GeneralInformation

Hostnames	gilines.com
Domains	gilines.com
Country	Russian Federation
City	Moscow
Organization	OKB PROGRESS LLC
ISP	OKB PROGRESS LLC
ASN	AS39238
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 25 53 80 123

-617817922 | 2024-04-12T23:12:16.533268

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCiG/p3F++eOSBhOCCsrkDPHEoCcmxLU4R25NwpgGGYSO75
vA2R+aeS1Woq6UE1nhCCXXZ/+dQdjZnUls/MBnrbbEk0O8EjjnXhyB71ARKuINOAgw6O5qoA59l4
dscTkCykJqH9BQUExMDUQxw36JjIG+BtgaN+9E6+iowwN6igcEmq54x4R67xvNixRtsc1dZWddRF
3YXoh07rVoi5T6KBQi+VxTdfwYJnKfUPiGNB+Xagu7XQu0lgNvgzQUcD/tdwHgUfWcX6d12HtUL5
GxphsrCTuxonaBs7Q6zZgpXkia+Y0Y62bsViO2DIKv43/igZjVmIgaHzpO1OUnLa+jriXd+tByJs
UhrGhyagXFLpH2WMyCZDGuCuv5y/shMulMYIvGUkhXXsO+awf7GrNXED82ag4KdXTVr5MHWMAmqM
fGJziO1D74e2G69TeMCwpr11PJNLPIcpGUyskjzWxiMQj971m7eF8Gmtm+RvMcEIvkGe1uNqV60y
um6Q1Z9jTyU=
Fingerprint: 27:4a:66:6f:46:4b:e8:0f:e3:5b:50:83:74:85:ce:80

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1780739288 | 2024-04-17T08:30:29.345674

25 / tcp

220 gilines.com ESMTP Postfix (Ubuntu)
250-gilines.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:06:50:9e:cb:17:33:b6:db:4e:d5:0e:d4:c8:a0:76:bb:06:08:ae
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=gilines.com
        Validity
            Not Before: Apr 10 12:16:54 2023 GMT
            Not After : Apr  7 12:16:54 2033 GMT
        Subject: CN=gilines.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:dd:4e:31:12:f6:5c:5a:25:d6:b8:a2:e3:c2:2b:
                    49:09:73:a4:4a:a0:21:db:d7:b9:fa:c6:22:1e:6f:
                    53:18:14:e0:96:e1:89:16:f4:74:d6:c8:e9:eb:83:
                    51:82:c4:ac:97:03:8d:3f:e3:52:cb:e4:fb:4e:4e:
                    01:57:0a:5e:7b:35:e9:7b:fd:a6:2f:e3:a8:7a:71:
                    d3:f4:0e:d3:c6:d2:d9:81:6f:7a:3e:ae:7b:e5:b7:
                    cc:8e:68:53:f9:d3:1e:cd:d2:78:7c:1a:3c:a1:64:
                    6e:da:3b:a3:8b:36:42:83:14:03:e3:c0:e9:11:9c:
                    88:d4:18:65:d9:61:70:88:7f:d1:a4:0f:f4:34:5a:
                    d1:70:3a:3a:7e:c3:ae:20:87:54:0e:5a:c8:db:3c:
                    de:72:00:25:27:e8:8c:09:f1:02:f7:4d:a6:3d:b5:
                    0a:c0:e5:8d:69:cb:b7:d0:93:fe:75:11:73:10:7f:
                    73:bc:8f:c8:bb:d1:9c:a4:58:0d:bc:14:9e:8f:ee:
                    84:d9:b3:33:33:23:9c:b1:52:71:73:7b:ae:7b:7b:
                    3d:36:db:a6:d5:7d:5d:6e:69:5e:42:91:b8:f6:83:
                    0d:95:cc:c8:0f:8a:5a:15:d3:c8:bb:a6:50:64:05:
                    0f:e8:cc:d6:57:8f:5b:b1:77:0f:82:e5:0c:d9:60:
                    5f:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:gilines.com
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        68:a6:c1:f0:f0:70:a3:03:89:72:46:ce:73:5f:5c:c9:7b:b1:
        d5:c7:aa:b6:e9:ed:2b:d5:b2:4d:67:66:ae:02:e0:a7:18:b8:
        e0:3f:20:ec:4f:5a:90:b4:ea:ad:12:bd:c0:62:54:85:9a:2f:
        4a:c7:80:e9:ca:9e:68:6d:fd:61:77:5b:05:60:0e:a9:6c:70:
        13:8f:5e:de:50:92:e8:a2:e5:3b:e5:9a:e7:f3:7a:8c:87:a5:
        b7:41:7d:70:1a:c7:a5:53:86:94:85:c3:33:57:d0:0e:48:78:
        51:ea:6c:82:fc:0a:a8:f4:02:39:7b:21:43:0e:69:1b:cf:ad:
        29:fc:18:e9:d1:1f:2c:e3:38:39:c1:96:a6:33:2d:0d:18:b6:
        41:a0:66:24:59:3b:de:23:b8:f6:5c:69:2c:b6:93:bd:39:ef:
        08:ca:e9:6d:61:14:ba:0b:0e:f9:8b:ae:a6:32:67:ae:f5:a5:
        0f:c0:f6:8c:38:9d:3c:97:12:cd:d0:b5:f4:d8:b4:53:de:24:
        99:3c:5b:a0:d9:de:2a:02:e6:8a:24:a2:ba:41:a6:32:6e:f3:
        0a:57:a3:bb:00:9d:67:39:2f:9b:34:d4:03:61:bf:00:29:03:
        20:eb:1b:4c:8b:6a:f8:7c:00:5a:28:1e:ee:bb:9d:e6:38:4c:
        cb:10:ce:5b

-250881971 | 2024-04-24T01:19:07.908806

53 / tcp

9.16.1-Ubuntu
Resolver name: gilines.com

-250881971 | 2024-04-22T08:22:14.771684

53 / udp

9.16.1-Ubuntu
Resolver name: gilines.com

845184609 | 2024-04-24T02:28:41.228609

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 24 Apr 2024 02:28:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

-148492395 | 2024-04-13T08:31:02.986895

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -24
rootdelay: 0.019287109375
rootdisp: 0.0314788818359
refid: 1401893682
reftime: 3921985066.6
poll: 3

217.29.57.164

Last Seen: 2024-04-24

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-617817922 | 2024-04-12T23:12:16.533268
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.5

-1780739288 | 2024-04-17T08:30:29.345674
25 / tcp

Postfix smtpd

-250881971 | 2024-04-24T01:19:07.908806
53 / tcp

-250881971 | 2024-04-22T08:22:14.771684
53 / udp

845184609 | 2024-04-24T02:28:41.228609
80 / tcp

nginx1.18.0

-148492395 | 2024-04-13T08:31:02.986895
123 / udp

Products

Pricing

Contact Us

217.29.57.164

Last Seen: 2024-04-24

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-617817922 | 2024-04-12T23:12:16.533268 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.5

-1780739288 | 2024-04-17T08:30:29.345674 25 / tcp

Postfix smtpd

-250881971 | 2024-04-24T01:19:07.908806 53 / tcp

-250881971 | 2024-04-22T08:22:14.771684 53 / udp

845184609 | 2024-04-24T02:28:41.228609 80 / tcp

nginx1.18.0

-148492395 | 2024-04-13T08:31:02.986895 123 / udp

Products

Pricing

Contact Us

-617817922 | 2024-04-12T23:12:16.533268
22 / tcp

-1780739288 | 2024-04-17T08:30:29.345674
25 / tcp

-250881971 | 2024-04-24T01:19:07.908806
53 / tcp

-250881971 | 2024-04-22T08:22:14.771684
53 / udp

845184609 | 2024-04-24T02:28:41.228609
80 / tcp

-148492395 | 2024-04-13T08:31:02.986895
123 / udp