GeneralInformation

Hostnames	denisgrim.example.com cloud.grimshop.ru
Domains	example.com grimshop.ru
Country	Bulgaria
City	Sofia
Organization	Relink LTD
ISP	Relink LTD
ASN	AS56577
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443

-1300990507 | 2024-04-02T01:11:15.536635

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQC8KUaK9ukrt/zg0W/f4gXAzvgEd3DnswBf2wKZhkxhqK4i
5WHCQvRh3JfwpTb5HEteX5XApZhXhcL64+ZJ2oE4B3MgejbqH6s2wLg1s9xQ1fcc8GY/FPGqh2g7
jX+Oy8DmgIsRhIC1QkBMP7T9+k+9mx3uYUlppK3LeOZT8GbGB0DZ2E3eHrsh7YphVrvI1zQ3LKXW
mXPWJUOHJMdF2kaDuv5n6mFOwK+TizU3hxue89bLGmIbdbxOTR7nnFOxrsj6UU8wJauBpU6Uxg/8
6w/l/zeaf7ZEnbZfq6/WtcbOH6YhJuIAbioOHD01D3HYnZb3oMRGJWylOmCm2fsnmpOd
Fingerprint: 16:09:69:ee:7c:dd:df:8e:0f:f4:b4:8f:37:fc:f2:8f

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-04-30T14:29:07.092741

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 30 Apr 2024 14:29:06 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 15 Nov 2022 16:48:40 GMT
Connection: keep-alive
ETag: "6373c2e8-264"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

-532667768 | 2024-04-30T14:27:30.057433

443 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 30 Apr 2024 14:27:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: oc_sessionPassphrase=CtB1AioOGrvqaiYf6PQzLmNWbWOK1uZ3TCGqEpTZbyMaDaTGQqrs007cVZ%2FfQDDO34hxRf9HjhW7kX2QuD7ewfBb2Wr%2F7KxsSkEJ1c1nS%2F2ACK%2FSjEi9FPCipkpiUZGN; path=/; secure; HttpOnly; SameSite=Lax
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-TVdyS29xUDVmWXBUVjJyUmoweTFiRFAwakFjWGJOYlJSWCtHcTRsdG5lST06UlVXQm1zU09KNzBITTF1cHZ5VDZHMlhGdlhJNEg1eitGZysyNHVRYnlKUT0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Set-Cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
Set-Cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
Set-Cookie: ocotf4ez1k7c=qef41uo1rfgol9vkti3m7jdv56; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:87:eb:60:0b:ba:98:06:3b:03:56:bf:ec:37:ee:f1:b5:e9
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 19 20:00:14 2024 GMT
            Not After : Jun 17 20:00:13 2024 GMT
        Subject: CN=cloud.grimshop.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b3:bc:9d:1c:90:20:22:f1:81:ff:21:e3:6d:ea:
                    f1:56:55:fd:19:34:9f:56:d9:61:cf:43:b0:a2:34:
                    fb:ee:84:81:fc:e0:10:f1:58:65:bb:2a:9b:e9:24:
                    83:10:58:fc:51:69:1b:ac:66:17:a4:e5:cc:08:e2:
                    0a:53:36:b4:b3:09:a0:11:02:61:fa:78:9d:17:f5:
                    95:0c:f7:9e:b9:6f:48:4f:ff:4f:5c:1d:24:eb:0b:
                    ac:17:b5:54:bb:f7:b4:06:55:52:2d:cb:f5:b5:5a:
                    5b:97:53:e4:e1:92:e6:2c:5d:f3:91:77:b0:da:57:
                    00:38:b3:6c:c6:e1:50:32:22:f6:50:15:ce:6d:e7:
                    90:7a:6f:bb:fa:4a:a0:0f:c6:49:7b:47:5b:58:d6:
                    7d:3a:24:41:3a:4d:6f:a9:60:29:b5:46:0a:b7:ed:
                    fb:2f:73:a2:14:ae:98:14:03:b2:d0:ef:fc:70:99:
                    f4:42:6b:2b:5a:5a:22:77:ef:7c:5c:94:4b:50:9c:
                    d1:66:65:de:9d:00:80:01:92:ae:0a:39:d8:af:70:
                    f3:eb:99:92:24:03:47:99:04:61:88:6c:78:70:d9:
                    d3:52:ac:cf:97:7d:ed:76:d2:2c:de:ea:c8:bb:cc:
                    40:ee:8b:b6:75:d7:0d:9b:6b:c7:06:09:dc:96:90:
                    eb:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                08:51:21:61:FC:E6:CE:89:22:19:99:71:4B:F1:3F:B0:D1:E2:17:20
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:cloud.grimshop.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 19 21:00:14.745 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:CC:F9:05:D9:7F:CA:13:AD:9D:AA:CD:
                                B1:D9:E1:58:92:80:14:CD:77:08:6B:F5:D8:26:B9:B4:
                                05:F0:D7:00:93:02:20:65:37:C3:F5:FC:19:CA:25:42:
                                12:52:11:D4:A8:7F:03:3A:EE:C5:BB:F8:3D:44:0C:3E:
                                E7:28:22:8F:49:8C:3B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar 19 21:00:15.210 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:3E:45:FB:C6:AC:1B:5E:31:2E:BA:FC:5E:
                                44:B5:82:5E:05:2A:81:A9:EE:1C:CF:0D:D9:0C:A1:0F:
                                2F:8A:57:EB:02:21:00:A0:AF:A1:FA:A1:72:1A:F2:83:
                                D0:C7:F0:74:F1:47:C2:3C:44:0C:1C:10:65:6E:92:A2:
                                5B:F2:43:30:12:7C:C9
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5e:a0:3d:fd:58:79:c4:51:fe:49:d2:8f:f6:c7:5e:86:31:e1:
        86:6f:68:0f:e8:89:c4:3d:2f:ff:cf:46:e2:46:b9:d3:cb:c7:
        96:62:ab:7e:59:61:a8:b5:88:f7:f1:1b:90:6e:bb:12:71:22:
        69:82:9a:93:04:bb:9a:ba:ca:8b:da:72:82:2c:83:87:14:63:
        00:3d:09:07:61:b9:ab:61:e9:e2:4e:2e:3c:67:14:a8:9b:a5:
        b7:a1:67:85:25:6a:59:97:cd:03:42:11:50:8a:7e:ae:cc:9d:
        37:5b:38:50:8c:4f:47:d8:0c:06:00:90:fe:69:f4:8f:3f:8e:
        b4:1e:4b:07:32:61:32:52:f5:c9:7b:99:98:8c:6f:d0:79:d6:
        8c:f2:68:10:8a:a5:dc:e9:13:02:c9:d8:50:5a:a6:42:5c:89:
        37:fd:08:24:02:ee:6f:71:05:38:63:90:a1:9a:a9:d9:d6:a0:
        1b:26:2d:23:f1:5b:05:d0:e1:82:d3:e5:6b:b5:2a:af:75:d4:
        9e:7b:00:33:79:e4:70:8d:52:de:13:c5:bf:ed:cb:df:0b:95:
        29:b8:60:0d:f4:a7:06:f8:18:2f:1a:5a:d7:04:3e:9d:1e:fc:
        e3:65:fc:44:53:23:0f:df:0d:36:b1:cb:0f:a8:52:5e:be:6a:
        80:41:f2:73

185.68.93.10

Last Seen: 2024-04-30

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1300990507 | 2024-04-02T01:11:15.536635
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-04-30T14:29:07.092741
80 / tcp

nginx1.18.0

-532667768 | 2024-04-30T14:27:30.057433
443 / tcp

Nextcloud

Products

Pricing

Contact Us

185.68.93.10

Last Seen: 2024-04-30

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1300990507 | 2024-04-02T01:11:15.536635 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-04-30T14:29:07.092741 80 / tcp

nginx1.18.0

-532667768 | 2024-04-30T14:27:30.057433 443 / tcp

Nextcloud

Products

Pricing

Contact Us

-1300990507 | 2024-04-02T01:11:15.536635
22 / tcp

1651973090 | 2024-04-30T14:29:07.092741
80 / tcp

-532667768 | 2024-04-30T14:27:30.057433
443 / tcp