GeneralInformation

Hostnames	freehost.com.ua s56.freehost.com.ua
Domains	freehost.com.ua
Country	Ukraine
City	Kyiv
Organization	PE Freehost
ISP	PE Freehost
ASN	AS42331

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

21 80 443

-1230026400 | 2024-04-24T18:36:57.420683

21 / tcp

220-Welcome to FREEhost.com.ua!
220-HTTP Server #56
220 This is a private system - No anonymous login
530 Login authentication failed
214-The following SITE commands are recognized
 ALIAS
 CHMOD
 IDLE
 UTIME
214 Pure-FTPd - http://pureftpd.org/
211-Extensions supported:
 UTF8
 EPRT
 IDLE
 MDTM
 SIZE
 MFMT
 REST STREAM
 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
 MLSD
 PRET
 AUTH TLS
 PBSZ
 PROT
 ESTA
 PASV
 EPSV
 SPSV
 ESTP
211 End.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:04:ef:05:32:d2:36:54:5c:4b:73:12:14:fc:9a:96
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Jan 29 00:00:00 2024 GMT
            Not After : Feb  9 23:59:59 2025 GMT
        Subject: CN=*.freehost.com.ua
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ca:bb:7a:98:4e:17:7e:4c:65:2a:74:87:9f:41:
                    e7:b4:6c:c6:50:7f:30:06:26:8d:9b:24:58:64:6d:
                    53:09:55:e3:0d:ed:4f:ea:d0:e4:bc:8f:a3:6d:be:
                    24:c3:ac:6e:5b:31:06:48:03:99:53:64:76:c8:74:
                    d8:ea:a7:9a:7b:dd:37:55:4e:93:9d:72:0d:2d:2b:
                    87:80:5a:db:5b:41:b0:4a:29:1b:7f:7c:e2:97:bb:
                    f7:fa:a6:70:47:40:a7:03:c4:71:6f:86:b4:9f:f9:
                    f5:a4:9d:f0:f4:4c:ba:b0:e2:77:b3:f3:b1:fd:a3:
                    c3:fe:e8:a7:21:21:ea:5e:6d:f0:42:b7:db:30:ce:
                    c1:aa:a0:ba:af:d5:d1:4d:78:d1:80:fd:a2:3f:db:
                    00:aa:7b:33:0d:e6:f8:98:7c:4f:1a:4c:0d:01:e7:
                    3c:e9:3d:c9:c7:62:cc:3e:c7:b8:b4:1d:c4:30:65:
                    c6:4b:1f:e9:b0:b7:f5:d0:c9:f7:ea:61:6d:c9:51:
                    ac:b5:bc:66:a1:ee:56:c7:5e:39:bb:e3:98:74:2a:
                    9a:d3:f8:60:a7:49:f5:cc:cd:c2:35:0b:bb:32:df:
                    61:a6:e8:be:e5:71:1d:76:38:26:4a:a4:c0:38:54:
                    08:7d:92:51:ae:0e:1b:70:4b:3b:b6:19:d3:48:7b:
                    09:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                0A:51:27:A9:D1:01:26:31:12:83:5C:7C:65:30:37:2B:B1:E8:01:09
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.freehost.com.ua, DNS:freehost.com.ua
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Jan 29 09:52:00.734 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:3C:88:9F:5B:E2:07:00:8A:7C:D0:21:86:
                                24:72:C8:D7:2C:ED:01:63:4A:A5:53:C5:12:5C:B0:A2:
                                1B:B8:D8:75:02:21:00:F1:28:1F:ED:C9:53:F5:FF:7E:
                                69:4A:97:FC:55:27:E8:55:35:B8:CD:51:49:7C:34:84:
                                48:95:DB:7A:83:09:FF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan 29 09:52:00.794 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:29:54:E6:54:12:3C:8D:64:84:A7:40:A6:
                                6C:86:F5:30:78:55:3D:CF:42:6D:19:56:36:0A:5A:CD:
                                BE:E3:B5:0B:02:20:70:A2:B8:1E:35:71:49:09:6E:43:
                                C2:58:42:3E:99:1A:70:1C:2E:3E:6C:F5:6A:B6:20:69:
                                CB:FA:49:A8:B1:08
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Jan 29 09:52:00.690 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FA:B7:0E:9F:55:02:F3:02:F5:4B:CF:
                                E5:DF:40:8E:3B:E1:72:AA:77:34:C5:D3:8A:2B:54:CB:
                                92:82:D5:C8:62:02:21:00:DC:2E:7B:FF:05:56:20:59:
                                F2:48:90:9D:DA:80:AB:9E:61:74:EA:F8:6E:48:B4:22:
                                64:77:A6:69:6E:5E:3B:BA
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        35:3d:2d:0c:c0:6b:1d:c3:c2:cf:df:e5:ba:50:a0:1a:41:59:
        96:f4:31:f0:53:8a:ae:25:94:3c:13:fd:75:33:75:e6:98:30:
        88:53:4e:8a:c6:cd:9c:b2:a0:a1:bc:72:56:80:19:b6:be:29:
        3b:e4:16:07:76:a8:52:28:82:65:91:c7:9c:57:23:92:b5:14:
        76:b7:56:82:49:10:ac:c1:4b:ed:bf:24:5a:d3:e3:34:b9:46:
        ae:97:8d:c9:23:db:df:74:92:12:88:9d:ac:22:0f:b4:4e:65:
        3d:ff:0a:1a:ab:11:b7:d4:d4:c2:48:62:d4:89:5d:8c:16:6c:
        a8:e0:80:ad:94:ad:82:a8:26:45:4e:35:51:15:7a:18:45:51:
        8b:b5:c9:ab:85:88:63:7f:07:0d:e7:29:d8:ef:0e:ee:b5:0d:
        6f:76:c4:d3:0d:a0:12:62:26:f8:12:bb:d8:85:e9:7d:3d:d9:
        7b:96:81:94:74:65:b3:11:27:c9:6f:d5:44:e0:c8:69:f4:4a:
        6f:2d:79:6a:c6:ff:6e:64:09:fc:3b:0b:30:8c:21:4e:2c:ca:
        35:14:1d:00:2f:7f:22:24:cf:51:01:ee:b2:21:03:d4:8a:29:
        e9:40:aa:80:04:1d:d1:39:86:f6:f5:10:b3:b5:16:8f:56:95:
        d6:06:4d:13

811518620 | 2024-05-06T12:38:52.360967

80 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0
Date: Mon, 06 May 2024 12:38:52 GMT
Content-Type: text/html; charset=windows-1251
Content-Length: 2992
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 26 May 2022 10:02:12 GMT
ETag: "bb0-5dfe748995100"
Accept-Ranges: bytes

1651973090 | 2024-04-21T12:37:00.075199

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 21 Apr 2024 12:36:59 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 14:09:01 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "5e9efe7d-264"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:04:ef:05:32:d2:36:54:5c:4b:73:12:14:fc:9a:96
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Jan 29 00:00:00 2024 GMT
            Not After : Feb  9 23:59:59 2025 GMT
        Subject: CN=*.freehost.com.ua
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ca:bb:7a:98:4e:17:7e:4c:65:2a:74:87:9f:41:
                    e7:b4:6c:c6:50:7f:30:06:26:8d:9b:24:58:64:6d:
                    53:09:55:e3:0d:ed:4f:ea:d0:e4:bc:8f:a3:6d:be:
                    24:c3:ac:6e:5b:31:06:48:03:99:53:64:76:c8:74:
                    d8:ea:a7:9a:7b:dd:37:55:4e:93:9d:72:0d:2d:2b:
                    87:80:5a:db:5b:41:b0:4a:29:1b:7f:7c:e2:97:bb:
                    f7:fa:a6:70:47:40:a7:03:c4:71:6f:86:b4:9f:f9:
                    f5:a4:9d:f0:f4:4c:ba:b0:e2:77:b3:f3:b1:fd:a3:
                    c3:fe:e8:a7:21:21:ea:5e:6d:f0:42:b7:db:30:ce:
                    c1:aa:a0:ba:af:d5:d1:4d:78:d1:80:fd:a2:3f:db:
                    00:aa:7b:33:0d:e6:f8:98:7c:4f:1a:4c:0d:01:e7:
                    3c:e9:3d:c9:c7:62:cc:3e:c7:b8:b4:1d:c4:30:65:
                    c6:4b:1f:e9:b0:b7:f5:d0:c9:f7:ea:61:6d:c9:51:
                    ac:b5:bc:66:a1:ee:56:c7:5e:39:bb:e3:98:74:2a:
                    9a:d3:f8:60:a7:49:f5:cc:cd:c2:35:0b:bb:32:df:
                    61:a6:e8:be:e5:71:1d:76:38:26:4a:a4:c0:38:54:
                    08:7d:92:51:ae:0e:1b:70:4b:3b:b6:19:d3:48:7b:
                    09:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                0A:51:27:A9:D1:01:26:31:12:83:5C:7C:65:30:37:2B:B1:E8:01:09
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.freehost.com.ua, DNS:freehost.com.ua
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Jan 29 09:52:00.734 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:3C:88:9F:5B:E2:07:00:8A:7C:D0:21:86:
                                24:72:C8:D7:2C:ED:01:63:4A:A5:53:C5:12:5C:B0:A2:
                                1B:B8:D8:75:02:21:00:F1:28:1F:ED:C9:53:F5:FF:7E:
                                69:4A:97:FC:55:27:E8:55:35:B8:CD:51:49:7C:34:84:
                                48:95:DB:7A:83:09:FF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan 29 09:52:00.794 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:29:54:E6:54:12:3C:8D:64:84:A7:40:A6:
                                6C:86:F5:30:78:55:3D:CF:42:6D:19:56:36:0A:5A:CD:
                                BE:E3:B5:0B:02:20:70:A2:B8:1E:35:71:49:09:6E:43:
                                C2:58:42:3E:99:1A:70:1C:2E:3E:6C:F5:6A:B6:20:69:
                                CB:FA:49:A8:B1:08
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Jan 29 09:52:00.690 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FA:B7:0E:9F:55:02:F3:02:F5:4B:CF:
                                E5:DF:40:8E:3B:E1:72:AA:77:34:C5:D3:8A:2B:54:CB:
                                92:82:D5:C8:62:02:21:00:DC:2E:7B:FF:05:56:20:59:
                                F2:48:90:9D:DA:80:AB:9E:61:74:EA:F8:6E:48:B4:22:
                                64:77:A6:69:6E:5E:3B:BA
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        35:3d:2d:0c:c0:6b:1d:c3:c2:cf:df:e5:ba:50:a0:1a:41:59:
        96:f4:31:f0:53:8a:ae:25:94:3c:13:fd:75:33:75:e6:98:30:
        88:53:4e:8a:c6:cd:9c:b2:a0:a1:bc:72:56:80:19:b6:be:29:
        3b:e4:16:07:76:a8:52:28:82:65:91:c7:9c:57:23:92:b5:14:
        76:b7:56:82:49:10:ac:c1:4b:ed:bf:24:5a:d3:e3:34:b9:46:
        ae:97:8d:c9:23:db:df:74:92:12:88:9d:ac:22:0f:b4:4e:65:
        3d:ff:0a:1a:ab:11:b7:d4:d4:c2:48:62:d4:89:5d:8c:16:6c:
        a8:e0:80:ad:94:ad:82:a8:26:45:4e:35:51:15:7a:18:45:51:
        8b:b5:c9:ab:85:88:63:7f:07:0d:e7:29:d8:ef:0e:ee:b5:0d:
        6f:76:c4:d3:0d:a0:12:62:26:f8:12:bb:d8:85:e9:7d:3d:d9:
        7b:96:81:94:74:65:b3:11:27:c9:6f:d5:44:e0:c8:69:f4:4a:
        6f:2d:79:6a:c6:ff:6e:64:09:fc:3b:0b:30:8c:21:4e:2c:ca:
        35:14:1d:00:2f:7f:22:24:cf:51:01:ee:b2:21:03:d4:8a:29:
        e9:40:aa:80:04:1d:d1:39:86:f6:f5:10:b3:b5:16:8f:56:95:
        d6:06:4d:13

185.13.5.56

Last Seen: 2024-05-06

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1230026400 | 2024-04-24T18:36:57.420683
21 / tcp

Pure-FTPd

811518620 | 2024-05-06T12:38:52.360967
80 / tcp

nginx1.18.0

1651973090 | 2024-04-21T12:37:00.075199
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

185.13.5.56

Last Seen: 2024-05-06

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1230026400 | 2024-04-24T18:36:57.420683 21 / tcp

Pure-FTPd

811518620 | 2024-05-06T12:38:52.360967 80 / tcp

nginx1.18.0

1651973090 | 2024-04-21T12:37:00.075199 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-1230026400 | 2024-04-24T18:36:57.420683
21 / tcp

811518620 | 2024-05-06T12:38:52.360967
80 / tcp

1651973090 | 2024-04-21T12:37:00.075199
443 / tcp