GeneralInformation

Hostnames	aviasales.ru
Domains	aviasales.ru
Country	Netherlands
City	Amsterdam
Organization	Servers.com B.V.
ISP	Servers.com, Inc.
ASN	AS7979

WebTechnologies

Reverse proxies

Nginx1.17.10

Web servers

Nginx1.17.10

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443 8081

-1383115666 | 2024-04-24T18:35:13.782425

80 / tcp

HTTP/1.1 301 Moved Permanently
server: nginx/1.17.10
date: Wed, 24 Apr 2024 18:35:13 GMT
content-type: text/html
content-length: 170
location: https://www.aviasales.ru

-1383115666 | 2024-04-24T18:01:21.654716

443 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 24 Apr 2024 18:01:21 GMT
Content-Type: text/html
Content-Length: 170
Connection: keep-alive
location: https://www.aviasales.ru

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:9e:4f:d0:50:4e:e8:b4:19:e6:11:ce:5d:a6:48:81:a3:fe
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 26 22:50:46 2024 GMT
            Not After : Jun 24 22:50:45 2024 GMT
        Subject: CN=aviasales.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bc:b7:11:43:a0:8c:92:68:e9:e1:8d:ce:aa:4a:
                    83:dc:e9:87:3c:69:b4:3a:8b:b6:d9:f8:50:3d:08:
                    87:02:7a:a4:cf:bb:5a:4a:ad:43:d3:5a:f3:cc:50:
                    cb:f7:b8:20:61:3d:36:79:c3:8e:1d:bd:02:ca:37:
                    26:a1:df:c2:9c:b2:00:c2:23:b7:0b:b7:07:7f:26:
                    82:17:79:84:82:ed:97:f6:24:b7:68:5c:f7:56:8e:
                    9c:84:7a:a4:1f:8e:7d:e7:58:cf:b3:be:50:3d:16:
                    1b:6c:4e:b7:e0:91:73:44:86:e2:8e:a1:0c:c3:18:
                    b0:da:f1:70:b5:0e:69:c8:b7:f0:b6:85:51:99:1a:
                    5b:d0:87:a5:82:0f:46:4e:73:f2:16:9a:de:63:74:
                    df:94:68:b2:1a:35:62:61:18:7d:64:92:e8:40:96:
                    6e:30:a8:ef:c2:13:e7:73:9b:33:ac:a3:11:72:00:
                    4a:1d:66:84:c5:03:92:f3:59:21:c4:d4:82:85:73:
                    f6:8a:3e:3a:0e:37:2f:03:22:c8:9b:31:89:9f:1c:
                    61:5a:b9:67:97:96:ad:a0:cf:9b:f3:0a:7e:bc:6e:
                    71:1a:ca:a5:49:87:b8:cc:cc:f2:6a:b1:bc:4b:7b:
                    5b:08:00:3f:46:0b:e2:32:bd:4f:4e:9a:4b:49:2a:
                    5b:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                D0:D4:2A:65:A5:D1:63:EC:0C:CB:6F:9F:2F:5E:81:17:78:16:33:02
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.aviasales.ru, DNS:aviasales.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 26 23:50:46.500 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D8:A2:96:C1:FB:44:DB:CD:4D:2D:0E:
                                B0:31:05:40:FD:61:2C:68:79:84:CE:C7:8E:D8:62:DD:
                                9D:BF:84:04:27:02:21:00:FE:58:3B:C9:75:3B:0A:C6:
                                C3:53:22:AA:0D:34:8D:D9:1C:AC:2F:98:DE:90:C4:D1:
                                1B:B1:6C:71:2E:D0:C9:99
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 26 23:50:46.524 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A5:E0:F8:D4:B4:98:49:7A:2E:28:18:
                                19:0F:15:92:BC:C8:BB:C4:70:13:A9:EC:D7:B0:6C:10:
                                CE:78:8F:5A:31:02:20:6D:62:53:76:07:3B:80:94:B4:
                                19:90:5F:10:1F:72:41:21:1C:F6:AB:73:EA:92:D6:81:
                                66:48:90:DF:54:D2:45
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b1:c3:15:89:1b:a6:8c:e9:e7:60:a5:b1:c9:78:f6:c5:3c:38:
        75:e5:f6:3e:c0:77:7e:80:6c:9e:39:01:96:6b:d0:b2:ce:54:
        8f:a2:94:4c:8d:6b:d8:7e:90:27:cc:4c:05:58:fa:4e:70:cc:
        3b:23:f6:8c:1f:1e:51:23:80:09:b5:50:17:6b:db:f4:e3:5a:
        46:ec:34:ce:f0:8e:3f:3a:b8:76:a3:ba:f3:9c:50:fe:2f:47:
        dc:f9:02:38:18:ff:99:85:a9:76:e1:9a:61:a4:80:cd:11:23:
        5e:ce:fa:c4:68:89:1d:83:62:24:3a:e0:33:72:60:06:f2:bf:
        63:92:f9:b0:15:07:ff:9c:59:b8:0f:a4:6b:b8:58:13:78:82:
        5f:ce:16:f0:bb:2a:d1:ce:35:3c:78:6e:a2:48:ca:f2:5c:85:
        30:f4:e2:f1:6b:62:98:07:07:76:ad:ca:cc:dc:04:79:a7:89:
        68:e6:b8:9e:aa:8c:bd:cd:d2:c9:b4:23:b4:d4:a7:b2:1b:12:
        1b:46:54:ad:de:f6:f9:2f:37:0b:59:1c:3b:60:a6:f7:db:00:
        52:b9:3a:81:5a:5e:0b:4b:8b:8e:97:53:f1:b2:d8:2d:e9:e2:
        62:ad:3e:32:00:64:09:d1:c5:39:b2:3c:e9:e2:35:ce:0c:7a:
        81:9b:40:fd

-590567095 | 2024-04-17T02:05:00.543770

8081 / tcp

HTTP/1.1 503 Service Unavailable
content-length: 107
cache-control: no-cache
content-type: text/html

<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>

185.106.81.236

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1383115666 | 2024-04-24T18:35:13.782425
80 / tcp

nginx1.17.10

-1383115666 | 2024-04-24T18:01:21.654716
443 / tcp

nginx

-590567095 | 2024-04-17T02:05:00.543770
8081 / tcp

Products

Pricing

Contact Us

185.106.81.236

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1383115666 | 2024-04-24T18:35:13.782425 80 / tcp

nginx1.17.10

-1383115666 | 2024-04-24T18:01:21.654716 443 / tcp

nginx

-590567095 | 2024-04-17T02:05:00.543770 8081 / tcp

Products

Pricing

Contact Us

-1383115666 | 2024-04-24T18:35:13.782425
80 / tcp

-1383115666 | 2024-04-24T18:01:21.654716
443 / tcp

-590567095 | 2024-04-17T02:05:00.543770
8081 / tcp