GeneralInformation

Hostnames	smartape.ru
Domains	smartape.ru
Country	Russian Federation
City	Moscow
Organization	LLC Smart Ape
ISP	LLC Smart Ape
ASN	AS56694

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

21 53 80 111 3306 3310

-1096222366 | 2024-04-26T19:27:15.496130

21 / tcp

220 FTP Server ready.
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
 CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
 EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
 XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
 NOOP    FEAT    OPTS    AUTH    CCC*    CONF*   ENC*    MIC*    
 PBSZ    PROT    TYPE    STRU    MODE    RETR    STOR    STOU    
 APPE    REST    ABOR    USER    PASS    ACCT*   REIN*   LIST    
 NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@localhost
211-Features:
 MDTM
 SSCN
 TVFS
 MFMT
 SIZE
 PROT
 CCC
 PBSZ
 AUTH TLS
 MFF modify;UNIX.group;UNIX.mode;
 REST STREAM
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
 UTF8
 EPRT
 EPSV
 LANG it-IT;es-ES;ru-RU;zh-CN;fr-FR;zh-TW;ko-KR;en-US;bg-BG;ja-JP
211 End

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:33:98:64:ab:7d:ef:d3:b7:5f:83:0e:b0:0f:1b:55
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Apr  6 00:00:00 2020 GMT
            Not After : Apr  6 23:59:59 2022 GMT
        Subject: CN=*.smartape.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c6:c4:35:2f:fe:7a:3a:87:b3:a3:95:66:3f:79:
                    21:39:2b:c9:e4:42:9f:9f:76:35:10:fe:87:5a:e7:
                    c0:4f:a5:d7:cc:08:98:e2:f0:17:26:8c:c3:a8:28:
                    c1:25:bb:ed:b7:e8:55:9e:e0:79:a0:36:bd:89:0f:
                    69:1d:c6:44:1e:ea:a3:0a:af:8f:12:32:ed:5c:d5:
                    a7:c6:26:e9:01:04:0f:2f:d4:dc:c2:80:55:f8:2f:
                    97:37:4f:f6:ad:c9:1a:f3:82:43:cf:83:ba:cd:4d:
                    79:ca:6d:eb:6a:5d:09:3b:bd:e3:57:6d:fc:36:e6:
                    87:01:aa:b6:c9:40:3e:5f:a9:68:a5:64:2d:5c:fc:
                    86:97:49:10:1c:90:f7:4a:a6:24:f5:61:0d:cb:0e:
                    58:72:62:3d:2c:b6:7d:39:14:27:7c:0b:6b:00:d1:
                    22:de:a6:be:bf:a9:b8:b8:77:67:01:6a:42:28:1f:
                    31:43:02:9e:8a:f5:fe:26:c5:bf:95:d6:b1:00:12:
                    73:f5:4e:39:63:c4:ea:81:6c:25:a9:a8:ad:ad:3d:
                    ff:6d:13:48:a5:3c:e1:bb:a6:a7:55:8f:59:61:9b:
                    a1:74:e0:d2:43:8d:9e:24:49:80:3e:81:5d:a4:8c:
                    b0:92:1f:1d:90:f2:dd:b3:1d:95:fd:e1:4b:ff:f2:
                    fc:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                A0:F1:85:04:82:D7:98:93:B1:7C:34:90:71:94:22:00:74:56:3E:B2
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.smartape.ru, DNS:smartape.ru
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 46:A5:55:EB:75:FA:91:20:30:B5:A2:89:69:F4:F3:7D:
                                11:2C:41:74:BE:FD:49:B8:85:AB:F2:FC:70:FE:6D:47
                    Timestamp : Apr  6 06:25:56.843 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D5:2E:FC:BA:DB:E6:C6:77:88:1D:CC:
                                3F:A3:3D:1C:4C:4C:83:7C:CD:38:3E:86:C7:96:43:11:
                                98:13:38:73:CA:02:20:3F:79:2D:6E:07:21:80:0E:5A:
                                45:38:51:5E:96:D7:2E:7C:D7:39:C9:FB:8C:3D:B9:93:
                                1A:B3:72:39:D6:F6:5B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:A5:5E:AB:68:82:4F:1F:6C:AD:EE:B8:5F:4E:3E:5A:
                                EA:CD:A2:12:A4:6A:5E:8E:3B:12:C0:20:44:5C:2A:73
                    Timestamp : Apr  6 06:25:56.882 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:92:73:10:D5:F3:58:14:96:BB:2A:72:
                                E4:C8:AB:29:E9:9A:C1:F6:A9:C3:61:0A:C7:9F:89:BA:
                                7D:2A:02:87:5E:02:21:00:92:0E:1E:E5:88:B7:D8:22:
                                9F:4F:E9:CF:10:24:9F:FE:C1:60:D1:29:AE:53:EE:BC:
                                C7:11:78:6E:5B:58:FD:F3
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
                                4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
                    Timestamp : Apr  6 06:25:56.919 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A0:6C:1A:E9:A6:96:A8:02:8D:0E:15:
                                DC:76:B9:3E:C1:41:4E:7B:98:ED:6A:76:00:10:0B:E7:
                                AB:60:9E:8C:8F:02:21:00:B0:D6:B0:AE:92:D5:46:8F:
                                79:30:45:D3:52:31:CD:1C:B7:37:1B:B4:D8:6D:B4:98:
                                E9:63:BD:D6:34:9F:7B:06
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        c3:37:5d:21:b3:d2:d7:da:53:89:46:1a:94:d5:cb:d1:99:39:
        ec:fc:a0:9e:a5:43:1c:2e:4b:65:f1:3c:3c:a7:77:29:e4:f0:
        98:ae:d9:74:5a:ba:4f:0e:31:40:29:db:3e:5b:ba:02:25:9e:
        1b:c1:3f:d3:4a:03:7d:bf:1d:54:39:9a:66:39:7a:a3:1c:0e:
        66:11:04:87:f2:6a:fa:44:de:c9:55:70:0e:7b:b5:29:6a:60:
        45:41:38:e8:81:3e:34:60:e7:5a:e8:42:b4:19:fc:8e:35:1f:
        c1:7f:f2:b6:d6:57:39:0b:98:97:1c:2f:ad:1c:1e:b1:aa:78:
        7e:45:3a:76:a0:51:dd:f1:09:25:ec:83:d0:a1:fc:36:06:4b:
        11:a5:30:01:49:02:ca:6d:7c:34:e6:bb:37:6f:22:2a:03:95:
        a5:db:93:e8:57:a1:d1:76:51:af:37:7f:c9:23:ad:fc:fb:a4:
        4c:41:5f:0f:d8:68:a0:1b:63:6a:e9:3f:e5:97:05:78:d5:83:
        95:ad:ba:fb:15:b4:f4:5f:e1:15:ef:f2:71:37:fb:53:9b:4e:
        62:1a:fa:67:f5:21:27:c5:32:0d:80:ae:4c:34:12:30:b0:f3:
        87:58:73:4a:d3:a6:fc:3e:e0:89:cb:dc:14:1f:af:7c:cb:39:
        ea:72:54:69

1922874387 | 2024-04-26T20:19:33.568426

53 / tcp

PowerDNS Authoritative Server 4.1.14
Resolver ID: shared-24.smartape.ru

1922874387 | 2024-04-26T20:03:57.172341

53 / udp

PowerDNS Authoritative Server 4.1.14
Resolver ID: shared-24.smartape.ru

-815212241 | 2024-04-26T21:40:14.194256

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 26 Apr 2024 21:40:14 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

612401783 | 2024-04-26T19:51:03.771452

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	40360
mountd	1	udp	20048
status	1	tcp	51922
mountd	1	tcp	20048
mountd	2	udp	20048
mountd	2	tcp	20048
mountd	3	udp	20048
mountd	3	tcp	20048
nfs	3	tcp	2049
nfs	4	tcp	2049
100227	3	tcp	2049
nfs	3	udp	2049
nfs	4	udp	2049
100227	3	udp	2049
nlockmgr	1	udp	46925
nlockmgr	3	udp	46925
nlockmgr	4	udp	46925
nlockmgr	1	tcp	36001
nlockmgr	3	tcp	36001
nlockmgr	4	tcp	36001

612401783 | 2024-04-26T19:34:40.788306

111 / udp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	40360
mountd	1	udp	20048
status	1	tcp	51922
mountd	1	tcp	20048
mountd	2	udp	20048
mountd	2	tcp	20048
mountd	3	udp	20048
mountd	3	tcp	20048
nfs	3	tcp	2049
nfs	4	tcp	2049
100227	3	tcp	2049
nfs	3	udp	2049
nfs	4	udp	2049
100227	3	udp	2049
nlockmgr	1	udp	46925
nlockmgr	3	udp	46925
nlockmgr	4	udp	46925
nlockmgr	1	tcp	36001
nlockmgr	3	tcp	36001
nlockmgr	4	tcp	36001

-679774274 | 2024-04-26T20:00:50.074527

3306 / tcp

MariaDB:
  Protocol Version: 10
  Version: 5.5.68-MariaDB-cll-lve
  Capabilities: 63487
  Server Language: 33
  Server Status: 2
  Extended Server Capabilities: 40975
  Authentication Plugin: mysql_native_password

874437095 | 2024-04-26T19:37:29.892242

3310 / tcp

MySQL:
  Protocol Version: 10
  Version: 5.6.37
  Capabilities: 63487
  Server Language: 8
  Server Status: 2
  Extended Server Capabilities: 32895
  Authentication Plugin: mysql_native_password

2a06:dd00:1:4::10

Last Seen: 2024-04-26

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1096222366 | 2024-04-26T19:27:15.496130
21 / tcp

1922874387 | 2024-04-26T20:19:33.568426
53 / tcp

1922874387 | 2024-04-26T20:03:57.172341
53 / udp

-815212241 | 2024-04-26T21:40:14.194256
80 / tcp

nginx1.20.2

612401783 | 2024-04-26T19:51:03.771452
111 / tcp

612401783 | 2024-04-26T19:34:40.788306
111 / udp

-679774274 | 2024-04-26T20:00:50.074527
3306 / tcp

MariaDB5.5.68-MariaDB-cll-lve

874437095 | 2024-04-26T19:37:29.892242
3310 / tcp

MySQL5.6.37

Products

Pricing

Contact Us

2a06:dd00:1:4::10

Last Seen: 2024-04-26

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1096222366 | 2024-04-26T19:27:15.496130 21 / tcp

1922874387 | 2024-04-26T20:19:33.568426 53 / tcp

1922874387 | 2024-04-26T20:03:57.172341 53 / udp

-815212241 | 2024-04-26T21:40:14.194256 80 / tcp

nginx1.20.2

612401783 | 2024-04-26T19:51:03.771452 111 / tcp

612401783 | 2024-04-26T19:34:40.788306 111 / udp

-679774274 | 2024-04-26T20:00:50.074527 3306 / tcp

MariaDB5.5.68-MariaDB-cll-lve

874437095 | 2024-04-26T19:37:29.892242 3310 / tcp

MySQL5.6.37

Products

Pricing

Contact Us

-1096222366 | 2024-04-26T19:27:15.496130
21 / tcp

1922874387 | 2024-04-26T20:19:33.568426
53 / tcp

1922874387 | 2024-04-26T20:03:57.172341
53 / udp

-815212241 | 2024-04-26T21:40:14.194256
80 / tcp

612401783 | 2024-04-26T19:51:03.771452
111 / tcp

612401783 | 2024-04-26T19:34:40.788306
111 / udp

-679774274 | 2024-04-26T20:00:50.074527
3306 / tcp

874437095 | 2024-04-26T19:37:29.892242
3310 / tcp