GeneralInformation

Hostnames	bans.next21.ru cmbans.next21.ru
Domains	next21.ru
Country	Russian Federation
City	Moscow
Organization	IP SERVER LLC
ISP	IP SERVER LLC
ASN	AS44812
Operating System	Ubuntu

WebTechnologies

JavaScript libraries

jQuery

Programming languages

PHP

UI frameworks

Bootstrap

Web frameworks

Yii

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

22 80 443 3000 3001 3306 8000

745171181 | 2024-06-08T13:52:12.141187

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDYbL9Nm/3s0ZJV9lVBOEgIe0M6MAur+WNTjNj5BGlsG6Dd
uOlvaIfonITcNKv8f8JwxXil9h32iDWsryseAVD7lGXrKJEkxRCfP7FObyuZ916qIbBSOmuAlNpG
AiR2x/+wU6GkSzoiLd2PkyjdR643RacPT/S8B+AHyZm9+eG2fHFgEXRwF58H/30NmQKk8uErfiHb
8SAqxh9vwnK8B1Pa7pjk/8CayHbpO0bb9tkFVQ6GpPhLEfnZvIpRn1Jk9g+dqO5BTmyzevVyrCVB
BDlOrEwMx30hzwIMTlzsesOdBZfcwkd3z/aoenVEqxW2CDKZLj8x5wLlnIv5kYMuk7Gp
Fingerprint: be:1c:df:9c:06:7c:0a:35:fc:37:14:ee:4d:f9:58:05

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1878671652 | 2024-06-12T18:51:33.374447

80 / tcp

Service

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Jun 2024 18:51:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 330
Last-Modified: Sun, 11 Aug 2019 11:42:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "5d4fff2c-14a"
Accept-Ranges: bytes

CVE-2021-23017 CVE-2021-3618 CVE-2023-44487

-329672969 | 2024-06-01T19:20:30.325461

443 / tcp

СS:Bans 1.3.3

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 01 Jun 2024 19:20:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: YII_CSRF_TOKEN=20231af660c0d717a6a3b6435618ae1ead5b34f9; path=/
Set-Cookie: PHPSESSID=i1761nsm1r081nnhs7i3itok4d; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:60:05:fc:af:78:59:7e:c9:9d:44:27:84:37:4c:fe:8c:34
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 10 04:18:32 2024 GMT
            Not After : Jul  9 04:18:31 2024 GMT
        Subject: CN=bans.next21.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c2:42:ed:05:93:4d:b3:3b:b9:5b:48:b3:6a:d9:
                    6e:24:ee:9e:cd:2e:d3:a5:3d:d3:82:cb:b8:fb:c0:
                    9a:2b:8c:83:6b:22:5f:2b:aa:fa:26:43:7c:26:73:
                    1b:9c:0c:25:01:f8:36:21:6e:e1:64:cb:20:37:ae:
                    67:77:80:24:4c:cc:a9:37:b3:02:e1:b5:9b:7c:94:
                    2c:fb:a3:cb:e4:8f:fd:d1:dc:f1:71:05:78:62:88:
                    ad:0a:2a:af:72:ec:9d:51:28:47:59:5b:c5:f4:cb:
                    39:8d:54:31:0b:24:c3:cf:ad:3a:f8:57:c1:c0:bd:
                    7c:cc:f9:cd:67:47:4a:b9:8b:9a:d3:eb:9e:b0:01:
                    9f:cd:95:08:72:75:2f:4d:58:0c:07:18:83:fc:1c:
                    1b:ff:26:03:a3:01:64:f9:3c:e8:92:59:18:4a:25:
                    50:61:79:fa:28:f3:e2:2d:8a:df:d5:a9:5c:a2:01:
                    6d:00:55:cb:53:a5:68:f0:8e:a4:86:c1:ac:9f:93:
                    a7:12:e2:fa:ac:69:bf:6c:ca:cc:73:48:f0:f2:2a:
                    e3:fa:9a:e1:60:c4:de:91:4f:9b:3d:fb:a7:67:1c:
                    be:f4:c1:a9:aa:79:e0:1f:ee:9e:25:35:a4:1f:52:
                    e7:75:ad:a7:0d:a7:97:74:23:0e:df:06:b1:47:c6:
                    5f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                19:D6:DD:C3:80:96:7C:08:80:85:8C:B7:B4:81:59:9A:4B:6E:FD:DB
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:bans.next21.ru, DNS:cmbans.next21.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr 10 05:18:32.729 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:27:22:F3:CE:79:94:53:D0:60:87:A0:15:
                                42:86:F1:A7:81:F9:93:FF:B5:08:EB:51:0C:63:48:82:
                                BA:1B:E1:2F:02:20:43:01:9F:DD:FC:87:EF:30:09:39:
                                10:FB:53:08:60:11:C1:C7:C6:04:BB:89:02:0F:F5:DD:
                                AE:48:50:10:50:BF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Apr 10 05:18:32.738 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FB:E2:A9:9A:71:C0:00:C3:4C:F1:4C:
                                77:9D:FE:60:2D:C9:1E:10:18:05:B1:CB:77:49:9F:09:
                                84:F4:07:98:C4:02:21:00:FD:05:3F:A9:60:EA:46:A7:
                                DE:58:10:1C:F8:AD:DA:A6:D9:79:DC:0D:07:C7:C0:55:
                                A6:D5:9B:DF:B5:D3:73:71
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5d:85:43:7a:fd:88:5e:80:cc:0a:f4:3e:7e:2b:2f:72:be:30:
        76:1b:7e:b3:ba:63:5a:cb:b7:9f:41:79:13:9c:0c:69:50:a5:
        27:27:48:35:cd:b8:4d:66:1a:32:07:72:86:3a:7e:09:b0:07:
        77:83:49:c4:12:2e:38:c1:48:69:b2:f7:98:1f:33:84:1e:9e:
        1f:22:f3:f9:bf:86:1c:94:35:0e:ca:52:bd:ac:b4:a1:f3:77:
        42:fa:b0:41:6f:36:ad:62:29:17:4f:fc:f9:bb:fd:bc:ed:83:
        64:78:5e:16:41:c5:eb:67:cb:94:6d:67:d6:0a:7f:06:cb:b6:
        4e:77:71:aa:27:75:fe:9e:b4:82:d3:02:70:28:19:8f:3a:16:
        f3:37:94:d9:24:be:96:cf:77:8d:ef:01:3d:50:02:5d:46:02:
        44:ee:ef:16:f6:f9:dc:a3:f6:fd:07:94:03:0d:66:6c:5d:75:
        57:09:e1:18:56:fe:b3:69:9a:e9:ee:cf:bc:29:1d:4d:59:6e:
        cf:06:21:39:bd:a0:c7:fb:e5:93:59:85:86:5c:7f:2b:48:6e:
        30:a1:5c:77:91:07:94:47:53:10:21:55:5c:25:2c:99:d8:83:
        9e:39:ee:81:1a:a0:f7:de:dc:5a:b7:35:cf:f0:2a:99:e8:b0:
        54:41:12:63

CVE-2021-23017 CVE-2021-3618 CVE-2023-44487

-701929927 | 2024-05-29T10:32:40.056065

3000 / tcp

Уведомления серверов

HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 14 Oct 2022 21:13:03 GMT
ETag: W/"303-183d857e734"
Content-Type: text/html; charset=UTF-8
Content-Length: 771
Date: Wed, 29 May 2024 10:32:39 GMT
Connection: keep-alive
Keep-Alive: timeout=5

826190454 | 2024-06-12T16:59:04.181439

3001 / tcp

HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: text/html; charset=utf-8
Content-Length: 3932
ETag: W/"f5c-8uRmdbQmYjcZuz6KGQLzZDwg/d8"
Date: Wed, 12 Jun 2024 16:59:04 GMT
Connection: keep-alive
Keep-Alive: timeout=5

<head>
	<script src="https://www.google.com/recaptcha/enterprise.js?render=6LeveWIpAAAAAMXoJjaPhoAWctEivdKiTH0cplaz"></script>

	<style>
		body {

			font-family: monospace;
			color: #474747;
		}

		body,
		p {
			margin: 0;
		}

		#root {
			width: 100%;
			height: 100vh;
			display: flex;
			align-items: center;
			justify-content: center;
		}

		.logo {
			width: 10rem;
			height: 10rem;
			animation: waiting 2s infinite;
		}

		.status {
			display: flex;
			flex-direction: column;
			align-items: center;
			margin-bottom: 10rem;
			gap: 2rem;
		}

		.status-box {
			display: flex;
			flex-direction: column;
			justify-content: space-between;
			border-radius: 0.75rem;

			width: 30rem;
			height: 10rem;
			border: 1px solid currentColor;
			padding: 1rem;

			background-color: hsl(var(--color) / .05);
			color: hsl(var(--color));

			font-size: 1rem;
			font-weight: 500;
			transition: 100ms all;
		}

		.status-box button {
			border: none;
			font-family: inherit;
			padding: 0.5rem;
			border-radius: 0.5rem;
			background: #00000015;
			cursor: pointer;
			transition: 100ms all;
		}

		.status-box button:hover {
			background: #00000020;
		}

		.status-box[status=loading] {
			--color: 39.25deg 100% 50%;
		}

		.status-box[status=error] {
			--color: 343.86deg 100% 50%;
		}

		.status-box[status=success] {
			--color: 152.78deg 55% 50%;
		}

		.status-message::before {
			display: inline-flex;
			justify-content: center;
			align-items: center;
			width: 1.25rem;
		}

		[status=loading] .status-message::before {
			content: '⌛';
			animation: rotate 2s infinite;
		}

		[status=error] .status-message::before {
			content: '❌';
		}

		[status=success] .status-message::before {
			content: '✔️';
		}

		@keyframes rotate {
			from {
				transform: rotate(0deg);
			}

			to {
				transform: rotate(360deg);
			}
		}

		@keyframes waiting {
			0% {
				transform: rotate(0deg);
			}

			45% {
				transform: rotate(15deg);
			}

			80% {
				transform: rotate(-15deg);
			}

			95% {
				transform: rotate(5deg);
			}
		}
	</style>
</head>

<body>
	<main id="root">
		<div class="status">
			<img class="logo" src="assets/n21.svg" />

			<div class="status-box" status="loading">
				<p class="status-message">
					We are verificating you,
					please stand by
				</p>

				<button hidden onclick="joinServerAgain()">
					I ready to join again
				</button>
			</div>
		</div>
	</main>

	<script>
		function joinServerAgain() {
			location = 'https://discord.next21.ru/';
		}

		grecaptcha.enterprise.ready(async () => {
			const recaptcha_result_token = await grecaptcha.enterprise.execute('6LeveWIpAAAAAMXoJjaPhoAWctEivdKiTH0cplaz', { action: 'verify' });
			const query_params = new URLSearchParams(location.search);

			const response = await fetch('./', {
				method: 'POST',
				headers: {
					'Content-Type': 'application/json'
				},
				body: JSON.stringify({
					recaptcha_result_token,
					request_id: query_params.get('request')
				})
			});

			const message = document.querySelector('.status-message');
			if (!message) return;

			const statusBox = document.querySelector('.status-box');
			if (!statusBox) return;

			const logo = document.querySelector('.logo');
			if (logo) logo.style.animationIterationCount = '1';

			if (response.ok) {
				message.innerHTML = `
					You are successfully pass the verification!<br /><br />
					We are redirecting you back to the server, or you can close the tab
				`
				statusBox.setAttribute('status', 'success');
				location = 'discord://-/channels/477941665638907914';
			}
			else {
				message.innerHTML = `
					Sorry, but the verification was failed:<br /><br />
					Your account is suspicious. Try to disable VPN
					join the server again
				`
				statusBox.setAttribute('status', 'error');

				const button = statusBox.querySelector('button');
				if (button) button.hidden = false;
			}
		});
	</script>
</body>

1682014602 | 2024-06-04T19:30:28.534154

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 8.0.36-0ubuntu0.20.04.1
  Capabilities: 65535
  Server Language: 246
  Server Status: 2
  Extended Server Capabilities: 57343
  Authentication Plugin: caching_sha2_password

1020719484 | 2024-06-01T02:37:11.068112

8000 / tcp

Page not found at /

HTTP/1.1 404 Not Found
Date: Sat, 01 Jun 2024 02:37:10 GMT
Server: WSGIServer/0.2 CPython/3.12.2
Content-Type: text/html; charset=utf-8
Vary: origin
X-Frame-Options: DENY
Content-Length: 2502
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin

185.248.103.225

Last Seen: 2024-06-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

745171181 | 2024-06-08T13:52:12.141187
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1878671652 | 2024-06-12T18:51:33.374447
80 / tcp

nginx1.18.0

-329672969 | 2024-06-01T19:20:30.325461
443 / tcp

nginx1.18.0

-701929927 | 2024-05-29T10:32:40.056065
3000 / tcp

826190454 | 2024-06-12T16:59:04.181439
3001 / tcp

1682014602 | 2024-06-04T19:30:28.534154
3306 / tcp

MySQL8.0.36-0ubuntu0.20.04.1

1020719484 | 2024-06-01T02:37:11.068112
8000 / tcp

Products

Pricing

Contact Us

185.248.103.225

Last Seen: 2024-06-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

745171181 | 2024-06-08T13:52:12.141187 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1878671652 | 2024-06-12T18:51:33.374447 80 / tcp

nginx1.18.0

-329672969 | 2024-06-01T19:20:30.325461 443 / tcp

nginx1.18.0

-701929927 | 2024-05-29T10:32:40.056065 3000 / tcp

826190454 | 2024-06-12T16:59:04.181439 3001 / tcp

1682014602 | 2024-06-04T19:30:28.534154 3306 / tcp

MySQL8.0.36-0ubuntu0.20.04.1

1020719484 | 2024-06-01T02:37:11.068112 8000 / tcp

Products

Pricing

Contact Us

Vulnerabilities

745171181 | 2024-06-08T13:52:12.141187
22 / tcp

1878671652 | 2024-06-12T18:51:33.374447
80 / tcp

-329672969 | 2024-06-01T19:20:30.325461
443 / tcp

-701929927 | 2024-05-29T10:32:40.056065
3000 / tcp

826190454 | 2024-06-12T16:59:04.181439
3001 / tcp

1682014602 | 2024-06-04T19:30:28.534154
3306 / tcp

1020719484 | 2024-06-01T02:37:11.068112
8000 / tcp