GeneralInformation

Hostnames	gkh43.ru static-pppoe-178-141-253-208.kirov.pv.mts.ru
Domains	gkh43.ru mts.ru
Country	Russian Federation
City	Kirov
Organization	Mobile Telesystems PJSC, Kirov branch
ISP	MTS PJSC
ASN	AS8359

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-9516	6.8Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.
CVE-2019-9513	7.8Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
CVE-2019-9511	7.8Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

21 110 143 443 1723 2000 7443 8080

-1178112597 | 2024-05-07T10:35:12.531459

21 / tcp

220 Welcome to InterFace SPC FTP Server
230 Logged on
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   P@SW   PASS   PASV   PBSZ   PORT   PROT   PWD 
   QUIT   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE
   STOR   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD
   XPWD   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 UTF8
 CLNT
 MFMT
 EPSV
 EPRT
211 End

-1283034168 | 2024-05-06T00:38:34.284842

110 / tcp

+OK POP3
+OK CAPA list follows
USER
UIDL
TOP
.

27672397 | 2024-04-09T21:57:50.789982

143 / tcp

* OK IMAPrev1
* CAPABILITY IMAP4 IMAP4rev1 CHILDREN IDLE QUOTA SORT ACL NAMESPACE RIGHTS=texk
A001 OK CAPABILITY completed
A002 BAD Unknown or NULL command
A003 BAD Unknown or NULL command
* BYE Have a nice day
A004 OK Logout completed

448869817 | 2024-05-07T16:04:34.773337

443 / tcp

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.15.11
Date: Tue, 07 May 2024 16:04:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Language: ru
Location: http://xn--43-plcq9c.xn--p1ai/

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:76:15:57:43:f0:a8:4c:95:7d:e6:5e:3d:97:00:5f:e5:9f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  7 14:06:57 2024 GMT
            Not After : Jul  6 14:06:56 2024 GMT
        Subject: CN=gkh43.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (3072 bit)
                Modulus:
                    00:a8:ac:2d:48:3f:68:18:ff:25:28:ac:0f:11:c0:
                    ee:6f:f4:a4:c9:7a:2e:7e:e2:e3:fe:59:fc:7e:f0:
                    03:56:11:4e:22:c4:4f:a6:24:56:0e:5b:13:4a:b1:
                    46:0f:c0:9a:19:6f:45:d9:61:71:1e:85:1c:8c:01:
                    35:2f:7d:9c:ef:c7:c6:76:5b:4e:fa:24:2c:16:47:
                    48:fd:1d:60:07:03:45:0e:89:ea:78:89:2b:61:4f:
                    c6:f8:4f:a3:17:94:9e:a9:21:1f:55:e5:09:c1:5d:
                    94:59:60:e8:67:17:e0:af:69:ae:91:d9:7a:f2:7a:
                    dd:c6:48:f6:29:49:ae:97:58:08:11:cb:e9:73:d8:
                    ae:b4:0e:4d:52:63:37:48:d7:7d:43:79:15:b9:19:
                    09:0a:70:08:ed:cb:d3:1f:35:29:b2:f1:09:76:ee:
                    8e:25:68:6e:88:de:c5:81:59:cf:7e:30:d7:f5:bb:
                    85:e1:16:09:2c:4a:cf:c2:65:76:2f:dd:96:d4:21:
                    bc:fd:f6:ba:ef:02:0b:67:ee:c3:c8:ae:71:a4:99:
                    90:c4:45:69:19:50:d3:ef:3b:b0:eb:3f:ef:ad:f9:
                    14:ad:34:84:22:9c:91:88:bc:a5:01:98:8b:b1:dc:
                    69:ea:70:42:30:dc:9a:78:4a:65:1e:9e:40:88:00:
                    48:52:2d:2b:f5:f2:9a:ea:c7:3c:e0:c8:08:7a:fb:
                    8a:50:02:9e:18:0a:09:8b:66:b1:5b:e0:59:e6:30:
                    68:34:14:1b:ad:69:4a:ec:ea:4c:83:5f:d6:8c:e3:
                    5a:fb:43:cc:6c:cb:f4:e6:c8:2e:ce:cb:45:4d:2b:
                    c0:de:86:41:85:c5:69:39:fe:c8:2c:09:75:4e:bc:
                    d8:88:31:1a:a5:64:7a:6f:96:23:64:76:91:19:34:
                    ce:58:a6:fc:a1:c6:e9:fd:7e:cc:5d:14:b3:e1:e6:
                    68:70:35:52:cb:8a:e7:e7:f3:0f:13:69:05:00:af:
                    a2:ce:de:f2:fe:87:8c:68:32:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                14:5A:3A:72:45:FC:30:FE:6E:9E:EF:C9:9F:FA:7A:9A:09:65:28:50
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.gkh43.ru, DNS:gkh43.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr  7 15:06:58.112 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E5:8A:8C:94:35:58:44:DC:2B:28:F6:
                                77:44:66:6B:11:D5:34:43:EA:EB:71:66:6D:4F:DF:14:
                                8A:73:A2:90:14:02:21:00:EB:D6:92:E2:E5:D7:63:39:
                                DA:11:B2:3B:C0:78:1C:1A:FD:47:0D:AB:45:0E:02:C1:
                                B3:10:3B:79:51:99:9F:DA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr  7 15:06:58.106 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:EA:34:78:03:94:E0:A7:AB:A9:B8:92:
                                4D:5A:26:D8:46:E6:1D:04:E9:FC:82:06:2F:C3:71:10:
                                9C:C6:9F:30:1C:02:20:7E:20:5D:9B:5F:CA:B3:D8:35:
                                53:E6:5F:BB:CC:D7:34:FB:58:DA:18:90:9B:77:44:E6:
                                EA:5B:9A:E3:6C:C9:BD
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        36:f3:db:53:ca:87:d2:70:9f:8d:e3:96:9f:b8:0b:cf:1c:45:
        88:5b:38:6d:d4:46:4e:45:51:0d:58:b5:80:03:40:b7:b8:99:
        44:55:96:47:33:bb:22:5f:7d:99:1c:9d:12:b6:b4:72:aa:f1:
        50:7a:3a:4e:f4:cb:91:15:db:ba:2e:5f:4c:a5:17:8c:bd:f4:
        5a:98:1f:60:1a:d1:5c:f4:bf:29:12:16:73:d9:4c:11:3c:53:
        02:89:fd:24:db:6f:49:7c:94:40:8a:9c:9e:75:ee:3e:f1:70:
        d0:78:72:55:41:07:85:da:87:7f:2e:2f:29:21:74:93:46:ff:
        1a:39:72:59:58:1d:9c:02:f3:15:12:ee:7b:d4:a4:66:cc:fd:
        cb:7b:20:f0:61:08:e3:93:b1:bc:87:a2:38:7d:35:7a:d1:16:
        2f:94:e6:78:dc:ee:e4:76:15:3a:f0:6c:15:26:da:17:6a:23:
        79:f7:10:03:97:3e:74:08:15:06:93:43:f4:bf:92:00:7d:d4:
        aa:8c:59:b8:8a:15:34:84:aa:43:62:3c:0b:12:19:16:46:4b:
        33:13:73:de:ca:2c:63:8f:1e:3c:2e:02:77:b5:8a:61:9f:87:
        ea:a3:c8:2f:39:1f:73:35:9e:d7:35:2e:9a:f2:44:1c:1f:11:
        b2:45:ec:a3

1692829151 | 2024-04-16T20:37:22.484332

1723 / tcp

PPTP:
  Firmware: 1
  Hostname: MikroTik
  Vendor: MikroTik

-1538260461 | 2024-05-02T15:10:54.085690

2000 / tcp

\x01\x00\x00\x00

0 | 2024-04-19T13:00:19.415342

7443 / tcp

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8076782337134862425 (0x70167ebe3512a059)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=RU, ST=Kirov, L=Kirov, O=Interfase LLC, OU=-, CN=dbsrv.gkh43.ru
        Validity
            Not Before: Apr 15 14:59:08 2023 GMT
            Not After : Apr 12 14:59:08 2033 GMT
        Subject: C=RU, ST=Kirov, L=Kirov, O=Interface LLC, OU=-, CN=dbsrv.xn--43-plcq9c.xn--p1ai
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ad:8e:9e:a3:d1:c0:32:ac:e2:8a:97:3a:bc:38:
                    ea:2b:a2:67:4e:d7:19:8d:c5:8c:3c:57:25:19:11:
                    8e:27:92:c1:01:99:53:67:27:e7:62:9f:e0:f2:1d:
                    23:49:51:ab:69:5e:30:0b:37:9e:28:1f:59:10:e2:
                    10:dd:01:88:8a:61:b1:c5:dd:71:a5:e0:5f:25:9c:
                    b7:a9:d4:30:21:ad:b7:bd:19:f7:7f:36:00:1f:62:
                    50:b2:48:93:a9:ca:ab:82:a2:c3:86:65:a1:ad:e1:
                    ed:5f:a5:e8:0b:57:c4:dd:c1:f3:61:fb:4c:12:bd:
                    e4:9f:a0:82:39:9c:43:ae:81:28:77:df:68:68:71:
                    8b:32:e5:4c:68:7f:f0:7b:3e:a9:a1:be:76:91:35:
                    0f:b9:5a:63:75:9a:6a:df:4e:91:ae:65:09:9b:db:
                    53:6e:60:e2:69:ec:b3:9e:24:a7:7d:f8:8c:8a:14:
                    c6:4e:96:f6:d7:1d:42:18:e7:f2:64:a5:74:30:43:
                    0c:b5:31:b0:81:04:50:32:10:df:d8:2a:95:f4:70:
                    91:9e:91:90:b3:ed:a5:a0:0c:9e:0e:91:6e:26:cf:
                    fb:49:31:7e:46:e9:45:7d:32:0d:55:63:d8:38:56:
                    a4:92:1e:c0:d5:ba:1c:62:80:3d:b3:8d:15:05:44:
                    53:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment, Data Encipherment, Certificate Sign, CRL Sign
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Subject Key Identifier: 
                A1:DF:EC:72:AA:95:16:39:27:DD:7E:09:21:F4:3A:54:67:73:91:64
            X509v3 Authority Key Identifier: 
                51:C0:B4:25:B5:E4:C6:0A:FE:FB:29:76:71:CA:4D:01:FA:C1:3C:33
            X509v3 Subject Alternative Name: 
                DNS:dbsrv.xn--43-plcq9c.xn--p1ai, DNS:dbsrv2.xn--43-plcq9c.xn--p1ai, DNS:dbsrv3.xn--43-plcq9c.xn--p1ai, IP Address:85.93.43.92, IP Address:178.141.253.208, IP Address:92.255.229.82, IP Address:192.168.1.1, IP Address:192.168.11.1
            Netscape Comment: 
                Generated by RouterOS
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        0d:b6:d4:92:b1:e0:ad:9d:43:80:e2:33:36:5d:8b:84:5b:b4:
        31:f1:d8:a4:d6:53:ce:c6:7e:d4:7f:ec:57:2f:88:f8:2c:67:
        f7:0a:65:43:f0:1b:6b:82:ef:2b:6b:8f:74:35:11:04:01:d5:
        18:70:b9:bf:a5:db:6c:ff:43:db:67:b2:5f:f7:7d:54:1b:9a:
        b4:8e:d3:ae:fe:e0:7f:4a:01:f6:6d:db:d0:39:45:82:81:4b:
        8c:b5:d2:59:90:65:48:da:e1:d9:0d:6d:05:2a:92:c9:83:fe:
        ae:4e:ff:62:a8:a3:d8:bc:dd:9c:6b:a6:c3:bc:31:21:06:ee:
        dc:f4:91:04:2f:79:8d:1a:57:12:d9:d6:f6:99:fa:e5:6d:41:
        85:41:5d:f3:13:4d:db:05:5b:48:df:01:95:8f:23:34:48:9f:
        00:be:04:32:94:30:17:d7:84:0e:fb:67:e2:40:50:98:ff:42:
        22:82:b3:21:91:ba:8a:cb:e4:76:90:a7:51:0a:26:4d:c5:2c:
        47:6a:c1:b0:ae:54:15:43:d1:75:67:89:21:fa:67:42:1c:05:
        0b:bb:de:ad:2c:65:b9:c8:4c:29:aa:ff:28:1b:63:65:4a:4f:
        f4:80:f2:92:af:67:56:83:51:90:77:d5:13:85:5f:18:96:4b:
        80:9a:37:8e

-1604239479 | 2024-05-07T09:42:12.466192

8080 / tcp

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.15.11
Date: Tue, 07 May 2024 09:42:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Language: ru
Location: http://xn--43-plcq9c.xn--p1ai/

178.141.253.208

Last Seen: 2024-05-07

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1178112597 | 2024-05-07T10:35:12.531459
21 / tcp

-1283034168 | 2024-05-06T00:38:34.284842
110 / tcp

27672397 | 2024-04-09T21:57:50.789982
143 / tcp

448869817 | 2024-05-07T16:04:34.773337
443 / tcp

nginx1.15.11

1692829151 | 2024-04-16T20:37:22.484332
1723 / tcp

PPTP

-1538260461 | 2024-05-02T15:10:54.085690
2000 / tcp

MikroTik bandwidth-test server

0 | 2024-04-19T13:00:19.415342
7443 / tcp

-1604239479 | 2024-05-07T09:42:12.466192
8080 / tcp

nginx1.15.11

Products

Pricing

Contact Us

178.141.253.208

Last Seen: 2024-05-07

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1178112597 | 2024-05-07T10:35:12.531459 21 / tcp

-1283034168 | 2024-05-06T00:38:34.284842 110 / tcp

27672397 | 2024-04-09T21:57:50.789982 143 / tcp

448869817 | 2024-05-07T16:04:34.773337 443 / tcp

nginx1.15.11

1692829151 | 2024-04-16T20:37:22.484332 1723 / tcp

PPTP

-1538260461 | 2024-05-02T15:10:54.085690 2000 / tcp

MikroTik bandwidth-test server

0 | 2024-04-19T13:00:19.415342 7443 / tcp

-1604239479 | 2024-05-07T09:42:12.466192 8080 / tcp

nginx1.15.11

Products

Pricing

Contact Us

-1178112597 | 2024-05-07T10:35:12.531459
21 / tcp

-1283034168 | 2024-05-06T00:38:34.284842
110 / tcp

27672397 | 2024-04-09T21:57:50.789982
143 / tcp

448869817 | 2024-05-07T16:04:34.773337
443 / tcp

1692829151 | 2024-04-16T20:37:22.484332
1723 / tcp

-1538260461 | 2024-05-02T15:10:54.085690
2000 / tcp

0 | 2024-04-19T13:00:19.415342
7443 / tcp

-1604239479 | 2024-05-07T09:42:12.466192
8080 / tcp