GeneralInformation

Hostnames	turbo.gazeta.ru turbo.lenta.ru turbo.medialeaks.ru turbo.pikabu.ru turbo.ria.ru turbo-proxy.yandex.net
Domains	gazeta.ru lenta.ru medialeaks.ru pikabu.ru ria.ru yandex.net
Country	Russian Federation
City	Moscow
Organization	Yandex enterprise network
ISP	YANDEX LLC
ASN	AS13238

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

80 443

-1416970917 | 2024-05-06T10:31:19.959486

80 / tcp

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.17.6
Date: Mon, 06 May 2024 10:31:19 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: https://2a02/

574130828 | 2024-05-06T09:09:08.367323

443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.17.6
Date: Mon, 06 May 2024 09:09:08 GMT
Content-Type: text/plain
Content-Length: 9
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:ab:25:10:73:70:76:73:ba:2e:39:dd:95:44:20:7a:1c:f7
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar  2 17:47:46 2024 GMT
            Not After : May 31 17:47:45 2024 GMT
        Subject: CN=turbo.gazeta.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b8:96:74:f6:4b:b5:e0:c0:97:f8:d5:61:4b:99:
                    87:6c:1e:46:56:fc:31:f5:6b:06:78:fd:ac:32:c5:
                    ca:c8:21:fc:03:3f:32:83:8e:87:04:12:c6:44:cb:
                    91:57:c8:ef:7f:ff:c4:4b:de:a5:3f:73:0d:dd:73:
                    df:07:b3:17:8b:f4:e4:94:22:ff:58:65:a7:62:fb:
                    a6:d2:78:8f:0f:6a:2c:73:f6:cd:57:15:5b:d0:25:
                    8d:15:76:e9:9c:05:07:ff:7e:b4:de:79:74:5f:e0:
                    7f:2b:8a:88:14:1d:10:ce:38:4c:ed:fa:73:20:36:
                    16:35:f1:9b:3a:f5:f1:6a:ac:15:5f:9a:e0:44:b8:
                    bc:4a:c6:b0:3c:b7:84:58:7e:9f:0f:d3:2d:7e:c3:
                    1f:90:d7:93:63:b1:e8:c8:34:8c:ac:49:45:56:06:
                    f6:a2:27:4d:ef:35:07:28:e9:2b:00:e7:ff:7f:a7:
                    16:a5:ba:2c:f7:71:b3:8c:c3:8b:a2:f7:d1:ba:99:
                    c2:17:92:6a:a6:b7:3a:17:dc:a1:f0:ba:97:dc:b7:
                    d4:f9:c8:91:d6:65:00:0a:16:d6:3c:23:b5:72:6f:
                    ce:90:ac:d3:8c:18:59:5b:8e:ac:9b:d7:8d:42:ef:
                    85:9d:07:a8:56:99:36:ec:2d:d5:cc:bb:fb:0d:8a:
                    6a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                23:74:5A:F9:06:D8:E6:05:02:E4:FB:B6:DC:65:60:2F:CD:74:2A:BE
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:turbo.gazeta.ru, DNS:turbo.lenta.ru, DNS:turbo.medialeaks.ru, DNS:turbo.pikabu.ru, DNS:turbo.ria.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar  2 18:47:46.244 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FC:BC:FE:16:53:3E:BA:44:3A:27:02:
                                33:37:45:19:97:44:A1:6E:D8:61:45:9E:A4:CA:4E:68:
                                C7:03:B4:85:DD:02:21:00:A8:58:0D:79:ED:4E:FB:C4:
                                09:4D:36:1D:77:43:42:F8:30:9E:0D:7A:56:94:AB:AC:
                                73:EB:68:41:DE:02:FF:0F
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar  2 18:47:46.251 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:AE:AE:26:B7:46:90:4F:44:0B:77:57:
                                DF:5F:66:F6:F3:4B:8A:CA:6D:D0:B5:EA:50:82:72:41:
                                89:48:C5:9F:A6:02:21:00:8C:90:2D:A6:33:3F:D3:86:
                                B6:FD:FF:1D:0B:42:93:98:86:5D:A9:6F:A4:0E:97:89:
                                35:E5:0B:3B:E2:95:09:5B
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6a:7f:86:9e:6f:ec:5f:17:6e:49:9e:c7:5c:48:51:83:eb:07:
        b3:57:6f:c0:cb:46:74:dc:e2:e8:06:6f:3d:66:d1:86:0b:e4:
        36:02:58:40:da:df:7f:72:98:3d:95:57:75:0e:05:da:bf:99:
        e1:40:07:a9:b3:77:d4:ce:45:3f:b2:0b:f0:3e:9a:1b:87:3c:
        69:a9:ef:5b:34:ac:55:75:8c:0c:44:1d:60:ce:69:10:5c:86:
        0c:17:ff:ad:86:16:60:e2:f7:18:3c:68:ab:89:3e:fc:14:a9:
        70:91:ce:b5:2f:c6:f5:6f:6d:78:2a:ec:c3:33:b2:b2:81:02:
        e7:f8:97:40:69:41:89:2c:09:5c:42:67:d5:a3:d9:3e:96:9c:
        99:b5:fd:2d:18:b5:c6:4e:31:18:d3:29:c6:04:1c:26:d0:83:
        11:01:35:d1:c6:52:b3:08:b1:75:42:e9:f0:39:7e:95:98:c1:
        21:45:32:da:7a:18:21:7d:d3:21:a2:3f:b3:a4:72:05:5e:12:
        c7:59:f5:82:a0:91:fd:48:08:4b:34:d3:eb:c4:1f:25:80:33:
        81:a0:84:0e:c7:8c:11:e8:64:e7:02:9c:87:03:27:89:e7:42:
        41:69:c7:e7:aa:a7:5f:f8:ea:77:d9:4a:27:3e:ec:6c:b9:c2:
        0f:5f:2b:17

2a02:6b8::26

Last Seen: 2024-05-06

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1416970917 | 2024-05-06T10:31:19.959486
80 / tcp

nginx1.17.6

574130828 | 2024-05-06T09:09:08.367323
443 / tcp

nginx1.17.6

Products

Pricing

Contact Us

2a02:6b8::26

Last Seen: 2024-05-06

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1416970917 | 2024-05-06T10:31:19.959486 80 / tcp

nginx1.17.6

574130828 | 2024-05-06T09:09:08.367323 443 / tcp

nginx1.17.6

Products

Pricing

Contact Us

-1416970917 | 2024-05-06T10:31:19.959486
80 / tcp

574130828 | 2024-05-06T09:09:08.367323
443 / tcp