GeneralInformation

Hostnames	ahdema.com static.138.89.255.185.clients.irandns.com mail.niku.life
Domains	ahdema.com irandns.com niku.life
Country	Iran, Islamic Republic of
City	Deyr
Organization	Green Web Samaneh Novin PJSC
ISP	Green Web Samaneh Novin PJSC
ASN	AS61173

WebTechnologies

Analytics

JavaScript libraries

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

53 80 81 443 1337 3001 5432

-1037100561 | 2024-05-03T00:24:26.847378

53 / tcp

9.16.48-Ubuntu
Resolver name: ubuntu20

-1037100561 | 2024-05-02T07:53:47.723519

53 / udp

9.16.48-Ubuntu
Resolver name: ubuntu20

677579724 | 2024-05-02T23:01:16.740977

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 02 May 2024 23:01:16 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

370564722 | 2024-05-03T00:37:40.614491

81 / tcp

HTTP/1.1 200 OK
Host: 185.255.89.138
Connection: close
X-Powered-By: PHP/8.3.6
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, private
Date: Fri, 03 May 2024 00:37:39 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjdUNnlncS9NWjF3REpkSVRPYVorQ3c9PSIsInZhbHVlIjoiU2pFSXozdXk3U0ZGZWgxVXJJWVpONGh4bzZNUkdySHBLOXVWN2xaQks5TUwvZG5zTlQ4MjJ5OXI2TE54K1NtRElocVpZQUpyRWhQL0hRbHhkWDNNazFXUmRYOHlLR3BxUEwrcnJJR0U4Qy90cVBQdXc2akM4Mzc5Tm1Ga2N4OUwiLCJtYWMiOiIzYWVhNTkzZGJkOGJmN2QzNGMzZjU3ZDYxYWQxNDc5M2FmNjk3NWZjYzM2NTdmYWU2NDVmMDA0NjkzYmM5MzBjIiwidGFnIjoiIn0%3D; expires=Sun, 02 Jun 2024 00:37:39 GMT; Max-Age=2592000; path=/
Set-Cookie: eshghali_session=eyJpdiI6IjZMU1Izd2FHY3Z0dXdmTWhYWHRKcEE9PSIsInZhbHVlIjoiYk5hSkw3dW1LQ2hvSmhwRTZKcnJmMUk3QlJ2cFdmWWNnQ0xrYjlyOXQwcDBHWnNIQUJzelZrZ0lPMHlBcFlCVjBRNGJ0RDgzanRHdnpOZUN6YUZVRDdPakpSVkl0d2JXaWlVUS9PRGJ6WGpFT0Q1T2VUUnZxNzRtSVBWMjd5TzYiLCJtYWMiOiIwOWFiMzI5NWUyZDBiZTA0NjAwYWU1YWEyNWJjYThmMTBiZGZhMmQ0YzEwNjQ3N2RmMmQ3ZDBlNWYwOGU3ODk0IiwidGFnIjoiIn0%3D; path=/; httponly

-1867323353 | 2024-05-02T15:56:58.475697

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 02 May 2024 15:56:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 168931
Connection: keep-alive
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-nextjs-cache: HIT
x-powered-by: Next.js
cache-control: s-maxage=31536000, stale-while-revalidate
etag: "q0ni3c91iq3lxr"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:36:e7:9d:1c:4d:20:af:75:39:f5:53:a0:65:dc:42:6d:b4
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 11 01:02:10 2024 GMT
            Not After : Jun  9 01:02:09 2024 GMT
        Subject: CN=ahdema.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:be:08:7a:a9:61:8f:5d:4b:da:a6:3e:d9:a7:3e:
                    16:b0:2f:b4:6b:48:f0:54:7e:95:8c:92:ed:b6:39:
                    4b:4d:03:0c:e3:e8:e4:fc:54:73:14:aa:0e:a9:cd:
                    b2:55:65:76:6d:fb:99:e7:0e:d4:a3:eb:ca:ea:d6:
                    f4:2e:75:2d:6d:cd:2a:b0:6a:80:8f:c7:bc:d8:ce:
                    b3:35:7c:77:fc:d6:f0:db:41:2e:41:23:19:7e:8b:
                    eb:ca:c2:9c:bd:5c:76:e1:ca:3d:e9:81:e1:ef:c8:
                    55:1e:1b:11:95:6d:1e:b8:89:b1:85:3d:5a:51:13:
                    11:35:21:f3:26:69:92:9f:4e:e3:e2:8c:8e:f5:83:
                    8f:3e:c2:e6:d1:f0:01:6a:22:ec:71:d8:44:16:aa:
                    f6:e3:42:6f:91:49:14:48:25:42:43:e2:61:a6:aa:
                    5d:8c:c8:12:0d:68:6b:07:f3:1b:c0:00:ea:09:f2:
                    13:3d:4d:9f:5e:2d:45:9f:cf:ba:da:5d:27:dd:07:
                    ce:35:d0:70:bc:53:db:1b:41:da:d9:3f:f9:29:fa:
                    7a:ec:6b:21:41:0e:ce:16:71:ef:9e:2b:2c:90:04:
                    51:07:5c:7b:e9:db:78:ec:0c:2d:78:9f:94:2a:d3:
                    15:36:c4:29:9a:09:f3:d7:c2:4f:d6:f7:22:46:0e:
                    bf:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                26:BE:8C:05:FE:D8:13:EF:DD:19:87:49:FC:AA:7D:49:DD:FB:C1:79
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:ahdema.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar 11 02:02:10.464 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:B6:94:28:FF:E2:05:93:1C:96:85:2C:
                                1C:07:5D:B7:5D:B2:BB:7D:91:6C:F0:42:F2:DE:54:21:
                                30:F1:58:54:30:02:21:00:BA:07:8D:04:B3:29:35:06:
                                9A:CB:08:B4:3F:EB:0A:F5:F5:C8:B2:06:C7:40:26:95:
                                B5:67:E1:BD:15:DB:D7:A0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Mar 11 02:02:10.534 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B5:BB:10:B1:13:F3:68:26:A3:79:F2:
                                9A:A7:22:92:9C:8B:9B:E7:39:95:F7:4D:B6:F8:6B:E2:
                                27:9E:D1:D1:89:02:20:69:6F:2E:4D:35:53:00:EE:9A:
                                AA:A9:31:54:33:4D:F4:E0:D6:23:51:65:DB:FE:2C:1A:
                                C7:27:22:C9:01:A9:63
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2c:7b:13:11:7f:c7:6f:e3:31:63:c6:f5:7d:ba:bc:d6:b3:6b:
        d3:3a:8c:08:01:c5:7f:5a:a0:17:25:8f:8d:57:71:d7:9e:43:
        ac:25:58:6b:6e:ce:c3:9a:95:82:78:e3:f1:f8:60:eb:0d:90:
        f1:1e:1c:1a:50:dc:95:39:69:42:22:f4:c9:8a:b3:d4:3f:d9:
        86:5c:a2:03:1d:63:18:f9:a9:c8:d8:dd:c7:e1:d8:6d:46:bb:
        b8:49:30:a9:7f:b7:b9:d5:c8:74:b0:60:ea:21:47:17:57:56:
        ed:0a:3f:61:b7:66:06:87:5b:ac:6d:21:7f:22:da:42:04:29:
        76:c7:31:8a:74:79:43:f7:90:e1:6b:f5:88:6d:e7:e5:7a:91:
        e0:df:7a:43:64:57:84:f3:35:75:c4:21:c4:ed:a0:59:70:f9:
        b6:d6:a0:2e:54:df:9e:ed:eb:0f:1b:8b:3d:b0:a0:39:d4:ef:
        74:75:9f:10:59:6b:8d:78:13:da:19:1a:33:9b:bd:0a:49:08:
        72:6c:1d:bb:39:32:9c:8a:f0:48:97:d1:46:b2:70:ff:e1:05:
        ac:a5:80:65:3c:cb:a3:b5:c9:40:b2:9d:87:e6:14:c1:dd:73:
        13:5d:4e:a4:23:b5:c7:23:87:97:4e:8e:ad:41:e3:f7:4f:04:
        47:bb:78:fc

535279289 | 2024-05-02T15:00:16.936862

1337 / tcp

HTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.tinymce.com *.tiny.cloud https:;connect-src 'self' *.tinymce.com *.tiny.cloud blob: *.strapi.io;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: dl.airtable.com strapi.io s3.amazonaws.com cdn.jsdelivr.net;style-src 'self' 'unsafe-inline' *.tinymce.com *.tiny.cloud;font-src 'self' *.tinymce.com *.tiny.cloud;media-src 'self' data: blob:;default-src 'self';base-uri 'self';form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none'
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
Vary: Origin
Content-Type: text/html; charset=utf-8
X-Powered-By: Strapi <strapi.io>
Date: Thu, 02 May 2024 15:00:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

cda
<!doctype html>
<html>
  <head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
    <title>Welcome to your Strapi app</title>
    <meta name="viewport" content="width=device-width, initial-scale=1" />
    <meta name="robots" content="noindex, nofollow">
    <link href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css" rel="stylesheet" />
    <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css" rel="stylesheet" />
    <link href="https://fonts.googleapis.com/css?family=Lato:400,700&display=swap" rel="stylesheet" />
    <style>
      *{-webkit-box-sizing:border-box;text-decoration:none}body,html{margin:0;padding:0;font-size:62.5%;-webkit-font-smoothing:antialiased}body{font-size:1.3rem;font-family:Lato,Helvetica,Arial,Verdana,sans-serif;background:#fafafb;margin:0;padding:80px 0;color:#333740;line-height:1.8rem}strong{font-weight:700}.wrapper{width:684px;margin:auto}h1{text-align:center}h2{font-size:1.8rem;font-weight:700;margin-bottom:1px}.logo{height:40px;margin-bottom:74px}.informations{position:relative;overflow:hidden;display:flex;justify-content:space-between;width:100%;height:126px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.informations:before{position:absolute;top:0;left:0;content:'';display:block;width:100%;height:2px;background:#007eff}.environment{display:inline-block;padding:0 10px;height:20px;margin-bottom:36px;background:#e6f0fb;border:1px solid #aed4fb;border-radius:2px;text-transform:uppercase;color:#007eff;font-size:1.2rem;font-weight:700;line-height:20px;letter-spacing:.05rem}.cta{display:inline-block;height:30px;padding:0 15px;margin-top:32px;border-radius:2px;color:#fff;font-weight:700;line-height:28px}.cta i{position:relative;display:inline-block;height:100%;vertical-align:middle;font-size:1rem;margin-right:20px}.cta i:before{position:absolute;top:8px}.cta-primary{background:#007eff}.cta-secondary{background:#6dbb1a}.text-align-right{text-align:right}.lets-started{position:relative;overflow:hidden;width:100%;height:144px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.people-saying-hello{position:absolute;right:30px;bottom:-8px;width:113px;height:70px}.visible{opacity:1!important}.people-saying-hello img{position:absolute;max-width:100%;opacity:0;transition:opacity .2s ease-out}@media only screen and (max-width:768px){.wrapper{width:auto!important;margin:0 20px}.informations{flex-direction:column;height:auto}.environment{width:100%;text-align:center;margin-bottom:18px}.text-align-right{margin-top:18px;text-align:center}.cta{width:100%;text-align:center}.lets-started{height:auto}.people-saying-hello{display:none}}
    </style>
  </head>
  <body lang="en">
    <section class="wrapper">
      <h1><img class="logo" src="/assets/images/logo_login.png" /></h1>
      
        <div class="informations">
          <div>
            <span class="environment">production</span>
            <p>The server is running successfully.</p>
          </div>
          <div class="text-align-right">
            <p>Thu, 02 May 2024 15:00:16 GMT</p>
          </div>
        </div>
      
    </section>

    
  </body>
</html>

0

-1246004407 | 2024-05-02T23:43:55.655683

3001 / tcp

HTTP/1.1 400 Bad Request
Connection: close

-726790289 | 2024-05-02T23:32:04.183211

5432 / tcp

PostgreSQL
fe_sendauth: no password supplied

185.255.89.138

Last Seen: 2024-05-03

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1037100561 | 2024-05-03T00:24:26.847378
53 / tcp

-1037100561 | 2024-05-02T07:53:47.723519
53 / udp

677579724 | 2024-05-02T23:01:16.740977
80 / tcp

nginx1.18.0

370564722 | 2024-05-03T00:37:40.614491
81 / tcp

-1867323353 | 2024-05-02T15:56:58.475697
443 / tcp

nginx1.18.0

535279289 | 2024-05-02T15:00:16.936862
1337 / tcp

-1246004407 | 2024-05-02T23:43:55.655683
3001 / tcp

-726790289 | 2024-05-02T23:32:04.183211
5432 / tcp

PostgreSQL15.2 - 15.4

Products

Pricing

Contact Us

185.255.89.138

Last Seen: 2024-05-03

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1037100561 | 2024-05-03T00:24:26.847378 53 / tcp

-1037100561 | 2024-05-02T07:53:47.723519 53 / udp

677579724 | 2024-05-02T23:01:16.740977 80 / tcp

nginx1.18.0

370564722 | 2024-05-03T00:37:40.614491 81 / tcp

-1867323353 | 2024-05-02T15:56:58.475697 443 / tcp

nginx1.18.0

535279289 | 2024-05-02T15:00:16.936862 1337 / tcp

-1246004407 | 2024-05-02T23:43:55.655683 3001 / tcp

-726790289 | 2024-05-02T23:32:04.183211 5432 / tcp

PostgreSQL15.2 - 15.4

Products

Pricing

Contact Us

-1037100561 | 2024-05-03T00:24:26.847378
53 / tcp

-1037100561 | 2024-05-02T07:53:47.723519
53 / udp

677579724 | 2024-05-02T23:01:16.740977
80 / tcp

370564722 | 2024-05-03T00:37:40.614491
81 / tcp

-1867323353 | 2024-05-02T15:56:58.475697
443 / tcp

535279289 | 2024-05-02T15:00:16.936862
1337 / tcp

-1246004407 | 2024-05-02T23:43:55.655683
3001 / tcp

-726790289 | 2024-05-02T23:32:04.183211
5432 / tcp