GeneralInformation

Hostnames	kmgi.cc konanykhin.com www.konanykhin.com
Domains	kmgi.cc konanykhin.com
Cloud Provider	Linode
Cloud Region	us-ga
Country	United States
City	Atlanta
Organization	Linode
ISP	Akamai Connected Cloud
ASN	AS63949
Operating System	Ubuntu

WebTechnologies

Database managers

Databases

JavaScript libraries

Programming languages

PHP

Security

reCAPTCHA

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-7656	6.1jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2018-16845	5.8nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.
CVE-2017-7529	5.0Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
CVE-2017-20005	7.5NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered by the autoindex module.
CVE-2016-4450	5.0os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file.
CVE-2016-1247	7.2The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access to the web server user account to gain root privileges via a symlink attack on the error log.
CVE-2016-0747	5.0The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution.
CVE-2016-0746	7.5Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.
CVE-2016-0742	5.0The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	6.1jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

OpenPorts

22 80 123 443 8080

200883734 | 2024-04-12T17:50:00.634271

22 / tcp

SSH-2.0-OpenSSH_6.7p1 Ubuntu-5ubuntu1.4
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDf47qUbBpxJdgC0BuD83pxZbpMLDPlvX6CgfLBMCrTM51m
3MGG2xMFDqpQ10JrbDpZaj+QELIa9ojb4eFLqlzUYySRtC8MByjohSUL5Uoo6eWVYWOelL6h41v0
WKNgdA9wKadIbZkJU1HbyBd7PjW3Zcfgq/PWwlN/xLHX+T+4nSN8bDuw9MzbPSk6FajF42fcQFxZ
DSo0Xb8qUyfJ0ImsH0bYbW4HrKJmULFoB9ZxerxrVx9HRZ/vjucCm5j0YjEGI/TjL/mSk/X0aqYK
o1DevGR5Z4z/we8LXcQNFSpwHt1HLqGVkhZTBrFHRGLrTG/UblDumyiHGGWjaOXRoxOL
Fingerprint: b9:1b:16:29:f2:20:7f:20:ab:80:8b:7b:ad:bf:2c:97

Kex Algorithms:
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	ssh-dss
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com
	chacha20-poly1305@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-508990247 | 2024-04-18T01:04:43.277527

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.6.2 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=qphm30jlb40qe9e4hgmtevpls6; path=/; HttpOnly
Cache-Control: no-cache
Date: Thu, 18 Apr 2024 01:04:42 GMT
Set-Cookie: hl=en; expires=Fri, 18-Apr-2025 01:04:42 GMT; Max-Age=31536000; path=/

-188495804 | 2024-04-15T10:23:23.459426

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -23
rootdelay: 0.0242309570312
rootdisp: 0.0374755859375
refid: 852310310
reftime: 3922164899.42
poll: 3

1352420988 | 2024-04-19T00:36:45.026677

443 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.6.2 (Ubuntu)
Date: Fri, 19 Apr 2024 00:36:44 GMT
Content-Type: text/html
Content-Length: 193
Connection: keep-alive
Location: https://konanykhin.com/

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:cb:5c:f4:1c:6d:40:ae:db:88:de:bd:59:02:97:b5
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Nov 10 00:00:00 2022 GMT
            Not After : Nov 10 23:59:59 2023 GMT
        Subject: CN=konanykhin.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ca:5c:b6:f2:ff:c8:6a:22:ff:3c:9f:4b:d5:33:
                    7a:39:58:a4:c8:da:c8:7f:f8:e8:c6:5c:9b:08:77:
                    cf:bd:3b:32:d1:42:09:d1:e0:9c:a8:44:1a:6a:14:
                    2a:d1:85:70:50:12:04:22:46:90:26:12:a4:a1:cf:
                    8d:dd:30:43:38:0a:df:f9:c6:de:e4:6d:c0:99:3f:
                    c6:3f:32:77:e4:5c:d9:79:37:cb:fc:c1:5c:f5:aa:
                    e6:a5:4a:d6:a1:c6:57:00:19:18:05:ec:2e:4d:6e:
                    9e:63:06:6d:4d:a1:ff:79:d5:0b:28:dd:e2:98:0b:
                    99:12:8a:85:7b:7f:cb:d4:4a:dc:ab:82:8e:a2:3f:
                    4a:5f:01:ef:15:ae:9d:5c:ae:09:d2:2a:46:75:ae:
                    2b:19:b8:5e:bf:e2:5e:7e:e3:a4:4b:1f:09:c1:db:
                    4c:07:d2:6a:0f:dd:3a:bf:a5:dd:59:1c:f7:5f:0b:
                    9f:e1:bf:54:ec:dd:4b:da:4e:d6:86:79:bd:cf:38:
                    5b:bc:fd:95:59:bd:14:51:97:86:da:72:21:26:17:
                    13:3b:ea:72:cc:b2:31:57:c7:f5:de:70:4f:a8:8b:
                    32:a6:a4:da:bf:bf:65:bb:d7:9a:aa:2a:10:e7:be:
                    4e:8d:da:65:3a:a0:e3:eb:e0:6a:98:53:d3:6c:a4:
                    90:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                D1:CB:04:12:03:84:CA:70:17:3C:64:F8:BA:DF:C0:DB:58:ED:B2:A8
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:konanykhin.com, DNS:www.konanykhin.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
                                B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
                    Timestamp : Nov 10 15:29:30.470 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:EB:CD:E1:41:D6:1E:E5:19:19:45:49:
                                7A:92:70:81:35:97:63:F1:71:49:D6:3C:7D:58:4A:53:
                                6B:30:04:90:92:02:21:00:D3:21:B5:EC:5D:A8:88:4E:
                                63:EA:88:0E:74:04:A3:C1:BD:D1:3F:FD:E1:03:ED:B3:
                                C7:39:7F:0F:EC:14:D6:58
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
                                16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
                    Timestamp : Nov 10 15:29:30.425 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:90:DA:66:76:2F:B2:D9:9B:20:6E:13:
                                4D:32:CE:F9:EB:84:A4:10:8B:01:13:25:54:B3:3B:35:
                                79:18:6E:A3:93:02:21:00:88:1B:01:ED:58:81:0A:B0:
                                07:28:DC:1A:52:9F:FA:89:95:47:39:B2:27:E7:67:38:
                                EB:D7:96:74:08:15:0F:04
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
                                03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
                    Timestamp : Nov 10 15:29:30.371 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:29:5B:5B:57:DB:7D:35:D0:9F:BB:01:22:
                                F5:5B:1C:80:BF:21:30:28:8A:D3:4A:0F:C7:F2:0C:40:
                                B5:28:39:4E:02:20:4F:18:C7:26:7F:E9:57:6F:FB:EA:
                                6B:75:0A:F6:24:6C:C8:C1:46:A1:C7:BD:D3:DC:5A:CB:
                                34:6A:F5:21:54:98
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        01:2a:e6:d4:b8:d3:4a:fd:d4:dc:03:4c:d8:25:16:68:85:94:
        d9:e5:45:89:95:7a:8a:ed:da:45:05:39:a0:49:84:ce:24:6b:
        e6:e2:c6:47:77:80:5b:20:0e:27:62:f0:de:89:54:54:53:71:
        99:d0:53:61:e1:13:ce:d1:74:a6:ff:9b:5c:8e:39:dc:22:02:
        f5:e8:a1:11:f0:d5:9a:39:0e:c5:ab:d4:db:31:ed:a5:1d:d7:
        4c:78:66:5d:5b:34:d4:a2:d7:86:e7:ff:49:1c:a3:30:3c:27:
        53:de:94:3c:1e:14:f3:0a:96:a6:b9:1a:81:f0:1c:4b:97:6a:
        f9:44:74:95:53:ce:7b:4d:44:4d:19:17:f0:84:66:09:a8:22:
        f3:aa:4b:a6:98:52:85:79:87:81:3e:4e:f6:34:2a:3b:75:f2:
        6d:04:9d:a8:24:1f:f3:d2:13:f5:96:b5:83:34:53:58:da:29:
        13:ef:dc:e6:9e:36:66:9f:81:a2:cf:b2:ac:22:12:04:07:a8:
        7e:c4:73:bb:8b:f5:5a:11:18:8f:83:29:1e:b1:de:22:20:f8:
        96:45:47:a6:f7:9e:be:b2:74:26:e4:49:21:d5:7e:18:f8:69:
        09:85:b3:af:fe:ce:13:81:1e:60:f5:93:4d:ec:ed:ef:fb:10:
        10:05:12:ce

-766464177 | 2024-04-15T10:51:08.257442

8080 / tcp

HTTP/1.1 200 OK
Server: nginx/1.6.2 (Ubuntu)
Date: Mon, 15 Apr 2024 10:51:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: pma_lang=en; expires=Wed, 15-May-2024 10:51:08 GMT; Max-Age=2592000; path=/; httponly
Set-Cookie: phpMyAdmin=hq4tb6p09it5b3u16vn684epupf911r6; path=/; HttpOnly
X-ob_mode: 0
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self'  ;script-src 'self' 'unsafe-inline' 'unsafe-eval'  ;;style-src 'self' 'unsafe-inline'  ;img-src 'self' data:  *.tile.openstreetmap.org *.tile.opencyclemap.org ;
X-Content-Security-Policy: default-src 'self'  ;options inline-script eval-script;img-src 'self' data:  *.tile.openstreetmap.org *.tile.opencyclemap.org ;
X-WebKit-CSP: default-src 'self'  ;script-src 'self'   'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline'  ;img-src 'self' data:  *.tile.openstreetmap.org *.tile.opencyclemap.org ;
Expires: Mon, 15 Apr 2024 10:51:08 +0000
Cache-Control: no-store, no-cache, must-revalidate,  pre-check=0, post-check=0, max-age=0
Pragma: no-cache
Last-Modified: Mon, 15 Apr 2024 10:51:08 +0000

173.230.132.153

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

200883734 | 2024-04-12T17:50:00.634271
22 / tcp

OpenSSH6.7p1 Ubuntu-5ubuntu1.4

-508990247 | 2024-04-18T01:04:43.277527
80 / tcp

nginx1.6.2

-188495804 | 2024-04-15T10:23:23.459426
123 / udp

1352420988 | 2024-04-19T00:36:45.026677
443 / tcp

nginx1.6.2

-766464177 | 2024-04-15T10:51:08.257442
8080 / tcp

nginx1.6.2

Products

Pricing

Contact Us

173.230.132.153

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

200883734 | 2024-04-12T17:50:00.634271 22 / tcp

OpenSSH6.7p1 Ubuntu-5ubuntu1.4

-508990247 | 2024-04-18T01:04:43.277527 80 / tcp

nginx1.6.2

-188495804 | 2024-04-15T10:23:23.459426 123 / udp

1352420988 | 2024-04-19T00:36:45.026677 443 / tcp

nginx1.6.2

-766464177 | 2024-04-15T10:51:08.257442 8080 / tcp

nginx1.6.2

Products

Pricing

Contact Us

200883734 | 2024-04-12T17:50:00.634271
22 / tcp

-508990247 | 2024-04-18T01:04:43.277527
80 / tcp

-188495804 | 2024-04-15T10:23:23.459426
123 / udp

1352420988 | 2024-04-19T00:36:45.026677
443 / tcp

-766464177 | 2024-04-15T10:51:08.257442
8080 / tcp