GeneralInformation

Hostnames	h4.ski.ru pay.ski.ru static.121.128.181.135.clients.your-server.de
Domains	ski.ru your-server.de
Country	Finland
City	Helsinki
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940

WebTechnologies

Analytics

CDN

JavaScript libraries

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	4.3jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	4.3jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

OpenPorts

22 25 80 443 8001

1703168913 | 2024-04-01T12:59:32.188304

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCe2aEei9aEUAZ1J78sheTyJrqelTnhDtc9hgi2KXNegzkJ
9pdj7IYdTdJ4Ny9WUgRYmPwpZztl9PqI8PWBOi3wChASFd76eS+Gy7MFffB2rC1zLZIRnzjrcqPM
5K2EfZ8Ne5MguNI895LoyQ4+c/qPahi3p2XMdH5Gq20WBwmbEskV+z4KqRb9/KbOFcjAIjwwC3HN
YSqK0qZE8JebQ6rIevzXJln4B8s+Z1HtglR2QMexC2rgelMdaTj/fjzffE/MzJzDixwX3Qs83iKv
jfKrPEO6A9I8eHuojMYP0lYvf5cm1hc9NCV+SLO7t0g+rMpvGqkyFTLdDxcuOedo2e9l
Fingerprint: b6:57:b1:79:3c:c5:67:7c:6f:9c:e6:33:e2:51:03:25

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-475475836 | 2024-04-22T01:38:41.014482

25 / tcp

220 h4.ski.ru ESMTP Postfix
250-h4.ski.ru
250-PIPELINING
250-SIZE 52428800
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:8e:ca:1a:d8:84:9f:2e:d4:ba:80:c5:4a:17:ba:53:c2:2e:e5:10
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=h4.ski.ru
        Validity
            Not Before: Nov 10 09:58:53 2020 GMT
            Not After : Nov  8 09:58:53 2030 GMT
        Subject: CN=h4.ski.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ef:3d:d5:95:25:a4:c8:c5:36:2c:ab:1d:3a:e7:
                    41:b2:bd:81:8b:55:b9:4a:00:81:55:30:99:2e:d4:
                    87:43:2d:e1:7c:4b:11:e9:b1:9c:b7:e9:79:5c:ec:
                    38:d6:fb:de:4a:b1:3a:0c:62:83:4a:bf:78:25:c3:
                    a5:12:99:74:b3:db:7e:f6:54:36:39:3d:2b:2a:92:
                    fd:0e:88:14:78:e2:af:67:79:09:d7:3d:40:76:fe:
                    42:d3:82:35:24:df:79:45:89:ae:21:e5:54:06:95:
                    29:32:5c:69:81:33:47:3a:44:ea:4d:e8:9e:47:13:
                    28:c0:69:67:80:27:b2:fb:b3:d3:55:11:ea:82:a0:
                    6b:fb:d9:fe:84:03:76:3a:dc:2a:39:c3:ca:5e:11:
                    db:16:f0:7b:0e:bc:70:3d:74:77:fb:7a:03:9c:9a:
                    fb:96:af:1a:b1:45:69:94:6e:32:f5:ab:56:75:73:
                    4e:62:61:b8:de:f2:b0:6c:f8:ea:b0:0c:70:35:ba:
                    4e:9d:e0:3d:88:aa:b6:1b:bf:79:7f:9e:f5:15:49:
                    a2:6d:cc:92:11:e0:16:6f:dc:72:af:a0:01:14:1f:
                    86:1f:74:b5:62:bc:44:ba:f1:0f:7c:3c:7a:22:cb:
                    e1:58:f8:14:80:8a:0a:51:77:c7:b6:54:1f:43:4a:
                    8d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:h4.ski.ru
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        48:ce:9f:83:2f:92:57:55:1e:63:d5:d1:99:75:69:09:a2:e1:
        00:fe:38:11:2f:ed:b7:8c:4e:3d:84:01:33:92:ed:2a:3e:3b:
        e9:85:2e:9b:b5:a1:ed:56:fc:84:da:96:6b:87:da:90:b6:d3:
        50:82:f5:a0:4b:6f:0a:f0:01:7e:3a:30:4d:90:76:c6:55:b2:
        49:d8:04:f0:09:9f:17:8b:85:87:34:60:03:3f:d1:67:ba:b9:
        9a:2a:32:a0:15:92:d1:2f:6c:39:c8:4c:85:87:58:1d:f2:2d:
        9d:97:a8:1b:2b:49:07:4e:ca:e9:98:c6:0f:5f:b2:78:6c:f5:
        39:d5:fd:e6:90:dd:17:e1:c7:fc:9f:4e:71:df:3f:11:fe:88:
        ee:80:fc:98:5b:fa:71:09:6f:95:73:68:2d:76:7f:a4:fa:e8:
        24:e2:32:6b:b4:ed:6c:f6:c5:94:13:e1:e0:a2:d7:5a:fd:a2:
        58:e9:17:17:4d:e5:57:d0:fd:87:dd:36:9d:05:e9:0a:73:60:
        c3:bd:aa:9f:8e:14:44:8a:e9:b9:ff:d3:25:54:af:d9:6f:0d:
        78:24:25:f4:c5:03:2b:03:27:16:53:86:16:50:82:3f:43:6e:
        5f:96:5f:7f:44:6e:1c:70:27:d4:e0:42:96:57:19:fb:73:e4:
        34:29:06:74

1765360226 | 2024-04-24T01:06:57.240057

80 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Date: Wed, 24 Apr 2024 01:06:56 GMT
Content-Type: text/html
Content-Length: 548
Connection: keep-alive
Vary: Accept-Encoding

-699860316 | 2024-04-23T14:24:02.303727

443 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 14:24:01 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=93o0comj6enra4mj2r09nhc337; expires=Thu, 23-May-2024 14:24:01 GMT; Max-Age=2592000; path=/; domain=.ski.ru
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: session_id=fa226585a07dc3412965db2696dfa903; path=/; domain=.ski.ru; httponly
Set-Cookie: tirol_no_sticky=1
Last-Modified: Tue, 23 Apr 2024 14:24:01 GMT
Cache-Control: post-check=0, pre-check=0

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:94:4b:8c:84:6d:00:e4:b6:e1:51:27:d6:ad:c9:06:22:77
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 28 17:35:57 2024 GMT
            Not After : May 28 17:35:56 2024 GMT
        Subject: CN=pay.ski.ru
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:12:f6:72:fb:1e:0f:e4:3c:21:c0:c8:58:80:49:
                    60:57:58:f9:1e:51:2b:9c:1b:8b:1a:10:7f:f2:ee:
                    48:35:cf:10:b9:b6:6d:61:fc:63:1d:5f:10:e8:55:
                    48:89:fd:b7:8a:ed:b9:b1:e9:f6:b7:57:b6:f4:4a:
                    e8:d8:1f:09:fa:b3:4f:85:c4:f1:09:72:90:6b:41:
                    c3:63:34:c4:7e:7b:02:bf:2e:11:ea:32:3d:80:ab:
                    4a:d6:bc:32:61:5f:a2
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                66:19:6C:F5:AF:38:C2:D1:95:86:4C:1A:D4:50:D2:69:71:20:E3:D4
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:pay.ski.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Feb 28 18:35:57.484 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:94:A1:A7:AC:36:76:83:C5:96:07:73:
                                E1:0D:C0:93:24:C6:AF:15:06:F0:F5:DF:71:17:6F:40:
                                9D:6C:93:89:36:02:21:00:D2:4C:3A:8E:2E:7B:95:C2:
                                11:3A:12:03:C4:4F:2B:BC:59:83:67:17:B2:DB:AA:20:
                                C0:CB:73:F8:C6:55:25:8C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Feb 28 18:35:57.993 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:49:C8:C9:C0:E1:C5:68:25:AA:3A:2C:24:
                                4A:D1:82:53:BE:54:C6:DE:B7:AB:95:D7:92:01:96:7B:
                                C1:8A:F6:FA:02:20:0A:6D:B2:F3:79:A2:C9:84:BC:E4:
                                37:01:D6:36:C8:05:16:82:96:C7:A6:EE:6B:0E:7A:63:
                                2D:8E:29:5D:E4:03
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4a:8a:eb:50:0f:f0:26:f6:95:b6:d2:d8:ec:48:cc:40:10:3b:
        c5:77:69:e9:68:5a:04:e2:22:14:4c:5f:76:e4:cd:69:a5:68:
        26:d0:bd:87:d0:d0:ca:72:cb:f5:c2:61:13:89:4a:ba:e7:00:
        d0:cd:d1:ba:05:30:47:61:97:85:9e:31:34:fa:86:da:d5:69:
        9f:d9:e0:f9:dd:57:03:c9:93:02:81:7a:4f:ae:27:0a:1e:42:
        45:af:9d:f7:85:74:a0:45:10:4f:04:1f:1d:a5:86:b8:83:19:
        f6:37:33:62:b8:3a:07:9b:9c:aa:3d:c8:4d:a9:96:9a:d3:a1:
        be:f2:40:b6:7c:b6:be:be:2d:53:04:4d:6f:98:57:0b:4b:4b:
        7e:4c:2f:08:fa:8a:65:2a:17:0c:13:99:b2:cb:78:f8:17:e6:
        69:d9:4b:64:5f:b6:cd:3a:9f:61:53:94:54:27:2e:c8:69:2c:
        86:dc:2d:5a:02:d1:47:f9:bd:84:9b:f0:37:e5:8b:db:b5:2d:
        c1:8f:36:77:7b:3d:82:db:66:ae:b2:3d:b8:2e:28:49:4b:53:
        35:41:37:24:f5:3e:3f:3b:da:37:7a:ab:15:00:cc:79:b1:29:
        71:18:0d:d0:93:0a:a9:38:38:62:d4:28:ec:fd:c4:3b:96:ed:
        81:c7:56:59

199333125 | 2024-04-22T01:34:24.392910

8001 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Date: Mon, 22 Apr 2024 01:34:21 GMT
Content-Type: text/html
Content-Length: 650
Connection: close

135.181.128.121

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1703168913 | 2024-04-01T12:59:32.188304
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u1

-475475836 | 2024-04-22T01:38:41.014482
25 / tcp

Postfix smtpd

1765360226 | 2024-04-24T01:06:57.240057
80 / tcp

nginx

-699860316 | 2024-04-23T14:24:02.303727
443 / tcp

nginx

199333125 | 2024-04-22T01:34:24.392910
8001 / tcp

nginx

Products

Pricing

Contact Us

135.181.128.121

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1703168913 | 2024-04-01T12:59:32.188304 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u1

-475475836 | 2024-04-22T01:38:41.014482 25 / tcp

Postfix smtpd

1765360226 | 2024-04-24T01:06:57.240057 80 / tcp

nginx

-699860316 | 2024-04-23T14:24:02.303727 443 / tcp

nginx

199333125 | 2024-04-22T01:34:24.392910 8001 / tcp

nginx

Products

Pricing

Contact Us

1703168913 | 2024-04-01T12:59:32.188304
22 / tcp

-475475836 | 2024-04-22T01:38:41.014482
25 / tcp

1765360226 | 2024-04-24T01:06:57.240057
80 / tcp

-699860316 | 2024-04-23T14:24:02.303727
443 / tcp

199333125 | 2024-04-22T01:34:24.392910
8001 / tcp