GeneralInformation

Hostnames	jenkins.flexilink.ru v2255054.hosted-by-vdsina.ru
Domains	flexilink.ru hosted-by-vdsina.ru
Country	Russian Federation
City	Moscow
Organization	VDSINA VDS Hosting
ISP	Hosting technology LTD
ASN	AS48282

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 9000 9001

802926777 | 2024-04-19T20:31:28.398587

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOMbgqQteogzBYR4H+pm7cIQ
wiLAIc4W+icYixBPOmzUm7egcmdd9TnsPiiKmmml0MVZVXIT/WFYEbhcWfV2Cso=
Fingerprint: 54:68:1c:b1:d1:87:5d:47:1c:55:87:bf:e2:5c:27:e6

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1878844030 | 2024-04-25T15:03:33.178888

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 25 Apr 2024 15:03:33 GMT
Content-Type: text/html
Content-Length: 802
Last-Modified: Thu, 04 Apr 2024 07:56:37 GMT
Connection: keep-alive
ETag: "660e5d35-322"
Accept-Ranges: bytes

-567194451 | 2024-04-02T18:27:58.915031

443 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 02 Apr 2024 18:27:58 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.2d59f2c1=node0h2ov9poqftlz1r2atdzkd58rd75.node0; Path=/; Secure; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Hudson: 1.395
X-Jenkins: 2.426.3
X-Jenkins-Session: cdbabf6f

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:89:b3:66:ef:bc:e8:ba:15:3a:8f:51:6c:1d:ee:53:31:d6
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 15 16:26:12 2024 GMT
            Not After : May 15 16:26:11 2024 GMT
        Subject: CN=jenkins.flexilink.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e1:26:21:37:df:26:44:f2:81:8c:23:fd:5f:d3:
                    84:23:71:7f:49:2a:5d:c3:2b:99:16:bb:49:2e:53:
                    6e:c8:e8:62:96:21:54:8e:8a:c4:9b:97:70:b3:54:
                    44:a3:fa:6b:e2:13:31:f3:74:a7:0b:82:9a:da:ea:
                    7b:ec:9b:a8:78:2e:e8:3e:f8:f0:b2:c9:14:6b:78:
                    39:d9:69:cf:52:13:ef:6d:67:24:bd:d2:47:2f:47:
                    06:f2:65:0f:de:92:81:31:9f:73:a0:46:d7:b8:35:
                    21:25:50:68:e8:12:15:61:83:e5:76:f6:13:88:7c:
                    ac:c3:cd:cc:b7:7d:7b:b4:ca:f6:45:77:8b:75:f6:
                    08:bd:09:47:b9:24:5d:a8:88:7b:56:ba:f6:4a:28:
                    54:9e:51:27:1a:4b:48:a0:02:75:78:e9:ca:e1:38:
                    de:e5:8f:84:9d:93:15:2e:51:ad:e1:0b:5b:89:12:
                    65:18:5b:bd:78:73:b8:b2:f5:f0:91:41:0e:36:34:
                    a3:ac:cf:bc:d0:8b:52:93:5c:eb:4e:27:e0:01:8c:
                    fc:fa:b0:96:96:2d:7e:78:aa:d2:8c:46:3a:2f:43:
                    a6:8f:eb:91:7e:97:70:7e:7b:d9:0e:84:a2:0d:d1:
                    47:bf:92:8a:a7:72:2e:79:53:07:25:9e:54:49:fe:
                    9e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                C9:2B:4C:4A:DB:92:C8:3F:14:19:4D:87:6D:65:1E:85:B5:10:C6:5E
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:jenkins.flexilink.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Feb 15 17:26:12.396 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:9F:0A:0F:1E:BF:3C:D6:5D:F9:FD:03:
                                E2:FD:DB:C9:9B:6F:4D:0A:F5:08:2F:0C:D3:F5:81:99:
                                6B:44:99:93:75:02:20:37:85:05:7F:40:5F:65:E4:A3:
                                0A:1A:6E:4B:C5:09:98:7F:28:25:07:FC:63:8E:4E:6E:
                                4B:51:73:B6:84:3D:F8
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Feb 15 17:26:12.400 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:BB:A5:68:99:1A:A5:D6:E9:72:3D:6D:
                                AE:E4:86:FE:00:10:9C:C9:DB:95:E1:E5:6F:2C:56:7F:
                                B1:D7:8C:10:7B:02:20:29:E1:CB:F8:2F:BB:EB:E6:CB:
                                12:35:D0:12:6F:A3:3A:BF:3E:23:53:23:06:6E:46:65:
                                9E:47:39:4A:C6:05:13
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        0d:ec:ab:00:33:e1:25:be:ad:c7:ee:ff:88:2a:91:2e:94:7b:
        15:71:fc:21:51:71:36:16:7e:d8:12:3c:63:76:60:7c:b3:e1:
        46:a7:f5:f3:d3:55:ab:6e:20:39:e7:37:d8:bf:a3:87:ea:d3:
        87:bd:88:3d:d0:c4:5d:28:39:c7:c0:c5:64:16:94:d3:f6:ad:
        ca:3b:2e:6b:16:5b:98:43:fa:a6:8a:f6:2d:c8:3f:64:a7:f1:
        5c:15:9c:10:09:ef:52:86:45:a5:9b:b5:01:14:18:41:92:12:
        ce:aa:d6:5f:ec:a5:85:5e:f6:3c:8d:2b:82:08:07:97:ed:26:
        7a:36:c6:c8:a0:a2:82:64:f1:f0:28:eb:ee:6a:19:5a:8d:af:
        fc:8a:64:0a:4c:80:e5:bc:d9:5f:6b:a5:6a:fc:96:ec:02:c0:
        d3:df:fb:03:a7:bf:71:1a:16:15:7a:d2:20:51:cf:92:91:94:
        68:63:f7:65:ba:79:55:36:ec:84:fe:7a:f9:2e:ac:ef:9e:20:
        1e:75:8a:5e:d2:47:5b:f0:bc:cc:d4:79:6a:8f:c3:e0:6f:87:
        04:66:88:6e:2f:29:94:12:35:71:4e:8f:33:c1:8c:e9:66:69:
        d3:51:b7:36:91:31:62:ba:e3:2f:47:03:ec:19:9c:49:07:aa:
        11:11:ef:43

-152023328 | 2024-04-21T12:00:07.835559

9000 / tcp

HTTP/1.1 403 Forbidden
Accept-Ranges: bytes
Content-Length: 254
Content-Type: application/xml
Server: MinIO
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Vary: Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C849CB96683606
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Date: Sun, 21 Apr 2024 11:59:56 GMT

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied.</Message><Resource>/</Resource><RequestId>17C849CB96683606</RequestId><HostId>dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8</HostId></Error>

-1450879114 | 2024-04-25T18:48:15.351620

9001 / tcp

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1310
Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline';
Content-Type: text/html
Last-Modified: Thu, 25 Apr 2024 18:48:15 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: MinIO Console
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Date: Thu, 25 Apr 2024 18:48:15 GMT
Connection: close

<!doctype html><html lang="en"><head><meta charset="utf-8"/><base href="/"/><meta content="width=device-width,initial-scale=1" name="viewport"/><meta content="#081C42" media="(prefers-color-scheme: light)" name="theme-color"/><meta content="#081C42" media="(prefers-color-scheme: dark)" name="theme-color"/><meta content="MinIO Console" name="description"/><meta name="minio-license" content="agpl" /><link href="./styles/root-styles.css" rel="stylesheet"/><link href="./apple-icon-180x180.png" rel="apple-touch-

195.2.67.33

Last Seen: 2024-04-25

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

802926777 | 2024-04-19T20:31:28.398587
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

1878844030 | 2024-04-25T15:03:33.178888
80 / tcp

nginx1.18.0

-567194451 | 2024-04-02T18:27:58.915031
443 / tcp

Jenkins

-152023328 | 2024-04-21T12:00:07.835559
9000 / tcp

MinIO Server

-1450879114 | 2024-04-25T18:48:15.351620
9001 / tcp

MinIO Server

Products

Pricing

Contact Us

195.2.67.33

Last Seen: 2024-04-25

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

802926777 | 2024-04-19T20:31:28.398587 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

1878844030 | 2024-04-25T15:03:33.178888 80 / tcp

nginx1.18.0

-567194451 | 2024-04-02T18:27:58.915031 443 / tcp

Jenkins

-152023328 | 2024-04-21T12:00:07.835559 9000 / tcp

MinIO Server

-1450879114 | 2024-04-25T18:48:15.351620 9001 / tcp

MinIO Server

Products

Pricing

Contact Us

802926777 | 2024-04-19T20:31:28.398587
22 / tcp

1878844030 | 2024-04-25T15:03:33.178888
80 / tcp

-567194451 | 2024-04-02T18:27:58.915031
443 / tcp

-152023328 | 2024-04-21T12:00:07.835559
9000 / tcp

-1450879114 | 2024-04-25T18:48:15.351620
9001 / tcp