GeneralInformation

Hostnames	api-payform.com
Domains	api-payform.com
Country	Netherlands
City	Amsterdam
Organization	XSServer GmbH
ISP	SkyLink Data Center BV
ASN	AS44592

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-31629	In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
CVE-2022-31628	In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
CVE-2020-11579	5.0An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.
CVE-2017-8923	7.5The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.
CVE-2013-2220	7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
CVE-2007-3205	5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

22 80 443

2050177531 | 2024-04-20T07:15:20.721490

22 / tcp

SSH-2.0-OpenSSH_9.2p1 Debian-2
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCpY4u30uZP1PoQvSz0O6m9D
0fkmTI2c3o60IyGR2841FupgjaVs6zPRKYlD+x1iJLnv/kSIR7VT4b5HcHKXGXA=
Fingerprint: 77:c0:99:98:15:56:07:7a:c0:98:bd:37:1e:ef:30:3d

Kex Algorithms:
	sntrup761x25519-sha512@openssh.com
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-422697190 | 2024-04-19T00:10:24.946159

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Fri, 19 Apr 2024 00:10:24 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://195.62.46.135/

1021999153 | 2024-04-22T06:31:22.346796

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 22 Apr 2024 06:31:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.33
Strict-Transport-Security: max-age=31536000; preload

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:47:6f:2d:10:54:8e:df:53:f1:4f:8d:32:f7:90:1d:da:8d
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb  9 11:58:24 2024 GMT
            Not After : May  9 11:58:23 2024 GMT
        Subject: CN=api-payform.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:5e:1e:27:95:97:62:b5:5d:de:43:13:06:ff:0b:
                    fe:03:34:11:a7:32:85:e5:44:56:3e:93:4e:b3:18:
                    15:3a:86:bf:87:d3:35:5a:27:1d:cb:04:07:45:8e:
                    33:1c:a6:6d:69:0d:08:d8:7b:9a:4b:bd:3d:ee:62:
                    75:f7:3b:ca:9c
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BA:B2:D0:F4:2D:F0:A9:9E:47:0A:09:39:1E:D0:3C:50:A7:D0:E3:77
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.api-payform.com, DNS:api-payform.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Feb  9 12:58:24.497 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6E:0E:E5:03:BD:0F:93:54:69:6E:6E:58:
                                EA:E8:4B:73:71:66:E1:54:30:D8:C9:80:A1:FE:29:4E:
                                7C:D6:7B:79:02:20:20:32:F6:0A:E8:51:82:3C:23:A2:
                                A5:6A:4E:F1:45:B2:28:12:71:AA:66:D0:EE:FD:18:61:
                                63:DA:DF:9A:D4:4C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Feb  9 12:58:24.460 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:7D:D6:B0:0D:A3:71:E5:C7:12:ED:E7:28:
                                C3:35:88:34:F4:99:C3:FB:1C:84:A5:B7:22:10:23:66:
                                89:2B:6C:A3:02:20:25:4E:31:E8:A3:5D:ED:BB:C7:3D:
                                A0:96:8C:9B:47:42:FC:62:0C:32:0E:94:C6:89:A5:64:
                                A1:1E:D2:8A:C0:CC
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        0b:bc:d0:5a:61:2b:77:c8:4a:32:c6:52:e7:08:f2:06:c6:8e:
        7a:30:04:2c:99:24:68:c7:50:36:6f:69:ce:9e:65:8b:5b:50:
        c2:89:53:c8:5a:cd:fb:ca:44:53:60:ca:01:ee:ea:a0:5b:a6:
        d6:82:8f:5a:6b:d6:7c:42:5c:b3:81:8e:24:24:e7:c0:c6:ed:
        e8:7e:87:2e:91:3f:0f:85:bb:5d:00:d9:05:d5:34:5b:7d:51:
        3c:96:dc:1b:a3:3e:0e:01:73:44:dd:4f:b2:56:3b:9a:5b:44:
        b4:15:94:94:d1:cc:47:b2:44:22:84:d1:6f:e5:11:27:ad:b9:
        b9:e7:18:57:0c:64:9a:18:40:0a:8e:68:6c:db:ac:e8:ce:55:
        8e:ac:38:99:ae:80:73:73:63:8c:2b:49:9c:51:28:65:82:66:
        d6:e6:9b:e2:d4:06:c2:13:0b:57:a2:24:c9:f7:64:9c:f8:ff:
        51:96:d5:8c:46:11:cc:21:32:e2:cf:45:6b:20:bb:45:91:d3:
        5a:80:b0:aa:d4:1b:03:f6:0a:a4:6f:9e:b6:35:a3:01:78:e3:
        74:27:cc:70:c8:2b:52:d2:8f:10:5e:54:9f:47:36:55:53:c9:
        b4:1d:8f:28:97:0f:86:41:2e:96:08:48:72:87:b1:77:07:d5:
        18:f3:bf:16

195.62.46.135

Last Seen: 2024-04-22

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

2050177531 | 2024-04-20T07:15:20.721490
22 / tcp

OpenSSH9.2p1 Debian 2

-422697190 | 2024-04-19T00:10:24.946159
80 / tcp

nginx1.22.1

1021999153 | 2024-04-22T06:31:22.346796
443 / tcp

nginx1.22.1

Products

Pricing

Contact Us

195.62.46.135

Last Seen: 2024-04-22

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

2050177531 | 2024-04-20T07:15:20.721490 22 / tcp

OpenSSH9.2p1 Debian 2

-422697190 | 2024-04-19T00:10:24.946159 80 / tcp

nginx1.22.1

1021999153 | 2024-04-22T06:31:22.346796 443 / tcp

nginx1.22.1

Products

Pricing

Contact Us

2050177531 | 2024-04-20T07:15:20.721490
22 / tcp

-422697190 | 2024-04-19T00:10:24.946159
80 / tcp

1021999153 | 2024-04-22T06:31:22.346796
443 / tcp