GeneralInformation

Hostnames	176.166.78.34.bc.googleusercontent.com ravdori.co.il
Domains	googleusercontent.com ravdori.co.il
Cloud Provider	Google
Cloud Region	europe-west1
Country	Belgium
City	Brussels
Organization	Google LLC
ISP	Google LLC
ASN	AS396982
Operating System	Linux

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443

1714418886 | 2024-05-14T19:07:10.932900

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCqygYJQycomwfD/MiXeycR5ztiZ4tSkuOXc38Ypb3i1Wm7
I4QbfQkFh/3QO36b8YPWhpkYLLb+8i/YLWEiqY8Ronn0TjXkl4j/PlRB6qRuN6tejWa1hIIxhdI4
N9pQJKhtpjuQiU0TZS2f3BNERX4tO35rP62W89fU4jsUZSasaXSw/cDG5eZG0W2ll3im+y+pUrP8
BcMPOuD+Lq3ouBD98eli5zxRlJ3TYRhA/2cMs35oPJkrHuuw3f4xopNtBk7eNfAEVnzoM0zI0aid
lGWLWBmRnazwjDbjk2ywzvvOAk0zPh8D1D2rtstPKztu8oLJ7QRQc9YkM+bXaucV3o5y6KlZy+lD
Vbs55kvTXvRJWDzCPF3dyH8q0JgO8OmM7kO6qhpNs3n23sbt2MrvYrt/1FKz1Dd+HBxMev0xHAZL
yVvdb9MefO9Cv+9wHWH9ptEeDe1AgfmbMZhg+1Kb3MjuJF14iaDP8KzPn9BDzT9HTrzUnr7Rrd6R
onoVgkZXdxk=
Fingerprint: 29:54:aa:26:cb:af:8d:5f:ff:13:8e:87:dc:73:b4:b1

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1584412971 | 2024-05-13T00:39:13.877439

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Mon, 13 May 2024 00:39:12 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Keep-Alive: timeout=5
Location: https://album.ravdori.co.il/

0 | 2024-05-13T02:52:49.365483

443 / tcp

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:f3:39:81:ed:04:e3:00:ae:47:49:9c:5c:43:d0:7a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Thawte TLS RSA CA G1
        Validity
            Not Before: Aug 21 00:00:00 2023 GMT
            Not After : Aug 20 23:59:59 2024 GMT
        Subject: CN=*.ravdori.co.il
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a9:f4:33:54:b1:1a:ee:cc:be:73:29:4e:54:83:
                    e3:3f:ec:cb:d4:33:71:e3:51:b2:3e:a5:90:3a:9e:
                    da:90:16:1d:8c:a7:24:98:0f:87:46:37:5a:98:19:
                    e2:8c:47:8c:a6:f4:d6:9c:8a:1d:7b:b3:ad:a4:df:
                    26:76:6e:58:0b:e7:98:85:6b:5e:bc:02:5a:5a:46:
                    a3:20:5f:6d:d4:a4:45:81:39:dd:cb:ca:8f:2d:fa:
                    f8:74:54:d7:74:99:8d:e6:84:02:63:52:87:9d:ae:
                    cd:96:ef:35:f8:03:3f:9f:55:08:00:01:73:e7:63:
                    d1:5b:d8:b5:56:bd:5d:77:2c:0a:2a:01:67:30:15:
                    08:c6:a3:e2:5a:e3:7a:e6:0d:26:5b:fe:c9:d9:75:
                    51:e5:50:8b:95:5a:46:0a:ad:40:e9:f6:16:b0:48:
                    b0:cf:ad:75:c9:70:34:ec:d7:e6:93:c1:1b:e2:1a:
                    c7:08:eb:e7:73:af:2c:b7:16:22:c4:98:a4:e9:15:
                    94:9c:8d:03:52:63:35:9d:27:b6:fc:3c:ea:c9:a6:
                    f5:f1:12:da:39:bc:03:c3:90:9d:85:bd:50:1b:d7:
                    1f:02:a4:0f:20:3a:62:cb:2d:19:8a:e1:63:73:e3:
                    fe:3f:e5:bb:38:df:0a:c0:01:14:b1:07:da:8d:71:
                    f8:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                A5:8C:FE:32:CC:EB:0F:2C:D4:19:C6:08:B8:00:24:88:5D:C3:C5:B7
            X509v3 Subject Key Identifier: 
                FA:D8:4C:77:5E:36:76:C0:0B:BF:7E:14:04:E8:28:3B:07:E1:00:02
            X509v3 Subject Alternative Name: 
                DNS:*.ravdori.co.il, DNS:ravdori.co.il
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://cdp.thawte.com/ThawteTLSRSACAG1.crl
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                  CPS: http://www.digicert.com/CPS
            Authority Information Access: 
                OCSP - URI:http://status.thawte.com
                CA Issuers - URI:http://cacerts.thawte.com/ThawteTLSRSACAG1.crt
            X509v3 Basic Constraints: 
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Aug 21 10:51:23.722 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:9B:1A:A7:44:14:B9:D1:54:28:4D:FB:
                                C3:CD:E3:9C:E9:5F:84:EC:AA:67:A9:B0:99:2B:4F:2D:
                                11:A7:E5:A1:1A:02:20:12:50:CB:BD:7A:E2:F2:EB:3E:
                                75:F5:44:C7:13:7F:13:B4:16:5D:F5:EC:B0:BB:8F:9F:
                                9F:12:E6:EB:74:41:DA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Aug 21 10:51:23.714 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:43:9E:6F:0F:ED:0B:7A:1D:DD:BB:6D:40:
                                AB:9E:69:0A:E5:DF:51:A9:32:DC:9F:D3:BB:5E:79:86:
                                F0:5A:4B:AE:02:20:1A:D5:4A:D1:51:3D:0E:7E:7F:E5:
                                61:F2:32:AC:F1:9F:20:03:9D:3C:97:C0:29:2F:D5:B4:
                                44:7A:D3:AF:3D:E6
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Aug 21 10:51:23.728 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:94:26:98:30:F3:70:2E:79:83:52:35:
                                D0:BE:EF:DB:C8:59:83:B0:2C:47:33:32:92:16:9E:2E:
                                94:03:48:73:9B:02:20:09:79:BF:9D:E5:93:3F:60:68:
                                75:17:E6:AC:CE:0C:57:9E:43:5C:F7:56:EC:38:1B:E8:
                                BE:18:1F:43:4B:A4:1A
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2e:37:a9:92:d3:5a:c6:b9:10:44:f4:b3:79:e6:46:e9:24:9e:
        b4:f7:31:16:cc:00:56:61:5b:3c:48:7d:97:fb:69:f8:27:da:
        98:ff:39:9a:36:04:2e:33:6e:6f:9d:e3:0f:a8:95:86:09:df:
        f3:12:8c:99:e3:6b:b6:10:11:36:78:78:35:6c:ae:21:fb:72:
        b6:ec:0a:ab:2a:e1:97:6d:ad:2b:85:14:a1:f2:df:6a:9e:4d:
        6b:a1:57:65:80:6f:26:95:61:1e:6d:8c:b6:94:a1:11:c2:58:
        ad:1d:cd:70:7e:71:d0:57:9c:b2:91:88:b3:e9:f6:d7:87:9c:
        b1:9e:99:ae:8b:db:70:85:62:f5:cb:6c:65:dc:61:89:d0:f1:
        49:bd:62:bd:cd:6b:12:2b:5d:9e:9f:77:fa:17:25:ee:ee:3c:
        f2:d6:24:6e:be:4c:cf:10:05:57:7f:79:79:d6:7f:8d:f7:53:
        1d:75:ad:17:0c:38:3c:ab:48:f5:aa:23:08:65:28:ed:55:22:
        b6:e1:2f:4f:0f:aa:e9:22:08:15:c1:2a:cf:4c:fd:93:59:ef:
        97:2c:51:60:49:59:9c:13:19:22:69:fc:66:7e:75:9a:8d:ce:
        f8:c1:32:74:dd:55:c4:eb:f5:39:75:50:9a:ba:a2:59:b2:a9:
        1b:b3:e3:51

34.78.166.176

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1714418886 | 2024-05-14T19:07:10.932900
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1584412971 | 2024-05-13T00:39:13.877439
80 / tcp

nginx1.18.0

0 | 2024-05-13T02:52:49.365483
443 / tcp

Products

Pricing

Contact Us

34.78.166.176

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1714418886 | 2024-05-14T19:07:10.932900 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1584412971 | 2024-05-13T00:39:13.877439 80 / tcp

nginx1.18.0

0 | 2024-05-13T02:52:49.365483 443 / tcp

Products

Pricing

Contact Us

1714418886 | 2024-05-14T19:07:10.932900
22 / tcp

1584412971 | 2024-05-13T00:39:13.877439
80 / tcp

0 | 2024-05-13T02:52:49.365483
443 / tcp