GeneralInformation

Hostnames	cobalt.locum.ru
Domains	locum.ru
Country	Germany
City	Frankfurt am Main
Organization	Variti+ LLC
ISP	KKM IT Limited
ASN	AS60922

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443

1316477620 | 2024-04-27T04:14:35.669643

80 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Date: Sat, 27 Apr 2024 04:14:35 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive
Keep-Alive: timeout=15
Vary: Accept-Encoding
X-VARITI-CCR: 33582783:1
Set-Cookie: rerf=AAAAAGYse6tV5nEFAwMdAg==; expires=Mon, 27-May-24 04:14:35 GMT; path=/
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

1316477620 | 2024-04-28T18:28:39.206637

443 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.19.6
Date: Sun, 28 Apr 2024 18:28:39 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:fd:4f:c8:68:05:60:17:3d:27:27:6b:81:9b:d8:4f:16:7c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
        Validity
            Not Before: Sep  4 18:45:00 2017 GMT
            Not After : Dec  3 18:45:00 2017 GMT
        Subject: CN=cobalt.locum.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:ae:34:6f:df:1e:82:d5:ed:23:4d:66:b1:96:a2:
                    da:c9:dd:3e:86:4b:7a:75:02:08:19:bf:bf:97:a1:
                    44:57:fd:fb:cd:46:60:a7:b2:5d:70:2b:4c:33:68:
                    97:a7:bd:e5:e5:2d:8c:a3:73:4c:31:01:d2:5f:d8:
                    7f:a7:16:6c:90:31:c4:f3:ad:d0:8d:f0:16:d5:12:
                    af:2a:8b:29:2f:de:8e:7d:4d:ca:55:45:96:07:b2:
                    e1:83:44:27:19:e0:7f:1c:66:eb:02:aa:6e:0a:f6:
                    9b:44:8d:f0:db:37:e6:56:fd:c5:b6:8d:1d:74:67:
                    84:ad:5c:f9:a5:7e:e5:0d:ca:29:67:4d:72:8f:8c:
                    a5:55:95:64:d5:e6:68:f1:82:06:0b:7a:7e:4f:08:
                    32:6c:05:e1:63:39:a8:20:da:61:4c:9c:9a:fa:79:
                    c1:14:e9:08:1e:33:60:61:44:5d:ab:d2:3a:48:ef:
                    5d:cc:e1:2d:61:18:9e:41:b9:4d:70:e4:22:50:ff:
                    2c:55:92:de:cb:cd:0a:c2:22:9e:1c:57:e9:5c:08:
                    08:29:d8:9b:5e:8c:dd:2e:85:8c:dc:f3:43:fb:e9:
                    0b:9b:02:ad:b1:f1:a8:80:2b:5e:15:9b:85:3a:2b:
                    b3:6e:b2:c1:12:7a:1e:f0:ce:f6:f1:5c:c6:fe:62:
                    7f:d8:83:98:50:32:b5:40:c6:07:ef:a8:be:c6:a1:
                    2d:a9:b6:55:f6:95:24:a2:a7:e0:5d:ea:a7:f1:55:
                    6a:72:aa:ab:19:04:2f:1b:5e:4a:92:3d:b5:49:c8:
                    83:68:3a:56:a3:34:71:05:a0:ac:71:c2:a9:3e:7a:
                    a4:3c:90:22:ca:19:f3:9d:15:3f:e1:04:4c:51:4a:
                    67:b7:d4:aa:f0:1e:a3:86:95:30:6a:5f:d4:d2:bd:
                    6e:4b:4a:0a:28:39:ae:f8:1a:f8:81:81:4a:f3:cb:
                    b3:f2:f0:f9:36:73:c8:18:5d:aa:1f:c5:a3:09:d1:
                    b6:dd:64:5d:03:11:1c:9e:ef:e8:24:84:b0:5f:41:
                    b3:2a:17:60:7a:12:34:37:05:1a:e2:6f:75:04:11:
                    83:d6:5b:20:67:99:a7:6f:dc:b6:39:35:32:02:62:
                    70:98:34:ea:90:58:e5:2c:37:26:62:9a:17:53:8f:
                    95:ff:4d:63:a4:db:94:03:3e:dc:ac:ee:20:c0:1f:
                    67:24:76:eb:2a:6f:1b:ff:f1:41:20:b3:47:19:4f:
                    df:91:0f:e7:83:7a:45:25:53:3d:af:11:d3:cf:4a:
                    81:4d:a9:f4:98:8c:68:3b:0a:35:d5:16:08:12:44:
                    67:f5:ab:5e:cc:56:0b:6a:1e:1b:b2:de:cd:13:bb:
                    2f:7d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                30:30:DC:E3:D0:F4:D0:7A:C9:39:DE:9F:27:6E:CC:65:2E:E9:23:8D
            X509v3 Authority Key Identifier: 
                A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
            Authority Information Access: 
                OCSP - URI:http://ocsp.int-x3.letsencrypt.org
                CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
            X509v3 Subject Alternative Name: 
                DNS:cobalt.locum.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
                  User Notice:
                    Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        9b:1c:e3:b2:53:c9:fe:1b:08:86:50:35:7e:f8:51:06:c5:2f:
        ad:44:07:96:63:0f:1d:4d:32:3b:ee:87:4d:c9:f1:41:b4:80:
        9c:f3:05:a3:d1:a5:b0:ef:5c:4f:3e:d2:c2:4e:69:dd:59:6f:
        a7:ab:58:32:35:e5:bf:04:6b:ea:f6:3c:e6:30:ae:23:18:5c:
        ac:42:96:e6:da:09:78:a9:75:89:90:91:fb:fb:f3:02:e4:0f:
        40:b6:de:7f:f8:29:bf:fc:ad:13:0f:06:15:e4:8d:79:cd:49:
        fb:e0:85:84:0d:39:9c:92:34:d5:ad:7f:11:62:cb:90:f4:b1:
        bd:ed:d9:1f:ab:c2:e6:c1:e3:1b:28:7a:db:4a:d5:f9:b0:f3:
        75:8c:f0:39:9e:02:12:b4:38:b1:53:7c:1d:02:66:1d:b9:dc:
        65:cc:9d:4a:d4:7c:6f:76:7d:70:c5:27:24:24:e7:8c:7e:21:
        8e:c4:84:90:b4:a3:6f:79:56:60:d5:7f:cc:17:f6:0f:a3:4d:
        65:00:52:17:48:47:0b:70:17:f5:9a:cf:4c:45:0f:7c:d4:c2:
        f6:06:f0:30:8d:e8:7b:70:fe:21:43:cc:3b:55:d8:6a:a2:35:
        48:46:fc:2e:9a:97:35:1e:bd:1e:fe:95:4c:3b:6d:08:7d:3c:
        72:0a:e8:25

185.165.123.216

Last Seen: 2024-04-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1316477620 | 2024-04-27T04:14:35.669643
80 / tcp

nginx

1316477620 | 2024-04-28T18:28:39.206637
443 / tcp

nginx1.19.6

Products

Pricing

Contact Us

185.165.123.216

Last Seen: 2024-04-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1316477620 | 2024-04-27T04:14:35.669643 80 / tcp

nginx

1316477620 | 2024-04-28T18:28:39.206637 443 / tcp

nginx1.19.6

Products

Pricing

Contact Us

1316477620 | 2024-04-27T04:14:35.669643
80 / tcp

1316477620 | 2024-04-28T18:28:39.206637
443 / tcp