xac\\x1b\\x94\\xed1\\x02!\\x00\\xfeb,h\\xb2\\xf6\\xb6\\xbcR\\xb2\\x08D/[\\r[\\\\3i/\\xcf\\xe3e\\x10\\xc5\\x12\\xe3\\xa8\\x19\\x122,", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "aca5c7fbcde9e695abf5b5c2a27d5597e242af6c439be844ba0a2dd1d031d5c5", "sha1": "c223ef6c0c05315a9cc7a77bc66a4002616ffabe"}, "serial": 3726720781626065894003833191678286726, "issuer": {"C": "US", "OU": "www.digicert.com", "O": "DigiCert Inc", "CN": "RapidSSL RSA CA 2018"}, "expired": false, "subject": {"CN": "*.cybercon.com"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIGMDCCBRigAwIBAgIQAs29hUTPjBnk4UooDC8bhjANBgkqhkiG9w0BAQsFADBe\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRSYXBpZFNTTCBSU0EgQ0EgMjAxODAe\nFw0xODEyMTMwMDAwMDBaFw0yMTAxMTExMjAwMDBaMBkxFzAVBgNVBAMMDiouY3li\nZXJjb24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbnAq1qw\nyN2w6ucqGHgWoho51d4v2kG0IWPoG2tQBgHKzebIDOePhhHDdlzSQBPXJQh9WU2K\nYVQWFET94EkRtELipe0I8tvIH7arH3IJqZyqkS28uwf1WvLGsEnucVH5fj4l/pSl\ny4LkfRAciP4kcfzwbxQJo7kdtvZ+HhfN/IH1hN44RKmdxichusaoE0ITva0pxo6n\nMkBFMspY5denBSlx5qb6iAtOiQD9trZsUX9VDoEV4so+9F4DkfJ8nwZvwSsEz3Km\nybHo8K7+F8kiJ2bDsjzz7PK0jVfSGao2y/PvgIJU9R7W/i+rGHY6suIJBT6k9At5\neku1rKbieYu6CwIDAQABo4IDLTCCAykwHwYDVR0jBBgwFoAUU8oXWfxrwAMhLxqu\n5KqoHIJW2nUwHQYDVR0OBBYEFBh1QbD/ukkwVPNHv8+SF53ZaPj6MCcGA1UdEQQg\nMB6CDiouY3liZXJjb24uY29tggxjeWJlcmNvbi5jb20wDgYDVR0PAQH/BAQDAgWg\nMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHR8ENzA1MDOgMaAv\nhi1odHRwOi8vY2RwLnJhcGlkc3NsLmNvbS9SYXBpZFNTTFJTQUNBMjAxOC5jcmww\nTAYDVR0gBEUwQzA3BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93\nd3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMCYG\nCCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLnJhcGlkc3NsLmNvbTA9BggrBgEFBQcw\nAoYxaHR0cDovL2NhY2VydHMucmFwaWRzc2wuY29tL1JhcGlkU1NMUlNBQ0EyMDE4\nLmNydDAJBgNVHRMEAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQD2XJQv\n0XcwIhRUGAgwlFaO400TGTO/3wwvIAvMTvFk4wAAAWeoZiRyAAAEAwBGMEQCIByr\nXRYgbXPWOkKehsQ5rxs7VGSjVd5qdPYgKFXq19F6AiBN1VKl7e7F5ZD2UmQmng1e\nd/l5walyeh8X6Od595hT2gB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9e\noIMPAAABZ6hmJUsAAAQDAEcwRQIhALF1RXxX2VjrJjrinansDv7SvkHjzHkBcZTJ\nRouiGlh7AiBoc9CzKX5EaAIM4+RTAoR7GeEFkaMzsSHlXViMLi5TRgB2AG9Tdqwx\n8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZ6hmJdAAAAQDAEcwRQIgC18D\n69Hn1UASJaFaYiUIXMCCZDpdTrS4/pLdrBuU7TECIQD+Yixosva2vFKyCEQvWw1b\nXDNpL8/jZRDFEuOoGRIyLDANBgkqhkiG9w0BAQsFAAOCAQEAee/vlSbXW6ay3/Ip\nBfvnd5q6fu5AQgNnGmy4eQkeuen6/rsRrYTc++5CP0bO9boEzfSpZ/v4Lk9N9NmV\nXsdHErPrW6e4Juwhwxxdzb2Si/BYP+KV6J8yQlQZFZ4prAULFL5RTeu8CAJnSE2q\nmXb0SKDICbOGbqmJHTDoMuZ3Oe7y0uVd2HgTQAxhklIdPXX4ZizRh7rTRJ3nzQZ7\nb0AgOxc+HM9j4dGsKJJX7WTvkTieGL3FyXFwm4boQyrmTmmqb2WCpdR9xi0ARznN\n9S7aE+J6BJBWTpnSz4YeYbRaa8Av/09Cxhw94w4/PS14AkLE2oyNB4yGhHkppMdk\nz4NLBA==\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEsTCCA5mgAwIBAgIQCKWiRs1LXIyD1wK0u6tTSTANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0xNzExMDYxMjIzMzNaFw0yNzExMDYxMjIzMzNaMF4xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xHTAbBgNVBAMTFFJhcGlkU1NMIFJTQSBDQSAyMDE4MIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEA5S2oihEo9nnpezoziDtx4WWLLCll/e0t1EYemE5n\n+MgP5viaHLy+VpHP+ndX5D18INIuuAV8wFq26KF5U0WNIZiQp6mLtIWjUeWDPA28\nOeyhTlj9TLk2beytbtFU6ypbpWUltmvY5V8ngspC7nFRNCjpfnDED2kRyJzO8yoK\nMFz4J4JE8N7NA1uJwUEFMUvHLs0scLoPZkKcewIRm1RV2AxmFQxJkdf7YN9Pckki\nf2Xgm3b48BZn0zf0qXsSeGu84ua9gwzjzI7tbTBjayTpT+/XpWuBVv6fvarI6bik\nKB859OSGQuw73XXgeuFwEPHTIRoUtkzu3/EQ+LtwznkkdQIDAQABo4IBZjCCAWIw\nHQYDVR0OBBYEFFPKF1n8a8ADIS8aruSqqByCVtp1MB8GA1UdIwQYMBaAFAPeUDVW\n0Uy7ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF\nBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQo\nMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBCBgNVHR8E\nOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9i\nYWxSb290Q0EuY3JsMGMGA1UdIARcMFowNwYJYIZIAYb9bAECMCowKAYIKwYBBQUH\nAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCwYJYIZIAYb9bAEBMAgG\nBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcNAQELBQADggEBAH4jx/LKNW5ZklFc\nYWs8Ejbm0nyzKeZC2KOVYR7P8gevKyslWm4Xo4BSzKr235FsJ4aFt6yAiv1eY0tZ\n/ZN18bOGSGStoEc/JE4ocIzr8P5Mg11kRYHbmgYnr1Rxeki5mSeb39DGxTpJD4kG\nhs5lXNoo4conUiiJwKaqH7vh2baryd8pMISag83JUqyVGc2tWPpO0329/CWq2kry\nqv66OSMjwulUz0dXf4OHQasR7CNfIr+4KScc6ABlQ5RDF86PGeE6kdwSQkFiB/cQ\nysNyq0jEDQTkfa2pjmuWtMCNbBnhFXBYejfubIhaUbEv2FOQB3dCav+FPg5eEveX\nTVyMnGo=\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\nb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\nCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\nnh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\nT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\ngdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\nBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\nTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\nDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\nhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\nPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\nYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\nCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n-----END CERTIFICATE-----\n"], "alpn": []}, "version": "4.92", "location": {"city": "Saint Louis", "region_code": "MO", "area_code": 314, "longitude": -90.1922, "country_code3": "USA", "latitude": 38.63120000000001, "postal_code": "63101", "dma_code": 609, "country_code": "US", "country_name": "United States"}, "timestamp": "2019-07-23T20:56:14.406677", "domains": [], "org": "Cybercon", "os": null, "_shodan": {"crawler": "0636e1e6dd371760aeaf808ed839236e73a9e74d", "ptr": true, "id": "c89bc651-23f7-4a30-ad19-28d9181a6311", "module": "smtps", "options": {}}, "ip_str": "74.127.11.47"}, {"hash": -1234005455, "ip": 2070754911, "isp": "Tbroad Suwon Broadcasting Corporation", "transport": "tcp", "data": "\n\n400 Bad Request\n\n

Bad Request

\n

Your browser sent a request that this server could not understand.
\n

\n
\n
Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8g DAV/2 PHP/5.2.11 with Suhosin-Patch Server at 127.0.0.1 Port 80
\n\n", "asn": "AS38096", "port": 9051, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 126.97410000000002, "country_code3": "KOR", "latitude": 37.5112, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:55:19.858670", "domains": [], "org": "Qrixnowoncable", "os": null, "_shodan": {"crawler": "4f9b846181c7a8a68bcc980ab6b9f2b340ab5fb2", "ptr": true, "id": null, "module": "tor-control", "options": {}}, "ip_str": "123.109.54.95"}, {"info": "SIP end point; Status: 200 OK", "hash": -661202902, "ip": 1864605892, "isp": "China Mobile Shandong", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=35e008-0-13c4-2eaf5-38f144d8-2eaf5\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=63.56.34.231;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer,path\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS24444", "port": 5060, "hostnames": [], "location": {"city": null, "region_code": "25", "area_code": null, "longitude": 120.37189999999998, "country_code3": "CHN", "latitude": 36.098600000000005, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:56:23.152343", "domains": [], "org": "China Mobile Shandong", "os": null, "_shodan": {"crawler": "339d3eded941e01ca426596e93f3fdf4c9346ccd", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "111.35.160.196"}, {"ip": 1422394923, "product": "Squid http proxy", "hostnames": [], "hash": -1180448250, "timestamp": "2019-07-23T20:55:08.093079", "org": "Accelerated IT Services GmbH", "isp": "Accelerated IT Services GmbH", "transport": "tcp", "cpe": ["cpe:/a:squid-cache:squid:3.1.19"], "data": "HTTP/1.0 400 Bad Request\r\nServer: squid/3.1.19\r\nMime-Version: 1.0\r\nDate: Tue, 23 Jul 2019 20:38:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 3150\r\nX-Squid-Error: ERR_INVALID_URL 0\r\nVary: Accept-Language\r\nContent-Language: en\r\nX-Cache: MISS from 127.0.0.1\r\nX-Cache-Lookup: NONE from 127.0.0.1:3128\r\nVia: 1.0 127.0.0.1 (squid/3.1.19)\r\nConnection: close\r\n\r\n", "asn": "AS31400", "port": 3128, "version": "3.1.19", "location": {"city": null, "region_code": null, "area_code": null, "longitude": 9.491000000000014, "country_code3": "DEU", "latitude": 51.29929999999999, "postal_code": null, "dma_code": null, "country_code": "DE", "country_name": "Germany"}, "vulns": {"CVE-2014-7141": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "http://seclists.org/oss-sec/2014/q3/539", "http://seclists.org/oss-sec/2014/q3/612", "http://seclists.org/oss-sec/2014/q3/626", "http://ubuntu.com/usn/usn-2422-1", "http://www.securityfocus.com/bid/69688", "http://www.squid-cache.org/Advisories/SQUID-2014_4.txt", "https://bugzilla.novell.com/show_bug.cgi?id=891268"], "cvss": 6.4, "summary": "The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet."}, "CVE-2014-7142": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "http://seclists.org/oss-sec/2014/q3/539", "http://seclists.org/oss-sec/2014/q3/613", "http://seclists.org/oss-sec/2014/q3/626", "http://ubuntu.com/usn/usn-2422-1", "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "http://www.securityfocus.com/bid/70022", "http://www.squid-cache.org/Advisories/SQUID-2014_4.txt", "https://bugzilla.novell.com/show_bug.cgi?id=891268"], "cvss": 6.4, "summary": "The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size."}, "CVE-2016-4555": {"verified": false, "references": ["http://bugs.squid-cache.org/show_bug.cgi?id=4455", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html", "http://www.debian.org/security/2016/dsa-3625", "http://www.openwall.com/lists/oss-security/2016/05/06/3", "http://www.openwall.com/lists/oss-security/2016/05/06/5", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securitytracker.com/id/1035770", "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt", "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch", "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch", "http://www.ubuntu.com/usn/USN-2995-1", "https://access.redhat.com/errata/RHSA-2016:1139", "https://access.redhat.com/errata/RHSA-2016:1140", "https://security.gentoo.org/glsa/201607-01"], "cvss": 5.0, "summary": "client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses."}, "CVE-2012-5643": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "http://lists.opensuse.org/opensuse-updates/2013-01/msg00052.html", "http://lists.opensuse.org/opensuse-updates/2013-01/msg00075.html", "http://lists.opensuse.org/opensuse-updates/2013-09/msg00025.html", "http://lists.opensuse.org/opensuse-updates/2013-09/msg00032.html", "http://openwall.com/lists/oss-security/2012/12/17/4", "http://rhn.redhat.com/errata/RHSA-2013-0505.html", "http://ubuntu.com/usn/usn-1713-1", "http://www.debian.org/security/2013/dsa-2631", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:129", "http://www.securitytracker.com/id?1027890", "http://www.squid-cache.org/Advisories/SQUID-2012_1.txt", "http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10479.patch", "http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11714.patch", "https://bugs.gentoo.org/show_bug.cgi?id=447596", "https://bugzilla.redhat.com/show_bug.cgi?id=887962", "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0368"], "cvss": 5.0, "summary": "Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials."}, "CVE-2016-4556": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html", "http://www.debian.org/security/2016/dsa-3625", "http://www.openwall.com/lists/oss-security/2016/05/06/3", "http://www.openwall.com/lists/oss-security/2016/05/06/5", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securitytracker.com/id/1035770", "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt", "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch", "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch", "http://www.ubuntu.com/usn/USN-2995-1", "https://access.redhat.com/errata/RHSA-2016:1138", "https://access.redhat.com/errata/RHSA-2016:1139", "https://access.redhat.com/errata/RHSA-2016:1140", "https://security.gentoo.org/glsa/201607-01"], "cvss": 5.0, "summary": "Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response."}, "CVE-2016-10002": {"verified": false, "references": ["http://rhn.redhat.com/errata/RHSA-2017-0182.html", "http://rhn.redhat.com/errata/RHSA-2017-0183.html", "http://www.debian.org/security/2016/dsa-3745", "http://www.openwall.com/lists/oss-security/2016/12/18/1", "http://www.securityfocus.com/bid/94953", "http://www.securitytracker.com/id/1037513", "http://www.squid-cache.org/Advisories/SQUID-2016_11.txt"], "cvss": 5.0, "summary": "Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information."}, "CVE-2016-4054": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html", "http://www.debian.org/security/2016/dsa-3625", "http://www.openwall.com/lists/oss-security/2016/04/20/6", "http://www.openwall.com/lists/oss-security/2016/04/20/9", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/86788", "http://www.securitytracker.com/id/1035647", "http://www.squid-cache.org/Advisories/SQUID-2016_6.txt", "http://www.ubuntu.com/usn/USN-2995-1", "https://access.redhat.com/errata/RHSA-2016:1138", "https://access.redhat.com/errata/RHSA-2016:1139", "https://access.redhat.com/errata/RHSA-2016:1140", "https://security.gentoo.org/glsa/201607-01"], "cvss": 6.8, "summary": "Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses."}, "CVE-2016-4051": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html", "http://www.debian.org/security/2016/dsa-3625", "http://www.openwall.com/lists/oss-security/2016/04/20/6", "http://www.openwall.com/lists/oss-security/2016/04/20/9", "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/86788", "http://www.securityfocus.com/bid/91787", "http://www.securitytracker.com/id/1035646", "http://www.squid-cache.org/Advisories/SQUID-2016_5.txt", "http://www.ubuntu.com/usn/USN-2995-1", "https://access.redhat.com/errata/RHSA-2016:1138", "https://access.redhat.com/errata/RHSA-2016:1139", "https://access.redhat.com/errata/RHSA-2016:1140", "https://security.gentoo.org/glsa/201607-01"], "cvss": 6.8, "summary": "Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data."}, "CVE-2016-4053": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html", "http://www.debian.org/security/2016/dsa-3625", "http://www.openwall.com/lists/oss-security/2016/04/20/6", "http://www.openwall.com/lists/oss-security/2016/04/20/9", "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/86788", "http://www.securityfocus.com/bid/91787", "http://www.securitytracker.com/id/1035647", "http://www.squid-cache.org/Advisories/SQUID-2016_6.txt", "http://www.ubuntu.com/usn/USN-2995-1", "https://access.redhat.com/errata/RHSA-2016:1138", "https://access.redhat.com/errata/RHSA-2016:1139", "https://access.redhat.com/errata/RHSA-2016:1140", "https://security.gentoo.org/glsa/201607-01"], "cvss": 4.3, "summary": "Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization."}, "CVE-2016-4052": {"verified": false, "references": ["http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html", "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html", "http://www.debian.org/security/2016/dsa-3625", "http://www.openwall.com/lists/oss-security/2016/04/20/6", "http://www.openwall.com/lists/oss-security/2016/04/20/9", "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.securityfocus.com/bid/86788", "http://www.securityfocus.com/bid/91787", "http://www.securitytracker.com/id/1035647", "http://www.squid-cache.org/Advisories/SQUID-2016_6.txt", "http://www.ubuntu.com/usn/USN-2995-1", "https://access.redhat.com/errata/RHSA-2016:1138", "https://access.redhat.com/errata/RHSA-2016:1139", "https://access.redhat.com/errata/RHSA-2016:1140", "https://security.gentoo.org/glsa/201607-01"], "cvss": 6.8, "summary": "Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses."}}, "domains": [], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "ERROR: The requested URL could not be retrieved", "sitemap_hash": null, "robots": null, "favicon": null, "host": "84.200.6.43", "html": "\n\n\nERROR: The requested URL could not be retrieved\n\n\n
\n

ERROR

\n

The requested URL could not be retrieved

\n
\n
\n\n
\n

The following error was encountered while trying to retrieve the URL: /

\n\n
\n

Invalid URL

\n
\n\n

Some aspect of the requested URL is incorrect.

\n\n

Some possible problems are:

\n
    \n
  • Missing or incorrect access protocol (should be http:// or similar)

  • \n
  • Missing hostname

  • \n
  • Illegal double-escape in the URL-Path

  • \n
  • Illegal character in hostname; underscores are not allowed.

  • \n
\n\n

Your cache administrator is webmaster.

\n
\n
\n\n
\n
\n

Generated Tue, 23 Jul 2019 20:38:13 GMT by 127.0.0.1 (squid/3.1.19)

\n\n
\n\n", "location": "/", "components": {}, "securitytxt_hash": null, "server": "squid/3.1.19", "sitemap": null, "html_hash": -823580653}, "os": null, "_shodan": {"crawler": "339d3eded941e01ca426596e93f3fdf4c9346ccd", "ptr": true, "id": "abef499c-6f16-43d6-99cb-d8b3114ffabb", "module": "http-simple-new", "options": {}}, "ip_str": "84.200.6.43"}, {"hash": 527031050, "ip": 2857387878, "org": "New Group Telecomunicacoes LTDA", "isp": "New Group Telecomunicacoes LTDA", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:55:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 27 Jun 2019 07:24:42 GMT\r\nConnection: keep-alive\r\nETag: \"5d146f3a-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:55:24 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS263905", "port": 5001, "ssl": {"dhparams": {"prime": "b8c87adafd8080d9e777714feada25578af411b4a3bdc530c076022b146cec64c393c3f9fd7345487254b8f89b7288b0eafdbe5fcdddadb244b47e218c9d7d0b0c1d35e89de8a47cda81d6d3ae57dbec8154a8a632f0dba41613fdb58e58240f8068bc547b99723aea6e95e6cf5c221b3e7d67f71662fba1222adc77d68fbca8fef1b613d64dc630cf4134cdffb3369810beb4fc180ef0a8d273d5fef63b418af94ea6ebad79f0eaa4f8e636e69688233ea0f5360e62ecf2ba6af01e2562637801e2b2196a9e8de0ff57d5097764ac98ab78f144ba206d8303d3dc1e898d25377605c2fd42b25062a8169f8b2414855af2dbc3d386ad4f560f0dbacdc784196d", "public_key": "b5b4cfeeb475be0d2577d27d8b47b4b707cfdcdc0ce370bc6bcfa78b3c14e109f4278988f296a2744a12412dc6e0bee09d383bf67120067f2f2f8a0709f920f28cfb8e90b2c668d9cd8f2a1cf48d5e968f354ac2620aacb001dfcf71aafbd5ad333066b8c39f3ab71471269117e60c78205806ae19c8cf55b147d7f2a755474d623576ba4f9f59012ac97cfc67f4e0a719f9525eb118c359e2de14b788b6b08dead5154b4c1ffe310981a0dd7922e60fd1a1d621b9dfc3c45f46b8e44d878b7217dffc9746912f7843412e5047a0b336f4dcded9384f0022a184e731d1ed6305d7835e83d2ba18ef6a8e0d0fda2f218f4bc8a78cdf477a48f09039c1768597ff", "bits": 2048, "generator": "a71f62cf2050048318c0ece9a8b2c6acfd2944030fec3d561e37d0fee25f11ad7d2bacdf5eeda5191b18cbd1ce08fc61f481233fb0c91a570ae0034662587db44ed5d4fe81f7787c873448215529f8cbe49294c774c8bcf6b91a4a5683c75e5832f7a3565f896d7e31281e33276c66801f810d3df8a2e2c50404c7d1b76c8f9d7d3ef4d4b68073860c456c6b393ef8a3145dfc1b6b5ce3c1fda471e1dd4e9088a2a8f030e41fd4f6659b0cb20ecea1cf7bf8d84091bf3ce21f8790e8a1f6022c1c050a46093f990cc6fe6118fdadab93f2764c6baf3e9591ab96bc47ad576be99f5c257c2be6717b34427a9f93fd99d516bddb3adab5b06984891191d21ced9c"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190625225907Z", "expires": "20190923225907Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\x0b\\xd2XZ\\x81tk\\x94\\xdc;\\xd3\\xc1\\xf0\\x8c\\xbfX\\n\\xa8l\\xc4", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x1d\\x82\\x1bresidencialsamambaia.3cx.us", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf1\\x00\\xef\\x00u\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01k\\x91\\x14.\\xbb\\x00\\x00\\x04\\x03\\x00F0D\\x02 (J\\xcf\\xff1\\xa6@\\x8c\\xdf\\xddU\\x05\\x95\\x81J\\x93\\x97\\x16)(C\\x13\\xb6R\\x1e\\xe5\\xecQ|#\\xfd\\x1d\\x02 {\\xfd\\x1a\".V\\xa3m\\x8a\\xac\\x86*\\xe6E5\\xf2\\xe8\\xff\\xce\\xd3.U\\xadTI\\xec\\x81\\xf1\\xf8~\\x8ae\\x00v\\x00)3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1026100908}, "os": null, "_shodan": {"crawler": "f7946cbe2dc20c40fcbcb81ad90aa01731b690ab", "ptr": true, "id": "55068cdf-b107-4bec-a5e8-bab87364cb4d", "module": "https-simple-new", "options": {}}, "ip_str": "170.80.71.102"}, {"ip": 1370070296, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPRT": {"parameters": []}, "PBSZ": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "MDTM": {"parameters": []}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "SSCN": {"parameters": []}, "CCC": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -380912967}, "version": "1.3.5b", "location": {"city": "Berlin", "region_code": "16", "area_code": null, "longitude": 13.400000000000006, "country_code3": "DEU", "latitude": 52.516699999999986, "postal_code": "12529", "dma_code": null, "country_code": "DE", "country_name": "Germany"}, "vulns": {"CVE-2019-12815": {"verified": false, "references": ["http://bugs.proftpd.org/show_bug.cgi?id=4372", "https://github.com/proftpd/proftpd/pull/816", "https://tbspace.de/cve201912815proftpd.html"], "cvss": 7.5, "summary": "An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306."}}, "product": "ProFTPD", "hash": -575033819, "tags": ["starttls", "self-signed"], "timestamp": "2019-07-23T20:56:05.443156", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20170122115512Z", "expires": "20180122115512Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 0, "extensions": [], "fingerprint": {"sha256": "ee4ecb1f2563e27ccd6405c7a35a890b983cc85a6aef78c26a72f7ff834e1cff", "sha1": "98efe6124d54b3c13ac1a005b3562efddb882d54"}, "serial": 1485086112, "issuer": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}, "expired": true, "subject": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIDfTCCAmUCBFiEnaAwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw\nEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP\nZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B\nCQEWDmluZm9AcGxlc2suY29tMB4XDTE3MDEyMjExNTUxMloXDTE4MDEyMjExNTUx\nMlowgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH\nEwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE\nAxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FUsCkPedWJTzVclG5dkMfiIVZsYRL9V\nhfuvB4giVwKj2YAgeWgbQh32Rlxb7sbsTkWq6bsCDAPeoJrzAGkqKmCY2cSpPBCK\nkC03VNHAwx2SdGAvc1zaNKDcazIBK2Ikn1EL26Y0Nn0Bx+Prz7TBCFP7T+o65/f7\nRC42PuitTPc4EdiV6JcQZ/9mKhsjOk2wCguADh0H3X9vdTtTaXl6UjFq02QKJQ9D\n6Y/cB7qBwOCheUp0ryh6GhyWj0OT/PFd6QC4Jan75CkJvfuWvTQz/f5BOTuTXtbF\n7U83APoOZet74IvF8aTxWrwM7T3oqY+5sXEOIhQMnfX8E33wxZWdAQIDAQABMA0G\nCSqGSIb3DQEBCwUAA4IBAQB6/aRLWFjnlrtJR2AMwFm0yjQZNm0Ge4GN8PoFtd3s\nRyWXXiZZzxJGbmN+9elrq4Dg9rWk98AhJT8TyUgWs6ZJ8rhsS3sRz3Ld8DQBwfiC\nbe1Q2RSs0jvRecb/7V6ZP+PCkjQzPcceWPGizHMbbX1DM/VNfVRyrrAtbP0v5y8Y\n3h5q+xRGj++X99CsAmccHkmNMVu+Eu3A/dZL3HkzIsoMsFvNfE1K44fRIp7AK8Yq\nKHCXKgp2xtFCeCeqMIxkUpgLbufyjsYUfZxraFYzY+xUkL9bYGmOWiEDnIlRGV1V\nq2pUIYsz6a04V7+TlNe2GILmr2MrajiJJO8wp2LIKjjg\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["h2390048.stratoserver.net"], "org": "Strato AG", "data": "220 ProFTPD 1.3.5b Server (ProFTPD) [81.169.157.24]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n UTF8\n LANG en-US*\n EPRT\n EPSV\n MDTM\n SSCN\n TVFS\n MFMT\n SIZE\n PROT\n CCC\n PBSZ\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n211 End", "asn": "AS6724", "isp": "Strato AG", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5b"], "domains": ["stratoserver.net"], "ip_str": "81.169.157.24", "os": null, "_shodan": {"crawler": "4f9b846181c7a8a68bcc980ab6b9f2b340ab5fb2", "ptr": true, "id": "c84fe9ad-f568-4d87-b420-2e28e1b6ebcf", "module": "ftp", "options": {}}}, {"hash": 1589870594, "ip": 3308410421, "org": "TE Data", "isp": "TE Data", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:53:44 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 27 Jun 2019 07:24:42 GMT\r\nConnection: keep-alive\r\nETag: \"5d146f3a-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:53:44 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS8452", "port": 5001, "ssl": {"dhparams": {"prime": "d11052ff89ebb60c2da131e10a2156dc5356d465fe06b4678ba8cb562fabd4fdde93f4c2c20770f87b1e3e8e48cbcaa32ec5a5b2232bdbcc496bfdadf89f7a9cd49bcddb2ffe12b1ff7662c8599fbb37cda7612584760728d9039e65ef8fdf6f569764d43fd6eadb97700f6bd071dfcd64d0879d0adfcfb7a4c8a7a249c71b31e3a72a148ccfb82d9cfa870b7e8070f5fbf1df851d94356394f2fe68e0c8f5323fdad94245b605ce63ccb6ebfeb53d8a7fb1b6b005959ce63159fe864252b176dd5a61339f0b3cbe1ee8396f85cc8f19ad911acd0622ec49b5022680308ee99b0bea566cf2db877ef221305c16a0ed9f79291cb1c13fce627c9dbb1787fb9119", "public_key": "6317ac918a5b8b86bb39fd6764eee1d3e7860ff44ca7c85f7b6ba44e92a7fadea85a27debef99df5693deac800563ff2fc3cc2007634989d46d393bb932091e2eba26592e5aca036383ca276d615cb104000e0b1022e69760edc532f4cf9649f631f34820d1e21fd8570871d214a62df93bcd3a938f727683284de5d105097e9e98d823065e4b949713bf29237b2a955d903321d4fa56924a8ef28adda4074e33d8e986253d31a7eef8cc41d09b0af988c8c934f266ef910ca67bddb51593529f2294669f304a2d865c21bb1e2f2e7f86ccd18245e822b139a027c896ea94085d60a104b2c9aa65bd6057b8243c50d8aa5ea8d214e53c7cf367dea971266a16a", "bits": 2048, "generator": "7da185a0e7af55be5752d8d2e4c048f97c07f0b09643badf07a16feff3231e2484c307bf587c5935bb5b6c65e9286e87ec126bde8a857bb7e6df89ddb332da6434cb12a8e2c9ce4fca5a2a6ab52ae75b1cdadd977300b3a805f21d00ea2e3f2e574c2f5c98fb1ffee4cb8fd366a95b766752d3e1e5e635d261c5a90d320fe00796ba4f303cfe09a71860a4c5646a627704c0f3649d48c85518d5e26b67dc185b41459e41fb35936aa9a0892bc5bec5df72e372a77e93dd6bf5f22ba56875e57c4731f0fdafc50909d13da8a3e8df6bebbf0ae983217ec60feb6c549e959784a976470a3f4eb851b1f3d833fc865d0510ccb48103153045286873e66d1a65e5b3"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190610231428Z", "expires": "20190908231428Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\'f\\xbdA\\xb8\\xec\\xa4>\\x1d\\xf0V}\\x10\\xd5$2o\\xf0\\xf9K", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x18\\x82\\x16rwafialahlam.ca.3cx.us", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00v\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01kC\\xe2\\xdb\\x81\\x00\\x00\\x04\\x03\\x00G0E\\x02 :`\\xee\\x1e?\\xf8\\x07_cJ\\x92!\\xb1\\xb9\\xdcJ\\tqj\\xf6\\xe1 b\\xde\\xd8\\x87\\x8bd\\n\\xe3\\x8b%\\x02!\\x00\\xcf\\xee>r\\x03\\x9eH\\x93\\x91\\x08\\xd2\\x9dm\\xe9\\xa3\\xf5QS\\xa9s%\\xa6\\x94L\\xe0\\x105\\xd6\\x80\\x06\\xfa\\x06\\x00v\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01kC\\xe2\\xd9\\xb5\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\x90g\\x95R\\x84B\\x935\\x1c\\x94\\xdb\\x89\\x16\\xa5i\\x82q\\x137;\\xce\\xfb\\xf1\\xfd\\x9c\\x08-\\x18\\xe2\\xc1H\\xb2\\x02 PH\\r\\r\\r=qK\\xfc\\x05A^\\x0b\\xd2\\xd7f\\xb5\\xc3\\xc3I#\\xc8\\xbf\\xbc\\xc3vaae\\x07L\\xa1", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "b19f9f85d093f8d42f7eb752b43f60d1ed6cf3a7f20f297db05713fb1fdf6884", "sha1": "9997d26b24061126864f4777c358c8f22a251d7a"}, "serial": 321880854194715390736037222861980300810243, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "rwafialahlam.ca.3cx.us"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFZDCCBEygAwIBAgISA7HsPY/VsPB0rgxuXSFNORgDMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MTAyMzE0MjhaFw0x\nOTA5MDgyMzE0MjhaMCExHzAdBgNVBAMTFnJ3YWZpYWxhaGxhbS5jYS4zY3gudXMw\nggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9a3+Fa/d9wkWCls3ZKKp4\nwty+SV+RVP4A0ycbRAUm0z1qDNqJjK1Q9ap6n2Z5rIQW5d6CP0psGT5hLUC1mSvW\n4d9Z80OxgqQH+98uuzVqvtKOpgP2+DYS/g/W1bNZUZCih8l7mR7612OBfzWuLyOv\nHM6/bXeg7E01YuluKyDlISdpOADph1WpWCT3xC/OiYZlbBPolR98A57RPOWKtW5l\neKzqxIFL0lOP5mTang+ZzFwQBh4Cu1Hma7SbFq/XT5itTOWNsIrrCG5toF7DzEM6\n/WlViXMdDm3VeFDsQCQM++UtFbcZwYLTZwBsUY3+u726qAXskMx/XYvA/9kJqrc/\nAgMBAAGjggJrMIICZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH\nAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCdmvUG47KQ+HfBW\nfRDVJDJv8PlLMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsG\nAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNl\nbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNl\nbmNyeXB0Lm9yZy8wIQYDVR0RBBowGIIWcndhZmlhbGFobGFtLmNhLjNjeC51czBM\nBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB\nFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUE\ngfIA8AB2AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABa0Pi24EA\nAAQDAEcwRQIgOmDuHj/4B19jSpIhsbncSglxavbhIGLe2IeLZArjiyUCIQDP7j5y\nA55Ik5EI0p1t6aP1UVOpcyWmlEzgEDXWgAb6BgB2AGPy283oO8wszwtyhCdXazOk\njWF3j711pjixx2hUS9iNAAABa0Pi2bUAAAQDAEcwRQIhAJBnlVKEQpM1HJTbiRal\naYJxEzc7zvvx/ZwILRjiwUiyAiBQSA0NDT1xS/wFQV4L0tdmtcPDSSPIv7zDdmFh\nZQdMoTANBgkqhkiG9w0BAQsFAAOCAQEACI7YV7t8FhttNcPWr+G21cq4RzKyhHaw\noXryANlDDvMCGJ04zr+F1NiLgcACWziclorx+zQRNsfp/VYWFeQMu3BFaKplHkwp\npljIouvUVVbmr+3JO5KvbmS0yBhMwpy5mFo9ROSqwbvNgNScYQwUK2gNADFh8vAP\n8UiwlDKSSwz/GnU/pVJ/lCPS6qlVtONb86oDwul8Ri6TiihlD/+PIY1y1sjfoXJC\nlFhrD0i19h6uUogavFYq80nIdTlZHnyA7KwE+nbSOO5K8QJKFXRP632+HMmwAom8\nJS99oImM+fY3WjwNTTXtGFtZmfI+zv1af0YCKySbtbSnilB4ApgzOA==\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["h2", "http/1.1"]}, "hostnames": ["host-197.50.86.53.tedata.net"], "location": {"city": "Cairo", "region_code": "11", "area_code": null, "longitude": 31.285899999999998, "country_code3": "EGY", "latitude": 30.0771, "postal_code": null, "dma_code": null, "country_code": "EG", "country_name": "Egypt"}, "timestamp": "2019-07-23T20:53:44.587399", "domains": ["tedata.net"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://197.50.86.53:5001/favicon.ico"}, "host": "197.50.86.53", "html": "3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1026100908}, "os": null, "_shodan": {"crawler": "e9392a930ba74a5a7a9a04c307d8f2d045dad4b4", "ptr": true, "id": "bad14f7f-95be-4f94-b1c1-da197121eb41", "module": "https-simple-new", "options": {}}, "ip_str": "197.50.86.53"}, {"info": "SIP end point; Status: 404 Not Found", "hash": -2126993215, "ip": 3200566385, "isp": "Haiti Networking Group S.A.", "transport": "udp", "data": "SIP/2.0 404 Not Found\r\nFrom: ;tag=root\r\nTo: ;tag=102a7550-0-13c4-40030-179e7bf1-19ed7ad5-179e7bf1\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=210.73.128.57;rport=26810;branch=foo\r\nSupported: replaces,100rel,timer,UPDATE,INFO\r\nAccept: application/sdp\r\nContact: sip:@127.0.0.1:5060\r\nAllow: INVITE,ACK,CANCEL,BYE,OPTIONS,REFER,INFO,NOTIFY,PRACK,MESSAGE\r\nContent-Length: 0\r\n\r\n", "asn": "AS27759", "port": 5060, "hostnames": ["client-196-113.hainet.net"], "location": {"city": "Port-au-prince", "region_code": "11", "area_code": null, "longitude": -72.335, "country_code3": "HTI", "latitude": 18.539199999999994, "postal_code": null, "dma_code": null, "country_code": "HT", "country_name": "Haiti"}, "timestamp": "2019-07-23T21:03:20.260449", "domains": ["hainet.net"], "org": "Haiti Networking Group S.A.", "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "190.196.196.113"}, {"ftp": {"features": {"LANG": {"parameters": ["en-GB.UTF-8"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.groupname", "UNIX.mode", "UNIX.owner", "UNIX.ownername"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "HOST": {"parameters": []}, "CLNT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": -1806531448}, "hash": -744169071, "tags": ["starttls"], "ip": 3158358851, "isp": "Hosting Systems", "transport": "tcp", "data": "220 ProFTPD Server (ProFTPD) [188.64.187.67]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n STOR STOU APPE REST ABOR USER PASS ACCT* \n REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n AUTH TLS\n CCC\n CLNT\n EPRT\n EPSV\n HOST\n LANG en-GB.UTF-8*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;\n PBSZ\n PROT\n REST STREAM\n SIZE\n SSCN\n TVFS\n UTF8\n211 End", "_shodan": {"crawler": "93b89eaabe5431ba7f29e8d442c5903ef6e244f6", "ptr": true, "id": "44f52694-7092-4782-ba89-a6d86f8677de", "module": "ftp", "options": {}}, "port": 21, "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190615082945Z", "expires": "20190913082945Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\x8c\\xdb\\xa1\\xa1k\\xd1\\x9aR\\r\\x0fS\\x16\\xb9t\\x0c$O]\\xf5%", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x19\\x82\\x17plesk.mhglobalmc4.co.uk", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00v\\x00oSv\\xac1\\xf01\\x19\\xd8\\x99\\x00\\xa4Q\\x15\\xffw\\x15\\x1c\\x11\\xd9\\x02\\xc1\\x00)\\x06\\x8d\\xb2\\x08\\x9a7\\xd9\\x13\\x00\\x00\\x01kZx\\xaa\\xcf\\x00\\x00\\x04\\x03\\x00G0E\\x02 %\\xdc#jm\\x1f\\xe8\\x08b\\x1b\\xb1\\xb7\\x9e94\\x8dy\\xad\\\\\\xff>\\xf9x\\x07\\xaf\\xad\\xf9\\xd5);\\xf6\\xff\\x02!\\x00\\xab\\x96\\x00\\x18Us\\xbe\\x9b\\xe0\\xb0\\xf3\\xd4\\xd0z\\xe2I\\xd8xp\\xf0\\n\\xba\\xbbK\\xd8\\xaaX\\x8c\\x1a:\\xa2e\\x00v\\x00)\\n\\n400 Bad Request\\n\\n

Bad Request

\\n

Your browser sent a request that this server could not understand.
\\n

\\n
\\n
Apache/2.2.22 (Debian) Server at 127.0.0.1 Port 81
\\n\\n", "asn": "AS41727", "port": 81, "hostnames": ["dynamicip-94-181-224-74.pppoe.kirov.ertelecom.ru"], "location": {"city": "Kirov", "region_code": "33", "area_code": null, "longitude": 49.6601, "country_code3": "RUS", "latitude": 58.596599999999995, "postal_code": "249440", "dma_code": null, "country_code": "RU", "country_name": "Russian Federation"}, "timestamp": "2019-07-23T20:59:16.288147", "domains": ["ertelecom.ru"], "org": "JSC ER-Telecom Holding Kirov Branch", "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "35b68fc6-2c57-488d-baa3-26fbb217d9c2", "module": "xtremerat", "options": {}}, "ip_str": "94.181.224.74"}, {"info": "SIP end point; Status: 200 OK", "hash": 970232133, "ip": 665208544, "isp": "China Mobile", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=35e568-0-13c4-32591-5d65039-32591\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=167.241.19.206;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer,path\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS9808", "port": 5060, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 113.72660000000002, "country_code3": "CHN", "latitude": 34.77250000000001, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:57:25.975729", "domains": [], "org": "China Mobile Guangdong", "os": null, "_shodan": {"crawler": "b0f0de701beef55d9f52a22b2c071d0ea384bc26", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "39.166.70.224"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US.UTF-8"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "SITE": {"parameters": ["UTIME"]}, "REST": {"parameters": ["STREAM"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "HOST": {"parameters": []}, "CLNT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": 1159919863}, "hash": -97379193, "tags": ["starttls", "self-signed"], "ip": 1977228222, "isp": "BSNL", "transport": "tcp", "data": "220 ProFTPD Server (NETGEAR ReadyNAS) [NAS]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n214-CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n214-EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n214-XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n214-NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n214-ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n214-STOR STOU APPE REST ABOR USER PASS ACCT* \n214-REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n AUTH TLS\n CCC\n CLNT\n EPRT\n EPSV\n HOST\n LANG en-US.UTF-8*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n PBSZ\n PROT\n REST STREAM\n SITE MKDIR\n SITE RMDIR\n SITE SYMLINK\n SITE UTIME\n SIZE\n SSCN\n TVFS\n UTF8\n211 End", "_shodan": {"crawler": "65e79faecee26516a8ed6f16c1142432f303fbdc", "ptr": true, "id": "8b6cdded-6f81-4f5d-952f-8f6b64a45aef", "module": "ftp", "options": {}}, "port": 21, "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20150811105341Z", "expires": "20380118105341Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 0, "extensions": [], "fingerprint": {"sha256": "64e8af78cb8790bb8d7fc9281356bc3567c399fa5f85f245ed01cf4a252eb4cb", "sha1": "d7c264fe379a705a71d549cf58ac8a57b70190a9"}, "serial": 17832540072745524510, "issuer": {"C": "US", "CN": "nas-E5-90-66.local"}, "expired": false, "subject": {"C": "US", "CN": "nas-E5-90-66.local"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIC0DCCAbgCCQD3eei3HupdHjANBgkqhkiG9w0BAQsFADAqMQswCQYDVQQGEwJV\nUzEbMBkGA1UEAwwSbmFzLUU1LTkwLTY2LmxvY2FsMB4XDTE1MDgxMTEwNTM0MVoX\nDTM4MDExODEwNTM0MVowKjELMAkGA1UEBhMCVVMxGzAZBgNVBAMMEm5hcy1FNS05\nMC02Ni5sb2NhbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMm4tIz1\ngixggTd7UmgTLuxT9qblQdnqST+2FjPk9wdAUPTPypIIv2LVDtioVLsUme96Bmhk\nmD1M8lkTvJq9n7ifxZl7uDuIlpT77v9Edv50a4hx+hVSPcIkNccR/syzZERDdbBY\nnWW9pT5sSmIiO2P/Bfoj9ZiCf6kYAmtmUaOpEnof0jdPNSY+cdO1pBotMQvuJrOs\nP4L4mbHeNDPylq7IWGEB04/VWWYKAiVbb1/2fSLO7BgMWvdYn/X/veN+U8t3TDzW\nqvZD9ybIvG3NNtb36wGi13+J772rOUZONQspAuxvn8aYz4puMdTfOTUzczY7FoVk\nxxPipLTqZ5QEntcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAXiM9FX9KGxRyaZus\nCddjN+0UMgajouB9NAg50pHnXgL1/unb2LIuDY0IOGJMPjGOKb5EdMME+qBroI2p\nwZMiiVU7WcCLznY3rX/dipkQbo57ho6pPin7Gxs21qZdAiTZIWLHFT/daQHbRzfZ\nnOD09ZzW4tovMOFtdqW09+BC9WFx99vVsCFpYUAS0QEB0lLUN7QFIDHpCBziELrK\n7g2TTlWCe6KrpvrgzpsQz5qAGv4sDhIjO95Xsm0++VGoPsW6K6GSYmR3hNi1t20q\nMLqQ871Na5CS1uROW25P75ewpTcPLjaARPvPFzfDiD1YlgF2oTmF4bYdko1zDmRO\nm3ngHw==\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": [], "location": {"city": "Vapi", "region_code": "32", "area_code": null, "longitude": 72.9, "country_code3": "IND", "latitude": 20.36670000000001, "postal_code": "396215", "dma_code": null, "country_code": "IN", "country_name": "India"}, "timestamp": "2019-07-23T20:55:14.260686", "domains": [], "org": "BSNL", "os": null, "asn": "AS9829", "ip_str": "117.218.27.190"}, {"product": "Exim smtpd", "hostnames": [], "hash": 198412494, "tags": ["starttls"], "ip": 3124786660, "isp": "Zam Ltda.", "transport": "tcp", "cpe": ["cpe:/a:exim:exim:4.92"], "data": "220-hosty17.dnshosty.net ESMTP Exim 4.92 #2 Tue, 23 Jul 2019 16:56:02 -0400 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n250-hosty17.dnshosty.net Hello 6716D4jsUOGGL.net [127.0.0.1]\r\n250-STARTTLS\r\n250-SIZE 52428800\r\n250-8BITMIME\r\n250-AUTH PLAIN LOGIN\r\n250-SIZE 157286400\r\n250 HELP\r\n", "asn": "AS52368", "port": 587, "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20180615000000Z", "expires": "20200614235959Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"data": "0\\x16\\x80\\x14\\x90\\xafj:\\x94Z\\x0b\\xd8\\x90\\xea\\x12Vs\\xdfC\\xb4:(\\xda\\xe7", "name": "authorityKeyIdentifier"}, {"data": "\\x04\\x14\\x9d9\\xfaB\\xf1\\x1b\\xe5\\x03?\\xaeW\\xd8]}\\xa6\\xf0rf\\xb5\"", "name": "subjectKeyIdentifier"}, {"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"data": "0F0:\\x06\\x0b+\\x06\\x01\\x04\\x01\\xb21\\x01\\x02\\x02\\x070+0)\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1dhttps://secure.comodo.com/CPS0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x01", "name": "certificatePolicies"}, {"data": "0K0I\\xa0G\\xa0E\\x86Chttp://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl", "name": "crlDistributionPoints"}, {"data": "0w0O\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86Chttp://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt0$\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\\x18http://ocsp.comodoca.com", "name": "authorityInfoAccess"}, {"data": "0\\x1e\\x82\\x0e*.dnshosty.net\\x82\\x0cdnshosty.net", "name": "subjectAltName"}, {"data": "\\x04\\x82\\x01j\\x01h\\x00w\\x00\\xeeK\\xbd\\xb7u\\xce`\\xba\\xe1Bi\\x1f\\xab\\xe1\\x9ef\\xa3\\x0f~_\\xb0r\\xd8\\x83\\x00\\xc4{\\x89z\\xa8\\xfd\\xcb\\x00\\x00\\x01d\\x04$\\x8b\\x08\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\xbc\\xae\\xd5\\x12\\xc3\\x16\\xa5\\xc9\\xa7I\\x05Z\\x81TT\\x9bf\\xa5\\xa9\\x1c4\\xeb\\xaem\\xe0\\xf3\\x85\\x7fKh\\xf3\\x8a\\x02!\\x00\\xda\\xc8\\x99\\x1a\\xd6\\x0cS\\xff\\x15\\xdam\\xe8o\\xc5$\\x0cj\\xfb\\x7f\\xcb\\xed\\xa1\\xfc\\x8c\\x8c\\x08\\xfa\\xe1\\xdex\\x0e\\xe2\\x00u\\x00^\\xa7s\\xf9\\xdfV\\xc0\\xe7\\xb56H}\\xd0I\\xe02z\\x91\\x9a\\x0c\\x84\\xa1\\x12\\x12\\x84\\x18u\\x96\\x81qEX\\x00\\x00\\x01d\\x04$\\x8bT\\x00\\x00\\x04\\x03\\x00F0D\\x02 UV\\x7f\\xe0{\\x0eS\\xfc\\x92C`K\\x806 a\\xfaJ\\x9a\\xa1\\x01m\\xc8:F\\x81\\x84\\xe2U\\xb9\\x7f\\xd2\\x02 \\x13\\xbc\\x93\\xe5\\xcd;\\xfe\\xc6\\x80\\x10)\\xfd\\xfcy\\xaf\\xdc\\x8f\\x13\\x10\\xe5\\xeb\\xdbH\\xa0\\xb0\\x00\\x8a\\x9f\\x8b.C\\xf4\\x00v\\x00U\\x81\\xd4\\xc2\\x16\\x906\\x01J\\xea\\x0b\\x9bW's unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "b0f0de701beef55d9f52a22b2c071d0ea384bc26", "ptr": true, "id": "5665868e-9dd7-4922-a7be-e3bb2724ef93", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Suwon", "region_code": "13", "area_code": null, "longitude": 127.00990000000002, "country_code3": "KOR", "latitude": 37.2859, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:55:15.772619", "domains": [], "org": "Lg Powercomm", "os": null, "asn": "AS17858", "ip_str": "122.34.104.51"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "HOST": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": 598694143}, "product": "ProFTPD", "hash": -1577944979, "tags": ["starttls", "self-signed"], "ip": 1578587016, "isp": "OVH Hosting", "transport": "tcp", "cpe": ["cpe:/a:proftpd:proftpd"], "data": "220 94.23.83.136 FTP server ready\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS HOST CLNT AUTH CCC* CONF* \n ENC* MIC* PBSZ PROT TYPE STRU MODE RETR \n STOR STOU APPE REST ABOR USER PASS ACCT* \n REIN* LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n AUTH TLS\n CCC\n EPRT\n EPSV\n HOST\n LANG en-US*\n MDTM\n MFF modify;UNIX.group;UNIX.mode;\n MFMT\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n PBSZ\n PROT\n REST STREAM\n SIZE\n SSCN\n TVFS\n UTF8\n211 End", "_shodan": {"crawler": "8cd926590a400feb4b683f8337a77287ddf3d2c7", "ptr": true, "id": "7b5cf35c-eb22-47a1-b7b3-ad62f029e4fe", "module": "ftp", "options": {}}, "port": 21, "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha1WithRSAEncryption", "issued": "20190403135833Z", "expires": "20460818135833Z", "pubkey": {"bits": 4096, "type": "rsa"}, "version": 2, "extensions": [{"data": "\\x04\\x145\\x97\\xc2\\xe2q\\x04aM`\\x87p\"b\\x8f*\\xef\\xfa\\xf7m\\xcc", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x145\\x97\\xc2\\xe2q\\x04aM`\\x87p\"b\\x8f*\\xef\\xfa\\xf7m\\xcc", "name": "authorityKeyIdentifier"}, {"data": "0\\x03\\x01\\x01\\xff", "name": "basicConstraints"}], "fingerprint": {"sha256": "b13c7f564e1dacafc9fab843f0e01709f2704ff37683859b68de5a377070a6b0", "sha1": "5eb7bc3065d42644065de26acf73027ed362c7a5"}, "serial": 13507476780103459074, "issuer": {"C": "--", "CN": "vps381946.ovh.net", "L": "--", "O": "OVH", "ST": "France", "emailAddress": "root@vps381946.ovh.net", "OU": "--"}, "expired": false, "subject": {"C": "--", "CN": "vps381946.ovh.net", "L": "--", "O": "OVH", "ST": "France", "emailAddress": "root@vps381946.ovh.net", "OU": "--"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIF5zCCA8+gAwIBAgIJALt0MpDZ52ECMA0GCSqGSIb3DQEBBQUAMIGJMQswCQYD\nVQQGEwItLTEPMA0GA1UECAwGRnJhbmNlMQswCQYDVQQHDAItLTEMMAoGA1UECgwD\nT1ZIMQswCQYDVQQLDAItLTEaMBgGA1UEAwwRdnBzMzgxOTQ2Lm92aC5uZXQxJTAj\nBgkqhkiG9w0BCQEWFnJvb3RAdnBzMzgxOTQ2Lm92aC5uZXQwHhcNMTkwNDAzMTM1\nODMzWhcNNDYwODE4MTM1ODMzWjCBiTELMAkGA1UEBhMCLS0xDzANBgNVBAgMBkZy\nYW5jZTELMAkGA1UEBwwCLS0xDDAKBgNVBAoMA09WSDELMAkGA1UECwwCLS0xGjAY\nBgNVBAMMEXZwczM4MTk0Ni5vdmgubmV0MSUwIwYJKoZIhvcNAQkBFhZyb290QHZw\nczM4MTk0Ni5vdmgubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\nvwmUnTMRq9adlRJfL3nUnfuVXTueBzFGDSXVKTvo9IJ+NKholusg0PuNXp2jUr08\nnsEouL/FTbp36g4VcjeIh09rwFojvBmOpzn/HZOVpvSP8wHdyYpgyxGairB3totQ\n/3Iy2AmaiUwI3+I6UWGQAjhhxzqXyjNaifEdAOwUhjhLCyNrKizSMdR1zIAjEHrI\nPkof20jrSoca5yZJLczXFRhYspPjNuixHRj1d3HtPAkbjokuelkdvjDZTTWS+lNF\nJxQkbbSy4Dag4lRWqNVVr4uJ1Z7Xc0IOovVOolomfbZsre2rCOxdNSoYaq5Qu+rL\nCtGQgi0p/NKTGnlLMZoyhmLJjPJy5wL7uN6D0YS15aca0IN9fCC0EmTjQtdauVmY\nBnlVBQQDF4PBj15mpkpGlfktNtw0G5mlTTILvCq+ND1cRyeuo+qHsWWSYZ9WtOgd\nqdCppYgCylC+b7WWqhNbd0iLQX//tg3YDQXjvru5GbwIJFUPg0wak3Xu7NX4aQXr\n6FrUe2+VPALhUTdhK0c6RCGtRG+FEQ340lD99To4tV6ruYMHjmyjV3KEJOht1IaA\nYmJAlw4h3TxkX3tsMeJ2GzK54hE0dKZjYrv9GbWPN+uF0aZoLniCswnOtHoek01u\npzymxIsEjTC2rFNOu1ma9FKxTohBBxFUfJ6F+bInBj8CAwEAAaNQME4wHQYDVR0O\nBBYEFDWXwuJxBGFNYIdwImKPKu/6923MMB8GA1UdIwQYMBaAFDWXwuJxBGFNYIdw\nImKPKu/6923MMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggIBAHrvcJQm\nsAHxch3E4CDbcQ3VAfQH4ZTToCd77bvY5I8vHgsqIdgfCNpD9Ogdogr66nzaiQRg\nLnwPLIwbzgmjRkcLGxzl6xbvHxWJF8Fsbi5Bz+t9UAs+QD6OTjdKwyXphlWDvNgG\nlkzFBefYR0ELGkKSP68EUmFKBkIl1tSu898Tp3tU4RdVkhCeH7RB/P0jWIi4LtT5\nL09yw55pb7yvTRJ09obWTfTTR5uFw2L1vk7OTIXvQRms/QvpfwYOmkUclAqgjF8i\nofUJaP+A81DgAaRDjd+bctjMCUknsSWEtSRFk+rER5hoCPZu+LpAuuwYRzwgAA6T\nV6y0cqZxilXSbA0ngmmIFSrSv5NjiHymIZP6wyMDQ3dWRMh3sHQv9P2Zv4TVvUD/\nXHLXQhmUVDSla+38hdkM4q6esLQ0KXC9+Mg1a9oW5gs0LtLgdpsu1VoKJH+xH1ud\n3srzmu5GwCj+WbdDTxsLtVQ5dT6egwWaqqevzI9wnO2Yh60UGRkCL/mkYZbV0lAC\nz1RoVj8pv3KzAfov7WvTTy1AkRn59yQ765dR/g/wgtSfnPMUX2bkx6GUdD5dYj2p\no0+Y6hkFkAQlGcsOxUc5lqXUsdys9pLh6aiWO14gceVQV/Rp+DKJk7nvS7JAIFaB\nAmEF/kB23FnnRvM9HZw6ABuDtatQlvyFfRW2\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["ip136.ip-94-23-83.eu"], "location": {"city": null, "region_code": null, "area_code": null, "longitude": -3.6839999999999975, "country_code3": "ESP", "latitude": 40.41720000000001, "postal_code": null, "dma_code": null, "country_code": "ES", "country_name": "Spain"}, "timestamp": "2019-07-23T20:55:54.898226", "domains": ["ip-94-23-83.eu"], "org": "OVH Hosting", "os": null, "asn": "AS16276", "ip_str": "94.23.83.136"}, {"ftp": {"features": {"MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "PROT": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "EPRT": {"parameters": []}, "CCC": {"parameters": []}, "PBSZ": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "SSCN": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": -965126353}, "product": "ProFTPD", "hash": 1152784183, "tags": ["starttls"], "ip": 3417784463, "isp": "Yahoo Japan Corporation", "transport": "tcp", "cpe": ["cpe:/a:proftpd:proftpd"], "data": "220 203.183.64.143 FTP server ready\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n SIZE\n PROT\n CCC\n PBSZ\n AUTH TLS\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n EPRT\n EPSV\n MDTM\n SSCN\n TVFS\n MFMT\n211 End", "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "d74c3110-1ee4-477a-bcd9-7154147cfa35", "module": "ftp", "options": {}}, "port": 21, "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "-TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20181005014944Z", "expires": "20191208054044Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0{0B\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x866http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt05\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86)http://ocsp2.globalsign.com/gsalphasha2g2", "name": "authorityInfoAccess"}, {"data": "0N0B\\x06\\n+\\x06\\x01\\x04\\x01\\xa02\\x01\\n\\n0402\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16&https://www.globalsign.com/repository/0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x01", "name": "certificatePolicies"}, {"data": "0\\x00", "name": "basicConstraints"}, {"data": "0503\\xa01\\xa0/\\x86-http://crl2.alphassl.com/gs/gsalphasha2g2.crl", "name": "crlDistributionPoints"}, {"data": "0\\x1c\\x82\\r*.wadax.ne.jp\\x82\\x0bwadax.ne.jp", "name": "subjectAltName"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"data": "\\x04\\x14\\x9f\\xeb|\\xcc7\\x04\\xb2F\\xfc\\xd4\\xa6QQ\\x1c\\xd1\\x8d#\\xd4\\x0b\\t", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xf5\\xcd\\xd5<\\x08P\\xf9jO:\\xb7\\x97\\xdaV\\x83\\xe6i\\xd2h\\xf7", "name": "authorityKeyIdentifier"}, {"data": "\\x04\\x81\\xf3\\x00\\xf1\\x00w\\x00\\x87u\\xbf\\xe7Y|\\xf8\\x8cC\\x99_\\xbd\\xf3n\\xffV\\x8dGV6\\xffJ\\xb5`\\xc1\\xb4\\xea\\xff^\\xa0\\x83\\x0f\\x00\\x00\\x01fA\\xea\\x9c{\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\x8b\\x92\\xf2e\\xd8\\xe9\\x1eY\\x1e\\x1e=\\xd6\\x81~\\x89\\xf5U\\x9d\\xd0\\xf6\\xae\\x01Q}3\\x1e)\\x85sJ\\xef?\\x02!\\x00\\xfe\\xe6\\xe1\\x85\\x94Y\\x18)\\xee\\xa8`\\xa2\\xc8\\xb3\\x9d0\\xfc\\xe7K8\\xb7\\xbf\\xa2\\xde\\xa0\\xb2<\\x92\\x06$\\x90\\x97\\x00v\\x00\\xbb\\xd9\\xdf\\xbc\\x1f\\x8aq\\xb5\\x93\\x94#\\x97\\xaa\\x92{G8W\\x95\\n\\xabR\\xe8\\x1a\\x90\\x96d6\\x8e\\x1e\\xd1\\x85\\x00\\x00\\x01fA\\xea\\x9d\\xb2\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xb1\\x95W.\\x7f\\x1e\\xa5\\x00\\xe7\\xa2\\xa3\\xb7p $\\r\\xc2B\\xactm\\x0c\\xac\\x18l\\xa7w\\xf0\\x832G\\\\\\x02 Y\\x9b\\xed\\xaf\\xd3\\x12\\xb4\\x8d\\tp\\x9e3\\x0e(\\xe5\\x99\\xdb7%\\xb5\\x8a~\\x86e3\\xff\\x08dX\\x04\\xd0\\n", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "993beda3a684300ee842ca3ec4bb52094eaeebe7cbdf89d668f0d69fd1b35422", "sha1": "04747f467e770c3cee465382a1a9cc951df6fd6f"}, "serial": 34657694817932696866102228215, "issuer": {"C": "BE", "CN": "AlphaSSL CA - SHA256 - G2", "O": "GlobalSign nv-sa"}, "expired": false, "subject": {"OU": "Domain Control Validated", "CN": "*.wadax.ne.jp"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "DHE-RSA-AES256-SHA"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIF4jCCBMqgAwIBAgIMb/wsWL9Cuo9oCLT3MA0GCSqGSIb3DQEBCwUAMEwxCzAJ\nBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB\nbHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MTAwNTAxNDk0NFoXDTE5MTIw\nODA1NDA0NFowOzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRYw\nFAYDVQQDDA0qLndhZGF4Lm5lLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwnrJZXaEklfnGagkkRcurBGz/510DQGeGrVDxfyonsOfBhc45omwCejS\nSBpMhCfqk4zuDrxHJpRU6XFQZ2QrqtmaapzlXqJC0dNR5dAJjKBAU0Hh+McEw7du\nHchrLEVTXknKDbTCvCR68g002oXtLu9SxW9jPsv93L8Ro5WxEjqIG8YIZCQEmHu7\n9FaKAfoNqUux12EgBQ1Aiq6ATiAdsGmEj0p2QCApOaHGwVE70wCLbWnObufgvdjg\nSQud8l56Bd1p5kJSCxFCLtBMVJBjvZv2iML0WAe0E55CmM/zlDFXor+0PB0m3jcw\nWfr5K2iBFgbPhBgchmiZ4JtMzuoKbwIDAQABo4IC0zCCAs8wDgYDVR0PAQH/BAQD\nAgWgMIGJBggrBgEFBQcBAQR9MHswQgYIKwYBBQUHMAKGNmh0dHA6Ly9zZWN1cmUy\nLmFscGhhc3NsLmNvbS9jYWNlcnQvZ3NhbHBoYXNoYTJnMnIxLmNydDA1BggrBgEF\nBQcwAYYpaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzYWxwaGFzaGEyZzIw\nVwYDVR0gBFAwTjBCBgorBgEEAaAyAQoKMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v\nd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNVHRME\nAjAAMD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9jcmwyLmFscGhhc3NsLmNvbS9n\ncy9nc2FscGhhc2hhMmcyLmNybDAlBgNVHREEHjAcgg0qLndhZGF4Lm5lLmpwggt3\nYWRheC5uZS5qcDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0O\nBBYEFJ/rfMw3BLJG/NSmUVEc0Y0j1AsJMB8GA1UdIwQYMBaAFPXN1TwIUPlqTzq3\nl9pWg+Zp0mj3MIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAh3W/51l8+IxDmV+9\n827/Vo1HVjb/SrVgwbTq/16ggw8AAAFmQeqcewAABAMASDBGAiEAi5LyZdjpHlke\nHj3WgX6J9VWd0PauAVF9Mx4phXNK7z8CIQD+5uGFlFkYKe6oYKLIs50w/OdLOLe/\not6gsjySBiSQlwB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAAB\nZkHqnbIAAAQDAEcwRQIhALGVVy5/HqUA56Kjt3AgJA3CQqx0bQysGGynd/CDMkdc\nAiBZm+2v0xK0jQlwnjMOKOWZ2zcltYp+hmUz/whkWATQCjANBgkqhkiG9w0BAQsF\nAAOCAQEAli6iArbjbaD7x16mHerr3uFBZOXC3yQAm5leWJ2Dgbs9mESs2cQBMqrQ\nmA8s7OHeEvWzXWUKXtzXWfl3drXPdHeHrG2fck7xpQEeXap3MvvsBw/6FFHBvvm2\nzTtuS52HVkXLzxBEpmeUaoy45YWdthkFJYPC+cOCK7q57tpLyyz7/omLjCnyG1dT\ntksujqezSrbmrt24b3j2OcM25YreWls8omVKhY8kqySfQj9LTWyh+uQqJd0Y9oR4\nWA7GbmYgnn6iUmvJOgDJDeXXTd3jrcXRJo80fsMXB6OHqHi/ExrgPHToOhdPO1Uk\njgJoCz85UhjlPbeDcAhik4aEVov4rQ==\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIETTCCAzWgAwIBAgILBAAAAAABRE7wNjEwDQYJKoZIhvcNAQELBQAwVzELMAkG\nA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv\nb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAw\nMDBaFw0yNDAyMjAxMDAwMDBaMEwxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i\nYWxTaWduIG52LXNhMSIwIAYDVQQDExlBbHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcy\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gHs5OxzYPt+j2q3xhfj\nkmQy1KwA2aIPue3ua4qGypJn2XTXXUcCPI9A1p5tFM3D2ik5pw8FCmiiZhoexLKL\ndljlq10dj0CzOYvvHoN9ItDjqQAu7FPPYhmFRChMwCfLew7sEGQAEKQFzKByvkFs\nMVtI5LHsuSPrVU3QfWJKpbSlpFmFxSWRpv6mCZ8GEG2PgQxkQF5zAJrgLmWYVBAA\ncJjI4e00X9icxw3A1iNZRfz+VXqG7pRgIvGu0eZVRvaZxRsIdF+ssGSEj4k4HKGn\nkCFPAm694GFn1PhChw8K98kEbSqpL+9Cpd/do1PbmB6B+Zpye1reTz5/olig4het\nZwIDAQABo4IBIzCCAR8wDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C\nAQAwHQYDVR0OBBYEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MEUGA1UdIAQ+MDwwOgYE\nVR0gADAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hbHBoYXNzbC5jb20vcmVw\nb3NpdG9yeS8wMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nbG9iYWxzaWdu\nLm5ldC9yb290LmNybDA9BggrBgEFBQcBAQQxMC8wLQYIKwYBBQUHMAGGIWh0dHA6\nLy9vY3NwLmdsb2JhbHNpZ24uY29tL3Jvb3RyMTAfBgNVHSMEGDAWgBRge2YaRQ2X\nyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQsFAAOCAQEAYEBoFkfnFo3bXKFWKsv0\nXJuwHqJL9csCP/gLofKnQtS3TOvjZoDzJUN4LhsXVgdSGMvRqOzm+3M+pGKMgLTS\nxRJzo9P6Aji+Yz2EuJnB8br3n8NA0VgYU8Fi3a8YQn80TsVD1XGwMADH45CuP1eG\nl87qDBKOInDjZqdUfy4oy9RU0LMeYmcI+Sfhy+NmuCQbiWqJRGXy2UzSWByMTsCV\nodTvZy84IOgu/5ZR8LrYPZJwR2UcnnNytGAMXOLRc3bgr07i5TelRS+KIz6HxzDm\nMTh89N1SyvNTBCVXVmaU6Avu5gMUTu79bZRknl7OedSyps9AsUSoPocZXun4IRZZ\nUw==\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["sv63.wadax.ne.jp"], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 139.69, "country_code3": "JPN", "latitude": 35.69, "postal_code": null, "dma_code": null, "country_code": "JP", "country_name": "Japan"}, "timestamp": "2019-07-23T21:01:07.859755", "domains": ["wadax.ne.jp"], "org": "Yahoo Japan Corporation", "os": null, "asn": "AS2554", "ip_str": "203.183.64.143"}, {"hash": -1416785448, "ip": 3411490706, "org": "TPG Internet", "isp": "TPG Internet", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:54:45 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 27 Jun 2019 00:24:42 GMT\r\nConnection: keep-alive\r\nETag: \"5d140cca-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:54:45 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS7545", "port": 5001, "ssl": {"dhparams": {"prime": "c9e13657f750b8d4e6816b3366118098bcd5df477e31c1739cd69fe93de5cd4bfbc9d4b522e03d2a39f937a6c0bdc8fd508ecb4ae3cc4fedaf7ac5565b39f9be171e77a1a7098ebc9f768859e019ce5d6499b9fdec909380acf1fbaf0fcb1ced25226d67c2a5cbaca287b8a5bf92a88e94c7e675d68c18f6c8d11d2f659a7aa6b0237b0ce941e1bcad3ac6a9b45be8067f518878b3667119996b5dda6994233e9290b3d570fe078407bb727d469699179ab6b5a7125fa90c4b909e89605b0e1822b06d2a2bee6ac51fa7ae8150d249fa52415bab5527d2c4b4d1bd5aff331ec810c3297853e62747334bafd3a5bb8e2f49411baa1ac662ab2ef7dfdf5415b36b", "public_key": "414385a081defe10fbebd3d2241eff179f9c2077df675ba68851ec231781548bc26da39ef4b0055809a42729c8ddaf18c7b21f662c873d90f7179a1505d90fb7671959b3ffcf1b5044c2486142acd0743b22868d122ace1a10330a5fc40be693f92ca1de998ecf20123f8a77ffcaf65d3b58ccbb3ac7e601e5efc587c73ab9197a14b516b8588b57d53575d34e56619010fca720494ec854fd9b437fbd00fbdbd125b44b091e8dccb88254369ae0c8bba02e090de41dddda033303158e3502f4f13759a0bb80a4660f85204ec057104ec78633dfacd54cfa3e1d0f4e276000b74fc3786a117387f48e759d4b528e9c851b8e9345b8f7fbbdb0805160f4e511bf", "bits": 2048, "generator": "5af547f686a5453199fb6292e11e956a530006bd3a3c38b5a53e247b2ba885377c5d1cfadaf5ed94b68653713acc3c934a4cff09bf8a185eadf7ef2f1d84606969d8f3448a6393632ba5d11c8471c1058593fae80b60d25223e4dd8a29350360307ca44cd01154b43e97b9415c303bb8a2ad064ae15b7306fda229e9727469d074de663d86f91c9d4e6d47f97c3fd987f2c5f43cd647eee7322327c719640fdce154b8a072c6c8126b6c4f56962ccf2402ec122d5054eedaa64972575f2b04faf0786341a85a59c85e92ee400c2b8154fc5b67dc87d8368d3e32817ed39ebf321c673ec78c1063d9967cdb9cdb4872153848c4df3b9e5722225059a626d703f2"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}, {"id": 15, "name": "heartbeat"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190717101111Z", "expires": "20191015101111Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\x1c\\x12\\xa9]\\xc8S\\x91\\x19\\xaf\\x00\\x03\\xcb\\x15t\\xd0\\xf6BD\\x9d\\x03", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x18\\x82\\x16hoodsweeney.3cx.com.au", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf2\\x00\\xf0\\x00v\\x00t~\\xda\\x831\\xad3\\x10\\x91!\\x9c\\xce%OBp\\xc2\\xbf\\xfd^B \\x08\\xc675y\\xe6\\x10{\\xccV\\x00\\x00\\x01k\\xff\\xa1\\x05\\x91\\x00\\x00\\x04\\x03\\x00G0E\\x02 \\x0c,\\xea\\xae\\xc1\\xa7\\xba\\xe3\\x00\\xa5\\xd2\\xdc{\\rQ\\x8bz\\x1e\\x96\\xc6\\x117\\xc00\\x1e\\xceb\\xf5=\\x10`T\\x02!\\x00\\x9dl(\\x9f\\x08G\\x19\\x96\\xf1Ml\\xae\\x11\\x8bF\\x88\\xf4R\\x82\\x90\\xceM\\xe5\\xe7j\\xf5\\x03\\xabozL\\xe7\\x00v\\x00)3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1026100908}, "os": null, "_shodan": {"crawler": "122dd688b363c3b45b0e7582622da1e725444808", "ptr": true, "id": "d6981aa7-c206-410f-9c3a-deb73575f116", "module": "https-simple-new", "options": {}}, "ip_str": "203.87.55.146"}, {"ip": 1176749300, "ftp": {"features": {"LANG": {"parameters": ["en-US.UTF-8"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "SIZE": {"parameters": []}, "EPRT": {"parameters": []}, "MDTM": {"parameters": []}, "TVFS": {"parameters": []}}, "anonymous": false, "features_hash": 1929892453}, "product": "ProFTPD", "hostnames": [], "hash": 607758076, "timestamp": "2019-07-23T20:54:32.867063", "isp": "1&1 Internet AG", "transport": "tcp", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5b"], "data": "220 ProFTPD 1.3.5b Server (ProFTPD) [70.35.196.244]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n TVFS\n MFMT\n SIZE\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US.UTF-8*\n UTF8\n EPRT\n EPSV\n211 End", "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": "807e47fd-a3a2-4ee4-be1c-9e2a60d58d1c", "module": "ftp", "options": {}}, "port": 21, "version": "1.3.5b", "location": {"city": "Wayne", "region_code": "PA", "area_code": 610, "longitude": -75.4083, "country_code3": "USA", "latitude": 40.0548, "postal_code": "19087", "dma_code": 504, "country_code": "US", "country_name": "United States"}, "vulns": {"CVE-2019-12815": {"verified": false, "references": ["http://bugs.proftpd.org/show_bug.cgi?id=4372", "https://github.com/proftpd/proftpd/pull/816", "https://tbspace.de/cve201912815proftpd.html"], "cvss": 7.5, "summary": "An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306."}}, "domains": [], "org": "1&1 Internet AG", "os": null, "asn": "AS8560", "ip_str": "70.35.196.244"}, {"hash": 237101606, "ip": 90520706, "org": "OOO WestCall Ltd.", "isp": "OOO WestCall Ltd.", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx/1.12.1\r\nDate: Tue, 23 Jul 2019 20:56:55 GMT\r\nContent-Type: text/html\r\nContent-Length: 746\r\nConnection: keep-alive\r\nLast-Modified: Sun, 02 Sep 2018 02:01:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1d44260d517fcea\"\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 0\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\n\r\n", "asn": "AS8595", "port": 5001, "ssl": {"dhparams": {"prime": "daebb704abb0ed4729e0641feb8075c8f6b3fa8e06bbd22bf52c68d82a0919675300c50e9ed3d362656c28432b01003ebbdcf2283ef703f9a9856ce023a02e7a09bd33af6824ad03ffaade5338d8e96abfe5a335d74edd1483c23e6b6c70fed74ffb831e3e07f36fe3ef79cd04ea7f2d035287b9e1229b5591f86c1cebc42dea1394f62dc1ca8b90ef1ee0085b61c28680c29744ada18fe1c48d6cfea43e23de55503b002c3dece8990bc2e713fff2fdcfa57d71eba1c302aefb67b7de3ede0f949a0f6b1274460dc10ee02135107d9ce128eb364517b8c5ca235002c10bbf55eeb9ea69a0e753ae6036da2c19b0042d28f1b9a23e0e92b8a6b73ddd39a8e8c5", "public_key": "9b26a32f06b83a32c6f2154a5279382ee72a6c3fa73c4ba4ae5fc7fbbdc65de3d285c4f23f53b18d2882c52c72ad28735573e4e6c2276b80e25a5ac616fc20798fe83d9831ec30342b91130ffdf9c42352ca5f6f3b471e9b106d36b726a90afd46b20a22eb925722c16fff10a6e380f12f48dae921a2c15ffb422c0699d1532401db813610b9891c4a5c983d84e3e819be584fe261201d727b0bd382f004b47f9d46499d0c0f4f845f0900febbd404435e38f3cd4be65e29e7b603be337550073a73dae38758f1901b1358974d6451cf2f7bd4a44a9fce4f7eda79731e3be0311076c565006e6063f81c5e93510bdfe3ddc9123d7e4267cbe4b0c198168ad46c", "bits": 2048, "generator": "8031b4f7c8023c350dc50264b7c25a8fad3d76b62322791f1fb926ac614fb2a12d099c2712a459c2f154aad9130eb9cc5792c8050768b7d42fc329b07eceb78d5b701ae8e454e2644fa3c7ee69080b7485ef6fc2ed9f1745ddd33b51b8daa64ba439adb4a866ee144111c52fa8b342ac3a85275b4f39551f5f47cdcfb5121d83d049ece248fa0cc41a1a1cedcc43064e6863d6a6599cffe3f0a9ed359e7c3898d7ee9ccf34db898242245f545b48ceb5a306e7ee0d5812c0f1e299a1071e636b1002bf327e8716154aad0b6200be20612c3476fbc6bf7ce6519ede275b20c33835ef6b19d25021d027f16e31200ccfdaa0701be453ede69cd860d6f842c20d8a"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190704003953Z", "expires": "20191002003953Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14\\x10V\\x18\\xd8\\xee\\xc9\\xfa\\xba\\x0f\\xc3\\xa3\\xc5\\xda\\x1a\\x88\\xb0\\xf9\\x01\\x851\\x00v\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01k\\xba\\xa3R\\x98\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\xd5IH\\x85\\xfb\\xc2\\xf1\\xd4\\xda\\xa1\\xf8\\xc2u\\xe2\\xb3\\x82\\xb1\\x93\\x8e\\xf9\\x97\\xf0\\x90p\\x14*e\\xb5a\\x80D0\\x02 7\\xe8\\xd9\\xa2$\\xe3\\xa1=\\xcd\\x80\\xb8w>\\xde\\x1b\\\\\\x903\\xef\\xad\\xb2[4\\xe9\\xd7\\x1f\\\\\\x10{\\xfa\\xd9\\x97", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "a50d6f84619d35cdddcdf02fe74c098fc77229e02033d65b1f0a4ada6d6b50d8", "sha1": "a5481e6865d935ba29ea0a4193f8fb0da591836a"}, "serial": 287318695979567193862191118021649722970209, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "3cxarris.3cx.ru"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFVjCCBD6gAwIBAgISA0xakARVywFMeJe60MMm5xBhMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MDQwMDM5NTNaFw0x\nOTEwMDIwMDM5NTNaMBoxGDAWBgNVBAMTDzNjeGFycmlzLjNjeC5ydTCCASIwDQYJ\nKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDQP3vJsz9rLx9fiDhcxSlN7N4qFdQQ\nY+rV8RJhtHfATx5CA+SjdQpxPGTtzT5Z7dgGYn6LcqxUMUtPIaM16SgGjdP45cDX\nhIKqs6qwb6kXBvaI82Qg+oOw6VS+Ac+U+MmtxXSEIV5I+6ySUzs64XnH0hRi/Dgf\nkfceOoU9QIPYvbxhPgvZgSdrRIBE9sUTsQGbKe1bqbExh8Ti96GOmze40xP8bmIj\n0opbA5h0ui9aLjTDzCrg9Eq/HPFcHbi7nvToYgW56kiTXSsjlFefmyPJVGeM10vB\n3x5JSz009wXmOqtxpwogttyk7bp2EF0UF0/pp8N2NixX59lKM8gdQWkCAwEAAaOC\nAmQwggJgMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB\nBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUEFYYPG1w827IMZ4aOERQpBKt\nW+UwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE\nYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu\nb3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu\nb3JnLzAaBgNVHREEEzARgg8zY3hhcnJpcy4zY3gucnUwTAYDVR0gBEUwQzAIBgZn\ngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s\nZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgBvU3asMfAx\nGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWu6o1IHAAAEAwBHMEUCIQD2dMe8\nQ+lJQhef/AyNtMAoeJhy90Do+cMx2Yt5pbPqWQIgM0SQX7OjkGbSCJOylr8+2O7J\n+roPw6PF2hqIsPkBhTEAdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvY\njQAAAWu6o1KYAAAEAwBHMEUCIQDVSUiF+8Lx1Nqh+MJ14rOCsZOO+ZfwkHAUKmW1\nYYBEMAIgN+jZoiTjoT3NgLh3Pt4bXJAz762yWzTp1x9cEHv62ZcwDQYJKoZIhvcN\nAQELBQADggEBAEi0eivhh0HgBLLvMwQC/jeXSo0vfXWZ18kux3YatjAYP7iNTey6\nhBHn11esWZ3P6TgqlH9gUSWMOPIc/1nEI1L5/J/ESYpEqS6nZG1MRjJO7cLQ5E3Z\n2iGxeNJIVs2zk5Cb0d1Dh4IcK37VALy4h14a6Fq8UHp/mY1magrU8eFmm5Pq5oRA\nSOZd37zHFaOAMrcmvLnCE/4v8Pka2ft/9OeWu1uUGeU8YbREH4xE/59nAYmnv+7A\nbybr3xKxvZkEvjnhkyf8nczb1USpBFcrZy6SdfIAel/4xq9qraCc6LLlU1qsgCnS\nVk7ZHFOhaJXt0GarbbBMw8xBB4TXFShoMXk=\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["http/1.1"]}, "hostnames": [], "location": {"city": "Moscow", "region_code": "48", "area_code": null, "longitude": 37.6156, "country_code3": "RUS", "latitude": 55.75219999999999, "postal_code": "129344", "dma_code": null, "country_code": "RU", "country_name": "Russian Federation"}, "timestamp": "2019-07-23T20:56:59.720199", "domains": [], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://5.101.60.130:5001/favicon.ico"}, "host": "5.101.60.130", "html": "\n\n\n \n 3CX Phone System Management Console\n \n \n \n \n\n\n
\n
\n\n\n", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx/1.12.1", "sitemap": null, "html_hash": 1680756703}, "os": null, "_shodan": {"crawler": "5faf2928ceb560cb4276cc1b4660b2d763cc6397", "ptr": true, "id": "4684e341-cf63-4dc7-9d4e-c061b79a0cd6", "module": "https-simple-new", "options": {}}, "ip_str": "5.101.60.130"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1618571074}, "hash": 1519306543, "ip": 3698658417, "isp": "Korea Telecom", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (munhwafile-1B3AED) [220.117.12.113]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "5794aa65-9a93-4502-b417-d53c467526fd", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Seoul", "region_code": "11", "area_code": null, "longitude": 126.97829999999999, "country_code3": "KOR", "latitude": 37.5985, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:56:09.321122", "domains": [], "org": "Korea Telecom", "os": null, "asn": "AS4766", "ip_str": "220.117.12.113"}, {"hash": 157320422, "ip": 1185097864, "org": "Cox Business", "isp": "Cox Business", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:56:22 GMT\r\nContent-Type: text/html\r\nContent-Length: 746\r\nLast-Modified: Mon, 27 Aug 2018 14:34:00 GMT\r\nConnection: keep-alive\r\nETag: \"5b840bd8-2ea\"\r\nExpires: Tue, 23 Jul 2019 20:56:22 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 0\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS22773", "port": 5001, "ssl": {"dhparams": {"prime": "c3dee29c3539f7666c1c2994d234e4eec59ad7ad8bb663fca2904302ae746aeb8db0b079ad010c7beb86a9b1dd403ca9955b07511e60d2947e0161bc36236f23b3d5167c22d0961b29c6c5d401da9c18683194392aa29da1c997af015fa85f937c2865b8cb4a28c80c48a4c2f3fb61a571573b3aaca42964729340d6a2bf81b73eb6ea033092e358ea62630382d601ad01e604397bd549923067593fd88a18efebb243ed506997f68835612514f4c3b7cd661c6fd15a2c9c2f19e08a629df67b517c0a27e5e70f08afee0b95a0690e10accf795efa1ea70c4e9b4ce2a8ff4c6225e09037d0aeb23f9a29cc4dea751aa778cfee5127453a56c9d80b3915ac8a6b", "public_key": "48aec2e4bc1374bdad881cb6f767483cd5656ba9b873e42bad1ce07964f7981370437eb2d8f9ebafb71d0d7e0caedca5ba88455c64956a98f4128cc8def4d7b247af53dfdc43354c8a66e9f464c98a9f0aad7d38753e054d0c7ac2bc22499fecf33e372182d1e7195e7cedbd1f6d3b925e689affe5244e92ab6a9aa39e9887c335a85c38257100d40ea5dcb3d0eb0f1ea5282c5e58454902b604ff82f1892f810f359b66f6fb0abb31f8bff18bf1b1891d521cf7c7b042f5c6c1c8f635205c1642cc40bb153220c151017c50874c2929e86e39c50fc96dab4669760bd565a571dd02b58047f6e14c6ae64063d20383fb108f21c84676f3fc28bace8227709498", "bits": 2048, "generator": "5b51d9943befc632a8cb5f338af3f32f9c83297e5ef8ee7db57a7aa726c7f1750b5b59ea9273451bcba7299946e4b3beddfbd2975a1d79ee86b0be7b30d923e8086c54a53b03b5388760421fc787322d4bc3d0500695781377e4cd95e39efde3ecf683880c2db3170e12b980b57ea59b63a0f9672c86ce9b3ccad60e15eb6b51492e53dfab0274c96c80e13b2c94af0cba6ddd223b5d9ec473091512d43e9c15b1c3b0a8fea5dd25d9a14d4f8a033b64a6df64396ebf7ca7453b4efba40586277e2c45528d64938e7018cecc91538bc9c89954e681e1f700c1a2af486b1029ee18ac1289f0d1fabf38b6696784954d54900be25fbb3ae265bc30bd188435928e"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}, {"id": 15, "name": "heartbeat"}], "versions": ["-TLSv1", "-SSLv2", "-SSLv3", "-TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190715072150Z", "expires": "20191013072150Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14D\\x13\\xf7\\xdf6\\x04\\x80A\\x12Y\\xd6\\xe8\\xb0\\xc2q\\x14\\xe4pm\\xb3", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x18\\x82\\x16wellspringah.ks.3cx.us", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf3\\x00\\xf1\\x00v\\x00\\xe2iK\\xae&\\xe8\\xe9@\\t\\xe8\\x86\\x1b\\xb6;\\x83\\xd4>\\xe7\\xfet\\x88\\xfb\\xa4\\x8f(\\x93\\x01\\x9d\\xdd\\xf1\\xdb\\xfe\\x00\\x00\\x01k\\xf4\\xb9D\\xb1\\x00\\x00\\x04\\x03\\x00G0E\\x02!\\x00\\x88?m\\xd8\\x81\\x0e0i_P$4\\xd5\\xcd\\x7f\\xf0\\x90\\xe0\\x9a\\x03\\xdb\\xab&\\xde\\xa3\\xf8\\xdb\\xb2\\x80\\xda\\xc7`\\x02 T\\'\\xc3\\x98\\xb3\\xd2Y\\xaf\\x1b\\xc4\\xe5S\\xcd\\xb1\\xfe\\xb8\\x12\\xeb\\x90\\xce>?H\\x1f\\xc3\\xbc\\xfb\\xc9\\r\\xe4\\xb9S\\x00w\\x00c\\xf2\\xdb\\xcd\\xe8;\\xcc,\\xcf\\x0br\\x84\\'Wk3\\xa4\\x8daw\\x8f\\xbdu\\xa68\\xb1\\xc7hTK\\xd8\\x8d\\x00\\x00\\x01k\\xf4\\xb9B\\xe0\\x00\\x00\\x04\\x03\\x00H0F\\x02!\\x00\\xba(\\x94\\xf0\\xb1\\xd3[\\x12~[\\x8f^\\xa9\\xc6 \\xe4\\xf1\\xfaV\\xfb\\xd02{\\x1e\\x82\\xe0&\\x88\\x819\\x85\\xbe\\x02!\\x00\\x81_\\x183\\xac\\xfc,\\xff{8\\x84K\\x02m\\xe2\\\\\\xfbpA`\\x0c\\xe9\\xc8yXW8\\xc3i\\xdb=\\xd3", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "6cd858f1968f8d1d947dbe59787d3cd3df31e9b84d4fe6fb3858445e96a9897a", "sha1": "56cc49247ec7fd63ba1fda1a30d9413d15f866b0"}, "serial": 293640937236521966751450173145147049432709, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "wellspringah.ks.3cx.us"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFZTCCBE2gAwIBAgISA17u42RllaH503tGiosLntaFMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MTUwNzIxNTBaFw0x\nOTEwMTMwNzIxNTBaMCExHzAdBgNVBAMTFndlbGxzcHJpbmdhaC5rcy4zY3gudXMw\nggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJLIXhWzEeeqitPmO3vxol\ngTOD/BN388o7ptQC+CQsR3Q6MLvB/2LJO4sG0eXHjZZDvf1qR1n2Ho3//5QcgSV4\nc+DbB1x8BRsbTQCHYSmnE5HjYMZxnqgdNceo11G98PR6GP/eMfFSjgqI4sIvvCK/\nd30dnhUgn4TCYyf2dzKyQHnyopUdrEcxMb/tn8hcgnOKogJ/nNXSSQ2z4j7XTrOs\nQbwGq4iZwj2Z8R86IowYFQsM/RKGbCU1CdPW1xvZYHG4O4smx+vyLXVAQdOGOqr6\nTfBRWIyc6LNMMc7CEJrZmejGI8B7lxBbUUjKPjZJeDo8OENpk0vf/uYf7Sdc3fZV\nAgMBAAGjggJsMIICaDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH\nAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEQT9982BIBBElnW\n6LDCcRTkcG2zMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsG\nAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNl\nbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNl\nbmNyeXB0Lm9yZy8wIQYDVR0RBBowGIIWd2VsbHNwcmluZ2FoLmtzLjNjeC51czBM\nBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB\nFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYE\ngfMA8QB2AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABa/S5RLEA\nAAQDAEcwRQIhAIg/bdiBDjBpX1AkNNXNf/CQ4JoD26sm3qP427KA2sdgAiBUJ8OY\ns9JZrxvE5VPNsf64EuuQzj4/SB/DvPvJDeS5UwB3AGPy283oO8wszwtyhCdXazOk\njWF3j711pjixx2hUS9iNAAABa/S5QuAAAAQDAEgwRgIhALoolPCx01sSfluPXqnG\nIOTx+lb70DJ7HoLgJoiBOYW+AiEAgV8YM6z8LP97OIRLAm3iXPtwQWAM6ch5WFc4\nw2nbPdMwDQYJKoZIhvcNAQELBQADggEBAEMZQqyeUQ5oAFGnXM3HMtZYkvi2yH/W\njT+czlctqv5tuXSlqtLSGhdPHBqbg/epZPcKOcZ8JTgaO711q3vok8zoLjQrD5l6\nLo3YKatX1rnnlRsULTxePQD5/SKRWrgp8lRmEBIlE6KiAFk5wu36Nk2phpb063Mn\nrKLyDYS9BYT4eEj8ujHRBulrG+Ey477nP1UdCQG2b4HcBUyTp9BDf+UtM4+JkJrr\nagC8CK4b+co+jzwW7OFGRjCKPBUaBatbHiPFMgCti3IKI1vwbo5yJJZBPdIR/vYO\nMqZ6b11qfcMFZ8Ex5FKH9lXEqZfCpWwF4Wp5I5Mp0PCkSwh9/zrMLBY=\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["http/1.1"]}, "hostnames": ["wsip-70-163-40-136.ks.ks.cox.net"], "location": {"city": "Fayetteville", "region_code": "AR", "area_code": 479, "longitude": -93.984, "country_code3": "USA", "latitude": 36.1189, "postal_code": "72703", "dma_code": 670, "country_code": "US", "country_name": "United States"}, "timestamp": "2019-07-23T20:56:22.321472", "domains": ["cox.net"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://70.163.40.136:5001/favicon.ico"}, "host": "70.163.40.136", "html": "\n\n\n \n 3CX Phone System Management Console\n \n \n \n \n\n\n
\n
\n\n\n", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1680756703}, "os": null, "_shodan": {"crawler": "e9392a930ba74a5a7a9a04c307d8f2d045dad4b4", "ptr": true, "id": "ff22750d-a38c-432c-b914-f44080ee4dd6", "module": "https-simple-new", "options": {}}, "ip_str": "70.163.40.136"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1618571074}, "hash": -1515696689, "ip": 3695852988, "isp": "Korea Telecom", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (SAMJUENG-293871) [::ffff:192.168.0.8] EUC-KR\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR RETR2 STOR \n STOU APPE REST ABOR USER PASS ACCT* REIN* \n LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "5faf2928ceb560cb4276cc1b4660b2d763cc6397", "ptr": true, "id": "e40a0a69-52c8-48e8-8448-bc489dfb4e72", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Seoul", "region_code": "11", "area_code": null, "longitude": 126.97829999999999, "country_code3": "KOR", "latitude": 37.5985, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:56:38.767043", "domains": [], "org": "Korea Telecom", "os": null, "asn": "AS4766", "ip_str": "220.74.61.188"}, {"hash": -1841725270, "ip": 1334398117, "org": "OVH SAS", "isp": "OVH SAS", "transport": "tcp", "data": "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 23 Jul 2019 20:54:12 GMT\r\nContent-Type: text/html\r\nContent-Length: 686\r\nLast-Modified: Thu, 27 Jun 2019 07:24:42 GMT\r\nConnection: keep-alive\r\nETag: \"5d146f3a-2ae\"\r\nExpires: Tue, 23 Jul 2019 20:54:12 GMT\r\nCache-Control: max-age=0\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1;mode=block\r\nContent-Security-Policy: default-src 'self'; script-src 'self' https://127.0.0.1:32018 'unsafe-eval'; worker-src 'self' blob:; connect-src 'self' ws: wss:; img-src * data:; frame-src *; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; font-src 'self' data:; media-src 'self' data:\r\nStrict-Transport-Security: max-age=15768000\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nAccept-Ranges: bytes\r\n\r\n", "asn": "AS16276", "port": 5001, "ssl": {"dhparams": {"prime": "a2f2549417360bf007d78be61476f2026b0686d8f4b4bb85440ffbcd351e023e32e486e9d26b4df2b3352488b2b058c9ef590550ac13b2e60543c7e40d5f692f5a0cc64fe5c6fe7610825bd356417893281fa4f05e7ba4c4c6ca45223ecb07c5224de40741bc00b798a69837c9516a980bf6a2fe466cd773cdd33a3551ff2b439e2db8aa9ff3207eaa550f93c7f4e16add99ab35a7b9d819c9f87f15964c986b8c223ddf769397ef8ef560bb53853868ebcdda050a42ba0d9630df3ff904df4561bdb662f59f176a936ef2ce7b323c07caa99c7661b96c4ea6885fed77d0903cbe789ac2e4a1039c240f2718fc0204bdb7896660734e915438638d9a8375c1fb", "public_key": "7378927d4f82f841d75539b44aa8e397a8b45843ed7e41ec726eaaedb2cbfcafb23e5af12e07acd4876d5d222b3f71027d446751203f33dad34d58f0f65e223865a203fdd3e33ecaeb8669ae85fde77dc5646aecf652b3792344cfce8cbddd078d497b61b67702e310b7464848c663bb457946e4e5a32476f368fc1b40f212c3c6428eacfa11f1d4db7f9d6484fdf0a06c69c5d17560b6417dcadb426b0e1a94f4aa4b16ad3476183beb8bed6891015b5a420fb15c8f075d2a084ae2a409b2c76a7818a4d69754eb85b52ac8258255419ed90faae3e2e971387f4ad4deb379ee0dccbb6bb230356bab849c6b3f7f5a14cd1ebfba22edcfcc25faef627c0d8845", "bits": 2048, "generator": "492257a047d26d992343f5d894c3ce0425947f042f5569f1f936100902d6a38042bca2a0e61e523d7bdf4db4fb62c935e5743fb012d48ab61e6020c37cb6ff07e9316ec0d9dcb2bf1899002828345403f06e13253c89f1170e112823cb774d613a67faea0a7c3ce549e83ad2f603934aefc407d3ce0272c19b0c217f527cf389b389c00049915f328e25dafa2a20be4a2aaffd6f62af3459f7c247f191ad95e78584093e2c76ad65b0400c2e5f7ff298c8725c7bcea86f52d9a28b773311b6be636558ab250c94a91736e68349e8f7c08ba6d2dc82ab9c7d72597f5015924485495909cd4afda1ccaf4440c99c0d55e9d294cc2e24eda630f33de5443cbcfac7"}, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 35, "name": "SessionTicket"}, {"id": 5, "name": "status_request"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20190603030936Z", "expires": "20190901030936Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 2, "extensions": [{"critical": true, "data": "\\x03\\x02\\x05\\xa0", "name": "keyUsage"}, {"data": "0\\x14\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x01\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x03\\x02", "name": "extendedKeyUsage"}, {"critical": true, "data": "0\\x00", "name": "basicConstraints"}, {"data": "\\x04\\x14}\\xfb\\x1f~v\\xfc\\xdd\\x9b\\xd5\\x8d\\xc0\\xd7#\\xf1\\x9ca\\x9d\\x1c)f", "name": "subjectKeyIdentifier"}, {"data": "0\\x16\\x80\\x14\\xa8Jjc\\x04}\\xdd\\xba\\xe6\\xd19\\xb7\\xa6Ee\\xef\\xf3\\xa8\\xec\\xa1", "name": "authorityKeyIdentifier"}, {"data": "0a0.\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x01\\x86\"http://ocsp.int-x3.letsencrypt.org0/\\x06\\x08+\\x06\\x01\\x05\\x05\\x070\\x02\\x86#http://cert.int-x3.letsencrypt.org/", "name": "authorityInfoAccess"}, {"data": "0\\x10\\x82\\x0estumaco.3cx.be", "name": "subjectAltName"}, {"data": "0C0\\x08\\x06\\x06g\\x81\\x0c\\x01\\x02\\x0107\\x06\\x0b+\\x06\\x01\\x04\\x01\\x82\\xdf\\x13\\x01\\x01\\x010(0&\\x06\\x08+\\x06\\x01\\x05\\x05\\x07\\x02\\x01\\x16\\x1ahttp://cps.letsencrypt.org", "name": "certificatePolicies"}, {"data": "\\x04\\x81\\xf1\\x00\\xef\\x00v\\x00oSv\\xac1\\xf01\\x19\\xd8\\x99\\x00\\xa4Q\\x15\\xffw\\x15\\x1c\\x11\\xd9\\x02\\xc1\\x00)\\x06\\x8d\\xb2\\x08\\x9a7\\xd9\\x13\\x00\\x00\\x01k\\x1b\\x87>\\xbf\\x00\\x00\\x04\\x03\\x00G0E\\x02 `Y~\\xbf\\xa5\\xbdH\\x1d\\x12Wno\\xb7(\\x16~\\x8fL\\xe8`\\xbb\\x16\\x9c\\x14\\xcf\\xeb\\xe5K8\\x8a\\x18\\x19\\x02!\\x00\\xf1t\\x1d(M7\\x089\\x11\\xd3\\xe1\\xbc\\xc2\\xe0\\xdb\\x05\\xab\\x8e\\xb4\\xf9\\x95\\xf0\\xf07p\\xe6\\xfc\\x7f\\x0cuZ\\xef\\x00u\\x00)\"\\x00\\x00\\x04\\x03\\x00F0D\\x02 S\\xcaA\\x95\\xf3i\\xc10\\tjt\\xda\\x06\\xceq\\xdf\\x87\\x7f\\xe4\\xb8\\n\\xb7\\xd8+\\xd0\\xc7\\x00\\xa1\\xc6L^\\x06\\x02 7\\xd04\\xc5\\x98>\\xea\\x89\\xf1\\xa3\\xd2\\x82\\x9b;)O\\xe8\\xdd\\xd4!\\xc3ny\\x85~\\xb9\\xbf%v.5z", "name": "ct_precert_scts"}], "fingerprint": {"sha256": "61fb5a1651b92fe04658a3c394baa3db04cdd0e519da950a3272a3181263e3ea", "sha1": "4c6622827ff0cc2087e0ee9049262689aee8dbe1"}, "serial": 273851106545169630403601129405239636395627, "issuer": {"C": "US", "CN": "Let's Encrypt Authority X3", "O": "Let's Encrypt"}, "expired": false, "subject": {"CN": "stumaco.3cx.be"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIFUzCCBDugAwIBAgISAyTGrKPP+OU8FXDXYyhKPgZrMA0GCSqGSIb3DQEBCwUA\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MDMwMzA5MzZaFw0x\nOTA5MDEwMzA5MzZaMBkxFzAVBgNVBAMTDnN0dW1hY28uM2N4LmJlMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYLXV9ww4IH5WpVkPY45yumnsE8cnvj1\n2+SR/HpD9YezjuUULuTCv/Q4PK/9nRGOxzUvQyCFJb4v2YzBXTfMJmVfGkwkB0IW\nUD7HR0Alk/8H87AtCZhtzwWxIeJ0hn8Gmm55jNJAFs+Ko/0qLS/FwU/5hPsrT8Ki\nW93QNKUBFXBie+FXwdbbH406N5611v+25BLpXUsOLHj6LYFuUz7Uij9mdYOPLCmI\nxW/TxKfoXO/cm93nCWR7ronGw54pJHutdFL6cnT5NScNRug0LuDE2nFhk57HtnUJ\nyErJoy9HdL89pR7nMl+t7Y6Qmm0e+oPOjXRM79wH5r80ZIJSbQyeuwIDAQABo4IC\nYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF\nBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBR9+x9+dvzdm9WNwNcj8ZxhnRwp\nZjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRj\nMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5v\ncmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5v\ncmcvMBkGA1UdEQQSMBCCDnN0dW1hY28uM2N4LmJlMEwGA1UdIARFMEMwCAYGZ4EM\nAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0\nc2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAb1N2rDHwMRnY\nmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFrG4c+vwAABAMARzBFAiBgWX6/pb1I\nHRJXbm+3KBZ+j0zoYLsWnBTP6+VLOIoYGQIhAPF0HShNNwg5EdPhvMLg2wWrjrT5\nlfDwN3Dm/H8MdVrvAHUAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgA\nAAFrG4c+IgAABAMARjBEAiBTykGV82nBMAlqdNoGznHfh3/kuAq32CvQxwChxkxe\nBgIgN9A0xZg+6onxo9KCmzspT+jd1CHDbnmFfrm/JXYuNXowDQYJKoZIhvcNAQEL\nBQADggEBAIQDj8ZqMX11Dy3nEZsuHr3WtdwnIRlHimYATzT30aRz1ILMqaHuYjwl\nzQMj69qSmLH8wsbjjQ+32oJbdLIBX+W//P/lpDwpTLZ1ABe1uHwAU1gJUISqoFy5\nKIZt3GtnIvhfjKEjfBXQhSng6eWS6Y7x7DRBMB+qaJaurLUZDR/TUN3O3pOGQCrM\n1o8oIZJz4D26GG7pou3iDTp59IMkWf/AxtuHFvhz1DaiYqw3voEjWH2dP7hpdYzB\n8pEgwrD5FgLLLVE4nxENRcvtxluIiM7uLnZnxscGvRADP01sZHIpe0M+nF7NSXL4\n06f1xSExGHWaGjtW6hxak1uYoor9hFw=\n-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\nMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\nDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow\nSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT\nGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC\nAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF\nq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8\nSMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0\nZ8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA\na6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj\n/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T\nAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG\nCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv\nbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k\nc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw\nVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC\nARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz\nMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu\nY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF\nAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo\nuM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/\nwApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu\nX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG\nPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\n-----END CERTIFICATE-----\n"], "alpn": ["h2", "http/1.1"]}, "hostnames": ["165.ip-79-137-76.eu"], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 2.3386999999999887, "country_code3": "FRA", "latitude": 48.85820000000001, "postal_code": null, "dma_code": null, "country_code": "FR", "country_name": "France"}, "timestamp": "2019-07-23T20:54:13.035553", "domains": ["ip-79-137-76.eu"], "http": {"robots_hash": null, "redirects": [], "securitytxt": null, "title": "3CX Phone System Management Console", "sitemap_hash": null, "robots": null, "favicon": {"data": "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgEAYAAAAj6qa3AAAABmJLR0T///////8JWPfcAAAACXBI\nWXMAAABIAAAASABGyWs+AAAACXZwQWcAAAAgAAAAIACH+pydAAADfUlEQVRo3s2ZXUgUURTH98OW\nakkpYh+KRSnFrNRQSQItKykLetAKSqQIIsWHyiSjXG0Fc1VKi1ALi9TKtC0zKgMp0MogISItMwoq\nNsM0kyTNdMMe/meEGWbTdfaMnZcfO8Pec8//3nPmfmg1bprJVFra3i78WnoOrI8DA3zdbc89K4kB\n05rBUU1PT2pqcPDUW9Qp61BHClhIAvx+wCvArkYwIV14Ih4QFQSQV7x6EVhj5xVgjgHMPg0GXlTa\nolZpA+IR8C8G65+Ay27wClKrB/cuBH863E0JhSkgtfdpYC51YTCWV4D4q2DSY+GJuymhWAB5xeu6\nwMoIXgEMO8Ajb8CITHdbUJwCUhOPgDkEtG8EIwt5BWmIApOoWPYbJ0oJD6eA1Bxt4IkL4I9uXn9x\no2AK1QatbaKU8LgA8orfDwXLA+jBIR4BdM+o+TBw7XbhjSsh2GaAWAhnE3gyHmy6yeUXNv81aKWF\n2YJwl5LxdkRqXy+DuVQL+oJ4/UUPgQeyQX2VdCZ4vAi6MrFj7SfQ8hK0Pgd1Vh7vA7SA2pMA1tUK\nb1SbAeKUGKOpWVINNm7i9e49AuY8Ahd3qi6AvBDfa8DjD0FHDK/35V/AjB5wpkl1AeStlRYwZ+aB\nzgZef4lGcN9+1WqAKxPXBhPVhsadYGgLr/e2bdM2A+S/yxsqQf8BXu/9VjD/6X+SAoFF4LFo0Khg\nh/9PuwKU3wHtZtUFEI/87G9gFm2fg2J4vTdTjSmuAJ2tqgkgP+V3U/Xf/o7X+2eq/pl0gNIdIryZ\nphSILACPzgINbTx+nGawkIRuqRPeCJ9jdgHEI+9DJ0YWH9C8hde7/S54qUoauGBsn0HJlH8FZNBu\nMM8b1A/zeO+8DW6llWbHdVfnAh6fAfK5vo78pOfxBj6YDFq9hMAn+ocXT0fG5SgBs+mkxtTH669i\nCXhr/HRatRMh8cjrqOqmrQDX/OINvGU1aFsJjlRO9nRYsQDyU34zHXgk03deM8QTeO8pMGs92BXl\nbgseTgFf6kjOWXDuW57A/9DmqYj2Ck2rhDeq3QuIR35GL3iYRiCMKXDB7tEVXBndTY7lT/WOUK8s\ncMFo86bJ8gMN4ZNv0R37UAamktAfY5VejipMgUA6YbE4QGMiT+DDFtDmBF8UeKrlSS+EJJsYOssr\nt4GJ13gCF+w8BX7QjwTpUjrygv0FK7crLMjvW2oAAABZelRYdFNvZnR3YXJlAAB42vPMTUxP9U1M\nz0zOVjDTM9KzUDAw1Tcw1zc0Ugg0NFNIy8xJtdIvLS7SL85ILErV90Qo1zXTM9Kz0E/JT9bPzEtJ\nrdDLKMnNAQCtThisdBUuawAAACF6VFh0VGh1bWI6OkRvY3VtZW50OjpQYWdlcwAAeNozBAAAMgAy\nDBLihAAAACF6VFh0VGh1bWI6OkltYWdlOjpoZWlnaHQAAHjaMzMyAQABPQCdhy3QKAAAACB6VFh0\nVGh1bWI6OkltYWdlOjpXaWR0aAAAeNozNrcAAAFCAKPMZvwvAAAAInpUWHRUaHVtYjo6TWltZXR5\ncGUAAHjay8xNTE/VL8hLBwARewN4XzlH4gAAACB6VFh0VGh1bWI6Ok1UaW1lAAB42jM0MTUxMzcz\nNrMAAAtIAhNXXjtGAAAAGXpUWHRUaHVtYjo6U2l6ZQAAeNozNMpOAgAClgExPX1XPQAAABx6VFh0\nVGh1bWI6OlVSSQAAeNpLy8xJtdLX1wcADJoCaJRAUaoAAAAASUVORK5CYII=\n", "hash": 970132176, "location": "https://79.137.76.165:5001/favicon.ico"}, "host": "79.137.76.165", "html": "3CX Phone System Management Console
", "location": "/", "components": {"AngularJS": {"categories": ["JavaScript Frameworks"]}}, "securitytxt_hash": null, "server": "nginx", "sitemap": null, "html_hash": 1026100908}, "os": null, "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "f68cfe93-4305-4c1d-b871-ca812307ef39", "module": "https-simple-new", "options": {}}, "ip_str": "79.137.76.165"}, {"info": "SIP end point; Status: 200 OK", "hash": 352316350, "ip": 664696693, "isp": "China Mobile", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=35e6d8-0-13c4-19eafa-27fc32f-19eafa\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=241.226.176.195;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer,path\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS9808", "port": 5060, "hostnames": [], "location": {"city": null, "region_code": null, "area_code": null, "longitude": 113.72660000000002, "country_code3": "CHN", "latitude": 34.77250000000001, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:56:28.602060", "domains": [], "org": "China Mobile Guangdong", "os": null, "_shodan": {"crawler": "5faf2928ceb560cb4276cc1b4660b2d763cc6397", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "39.158.119.117"}, {"ip": 1045155680, "port": 21, "transport": "tcp", "ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "PROT": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPRT": {"parameters": []}, "PBSZ": {"parameters": []}, "AUTH": {"parameters": ["TLS"]}, "MDTM": {"parameters": []}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "SSCN": {"parameters": []}, "CCC": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 1597424302}, "version": "1.3.5d", "location": {"city": "Strassbourg", "region_code": "C1", "area_code": null, "longitude": 7.745499999999993, "country_code3": "FRA", "latitude": 48.5839, "postal_code": "67100", "dma_code": null, "country_code": "FR", "country_name": "France"}, "product": "ProFTPD", "hash": 1177046652, "tags": ["starttls", "self-signed"], "timestamp": "2019-07-23T20:57:07.550991", "ssl": {"dhparams": null, "tlsext": [{"id": 65281, "name": "renegotiation_info"}, {"id": 11, "name": "ec_point_formats"}, {"id": 15, "name": "heartbeat"}], "versions": ["TLSv1", "-SSLv2", "-SSLv3", "TLSv1.1", "TLSv1.2"], "acceptable_cas": [], "cert": {"sig_alg": "sha256WithRSAEncryption", "issued": "20160919084753Z", "expires": "20170919084753Z", "pubkey": {"bits": 2048, "type": "rsa"}, "version": 0, "extensions": [], "fingerprint": {"sha256": "d3d6f299c360fd4f4a73098e05dc5f50a8160659e7ba0a416967c93ff861007d", "sha1": "f369d3157a1611a9e0406be798f6102e5c9bc477"}, "serial": 1474274873, "issuer": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}, "expired": true, "subject": {"C": "US", "CN": "Plesk", "L": "Seattle", "O": "Odin", "ST": "Washington", "emailAddress": "info@plesk.com", "OU": "Plesk"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 256, "name": "ECDHE-RSA-AES256-GCM-SHA384"}, "chain": ["-----BEGIN CERTIFICATE-----\nMIIDfTCCAmUCBFffpjkwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw\nEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP\nZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B\nCQEWDmluZm9AcGxlc2suY29tMB4XDTE2MDkxOTA4NDc1M1oXDTE3MDkxOTA4NDc1\nM1owgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH\nEwdTZWF0dGxlMQ0wCwYDVQQKEwRPZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UE\nAxMFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRiP3eCVSQux6TwGViUOZ/mNVbA9es0a\nr0aoDBAnzyjAZ/x75V72W8e2eIZBQEJKb7yRAXdSUIYCqvZloxV3sZ5cPN3/cWZg\nP0YyraInZsnsc5NLVis4JI1JRBiQRaIamqdUxU91CcRU3FrvYyrlti8RYadolWkB\nOIvewiUHsOjiP8kKTD1wSWnPMSplPcsd57xK3CCs6/26ryfq5t5r2kTIb6/kSFzD\nXI8XCpeKYfoqil6haLUORkAYUR541riDPI8mLDvmkzc+hFeNzUPmkuWmWV58d2X3\n3TEztgnAsHYy9t14eXHhTdcC22seSYknENGB81tlpBw87j30D7kZZwIDAQABMA0G\nCSqGSIb3DQEBCwUAA4IBAQAxzINdSaPET8NqG0m1GSiwhyp2HEuObgcG7lBK/wZt\nizy1IuweegFgIeonjhb5qk1BYAlBsvF1j2cFbvzAWGn43PWFFQCajRz8GzG+zB+N\nIy/bOaAm2E7ryMccb/fp3w5JXjWjhSK4F0ib4+T3X6GyjYwspBSUKTZ1xZGszQ7t\nV+jO/rbW2l0nUKJfSj6KrrGS4/eWniUbJQekYFjCoiuduP/jgXMj53RU+5eqzwzK\nAHsuFHFNhP2EkG8mJerpJrzl0yaBtj+9Lz7b41rDmC5YH9uTtwtS1zTw37dX4jCl\nXlQgnY+tf25jyxaTljpLdzzDR0jy+FBrVT37EOoHOP9f\n-----END CERTIFICATE-----\n"], "alpn": []}, "hostnames": ["static-ip-62-75-207-96.inaddr.ip-pool.com"], "org": "HEG Mass", "data": "220 ProFTPD 1.3.5d Server (ProFTPD) [62.75.207.96]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH CCC* CONF* ENC* MIC* \n PBSZ PROT TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n UTF8\n LANG en-US*\n EPRT\n EPSV\n MDTM\n SSCN\n TVFS\n MFMT\n SIZE\n PROT\n CCC\n PBSZ\n AUTH TLS\n211 End", "asn": "AS8972", "isp": "Host Europe GmbH", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5d"], "domains": ["ip-pool.com"], "ip_str": "62.75.207.96", "os": null, "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "b9ea6c95-7f6a-4f93-b341-72a493af74d3", "module": "ftp", "options": {}}}, {"info": "SIP end point; Status: 200 OK", "hash": -779760436, "ip": 1918109633, "isp": "China Telecom Shanghai", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=876528-0-13c4-133952-388a7cf7-133952\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=55.131.127.225;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer,path\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS4812", "port": 5060, "hostnames": [], "location": {"city": "Shanghai", "region_code": "23", "area_code": null, "longitude": 121.3997, "country_code3": "CHN", "latitude": 31.045600000000007, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T20:55:39.608686", "domains": [], "org": "China Telecom Shanghai", "os": null, "_shodan": {"crawler": "b0f0de701beef55d9f52a22b2c071d0ea384bc26", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "114.84.7.193"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1618571074}, "hash": -1931225613, "ip": 2949829034, "isp": "Korea Telecom", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (ipTIME A1004NS-32FEE5) [192.168.0.1]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "d264629436af1b777b3b513ca6ed1404d7395d80", "ptr": true, "id": "5f1acbac-3eea-4a12-811b-9c6ac5323905", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Seoul", "region_code": "11", "area_code": null, "longitude": 126.97829999999999, "country_code3": "KOR", "latitude": 37.5985, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:56:42.366247", "domains": [], "org": "Korea Telecom", "os": null, "asn": "AS4766", "ip_str": "175.210.209.170"}, {"ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "REST": {"parameters": ["STREAM"]}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": -1618571074}, "hash": -1293237434, "ip": 237280399, "isp": "Korea Telecom", "transport": "tcp", "data": "220 ipTIME_FTPD 1.3.4d Server (PHILOSNAS4-AB4A90) [192.168.0.84] EUC-KR\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR RETR2 STOR \n STOU APPE REST ABOR USER PASS ACCT* REIN* \n LIST NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n MDTM\n MFMT\n TVFS\n MFF modify;UNIX.group;UNIX.mode;\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n LANG en-US*\n REST STREAM\n SIZE\n211 End", "_shodan": {"crawler": "c4f6dbc45caa04f64112a93cf20c797b31978655", "ptr": true, "id": "aa9232c2-e8c0-4bf0-b394-13408a1f2e93", "module": "ftp", "options": {}}, "port": 21, "hostnames": [], "location": {"city": "Gwangmyeong", "region_code": "12", "area_code": null, "longitude": 126.4298, "country_code3": "KOR", "latitude": 37.3785, "postal_code": null, "dma_code": null, "country_code": "KR", "country_name": "Korea, Republic of"}, "timestamp": "2019-07-23T20:57:36.650554", "domains": [], "org": "Korea Telecom", "os": null, "asn": "AS4766", "ip_str": "14.36.156.143"}, {"info": "SIP end point; Status: 200 OK", "hash": 1382613839, "ip": 1034270040, "isp": "China Telecom", "transport": "udp", "data": "SIP/2.0 200 OK\r\nFrom: ;tag=root\r\nTo: ;tag=8763a8-0-13c4-1343a9-27f8cf26-1343a9\r\nCall-ID: 50000\r\nCSeq: 42 OPTIONS\r\nVia: SIP/2.0/UDP nm;received=169.129.25.5;rport=26810;branch=foo\r\nSupported: 100rel,replaces,timer,path\r\nContact: \r\nContent-Length: 0\r\n\r\n", "asn": "AS4812", "port": 5060, "hostnames": ["88.181.165.61.dial.xw.sh.dynamic.163data.com.cn"], "location": {"city": "Shanghai", "region_code": "23", "area_code": null, "longitude": 121.3997, "country_code3": "CHN", "latitude": 31.045600000000007, "postal_code": null, "dma_code": null, "country_code": "CN", "country_name": "China"}, "timestamp": "2019-07-23T21:04:36.211709", "domains": ["163data.com.cn"], "org": "China Telecom Shanghai", "os": null, "_shodan": {"crawler": "6ff540e4d43ec69d8de2a7b60e1de2d9ddb406dc", "ptr": true, "id": null, "module": "sip", "options": {}}, "ip_str": "61.165.181.88"}, {"ip": 1839751233, "ftp": {"features": {"LANG": {"parameters": ["en-US"]}, "MLST": {"parameters": ["modify", "perm", "size", "type", "unique", "UNIX.group", "UNIX.mode", "UNIX.owner"]}, "MFF": {"parameters": ["modify", "UNIX.group", "UNIX.mode"]}, "UTF8": {"parameters": []}, "REST": {"parameters": ["STREAM"]}, "EPSV": {"parameters": []}, "MFMT": {"parameters": []}, "TVFS": {"parameters": []}, "EPRT": {"parameters": []}, "MDTM": {"parameters": []}, "SIZE": {"parameters": []}}, "anonymous": false, "features_hash": 599754009}, "product": "ProFTPD", "hostnames": ["65.96.168.109.host.static.ip.kpnqwest.it"], "hash": -376985788, "timestamp": "2019-07-23T20:57:36.272859", "isp": "KPNQWest Italia S.p.a.", "transport": "tcp", "cpe": ["cpe:/a:proftpd:proftpd:1.3.5b"], "data": "220 ProFTPD 1.3.5b Server (ProFTPD) [172.20.2.84]\r\n530 Login incorrect.\r\n214-The following commands are recognized (* =>'s unimplemented):\n CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV \n EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD \n XRMD MKD XMKD PWD XPWD SIZE SYST HELP \n NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC* \n PBSZ* PROT* TYPE STRU MODE RETR STOR STOU \n APPE REST ABOR USER PASS ACCT* REIN* LIST \n NLST STAT SITE MLSD MLST \n214 Direct comments to root@127.0.0.1\r\n211-Features:\n UTF8\n LANG en-US*\n EPRT\n EPSV\n MDTM\n TVFS\n MFMT\n SIZE\n MFF modify;UNIX.group;UNIX.mode;\n REST STREAM\n MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;\n211 End", "_shodan": {"crawler": "b62ffd314c544b826a5d3925d78a3d686e1b0ea3", "ptr": true, "id": "896c0d60-d5ac-4484-b129-7b1602e83446", "module": "ftp", "options": {"scan": "zWOAo5hrdBmn8oyl"}}, "port": 21, "version": "1.3.5b", "location": {"city": null, "region_code": null, "area_code": null, "longitude": 12.109700000000004, "country_code3": "ITA", "latitude": 43.14789999999999, "postal_code": null, "dma_code": null, "country_code": "IT", "country_name": "Italy"}, "vulns": {"CVE-2019-12815": {"verified": false, "references": ["http://bugs.proftpd.org/show_bug.cgi?id=4372", "https://github.com/proftpd/proftpd/pull/816", "https://tbspace.de/cve201912815proftpd.html"], "cvss": 7.5, "summary": "An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306."}}, "domains": ["kpnqwest.it"], "org": "KPNQWest Italia S.p.a.", "os": null, "asn": "AS5602", "ip_str": "109.168.96.65"}], "total": 379512}