GeneralInformation

Hostnames	iceberg.markups.icecorp.ru ssr.markups.icecorp.ru stroy.markups.icecorp.ru yarost8.ru
Domains	icecorp.ru yarost8.ru
Country	Russian Federation
City	Moscow
Organization	Selectel Network
ISP	OOO "Network of data-centers "Selectel"
ASN	AS50340
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3000

-671645753 | 2024-04-23T13:55:03.034532

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEQ7M2Gxv3insCgejp4WwAxW
KaC7iJT42EVqDL/jfN/f7mVj+y+kWNonUtyRAV/rdJvO8Yn5rJf7sFmVZdw5zm8=
Fingerprint: 49:f7:66:61:e5:10:0b:5b:2e:83:95:1f:d0:80:57:15

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-770651211 | 2024-05-07T01:50:31.733033

80 / tcp

HTTP/1.1 401 Unauthorized
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 01:50:31 GMT
Content-Type: text/html
Content-Length: 590
Connection: keep-alive
WWW-Authenticate: Basic realm="Protected Area"

-770651211 | 2024-04-28T00:57:45.640782

443 / tcp

HTTP/1.1 401 Unauthorized
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 28 Apr 2024 00:57:45 GMT
Content-Type: text/html
Content-Length: 590
Connection: keep-alive
WWW-Authenticate: Basic realm="Stop right there criminal scum! Nobody breaks the law on my watch!"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:32:77:38:40:1c:70:5d:92:33:dd:8c:aa:8f:3f:c9:a9:b1
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Dec  4 05:43:09 2023 GMT
            Not After : Mar  3 05:43:08 2024 GMT
        Subject: CN=iceberg.markups.icecorp.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a4:f1:68:1d:ca:90:a6:41:aa:35:de:01:85:89:
                    c6:74:cf:5d:ae:44:7b:34:8e:31:06:ae:5e:d2:cc:
                    17:6d:3f:45:3b:57:5e:66:11:b9:31:c0:04:b2:ff:
                    88:e8:82:6c:fd:8f:21:af:bc:1d:45:5e:90:fd:1c:
                    0f:09:83:b2:5c:75:de:d8:de:4f:a6:17:6e:84:a5:
                    32:b8:5c:5c:d8:f6:28:42:3d:5d:28:cf:29:e0:94:
                    93:12:1f:23:59:92:8f:e5:a6:35:9d:75:c4:17:cf:
                    03:86:c5:e5:1a:e8:9f:03:47:4b:04:68:6b:78:69:
                    4c:63:d9:55:c5:8e:d7:f0:ba:b4:14:48:6e:a1:bd:
                    14:55:35:7b:6a:17:a3:3b:cf:dd:08:ff:ed:3b:8b:
                    3b:06:9b:3d:93:f6:15:ed:9c:1a:df:24:b2:7b:06:
                    b1:02:94:df:82:7f:58:a9:66:69:73:73:d1:16:bd:
                    e6:02:90:27:77:51:b5:d9:a0:4f:7c:0b:19:11:ef:
                    51:e2:34:ef:b1:38:b2:f7:4b:92:0d:be:86:ea:26:
                    8b:ba:da:93:6e:a8:87:f0:f0:c1:a0:98:95:f4:29:
                    7a:e4:f7:10:f7:c5:83:d6:57:dd:61:bc:f2:01:5b:
                    ab:a4:c2:79:0f:07:9f:53:4c:51:d6:da:75:55:97:
                    55:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                ED:29:54:E7:97:FB:87:A1:46:54:65:33:F4:E8:3F:1A:AE:D2:F3:A5
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:iceberg.markups.icecorp.ru, DNS:ssr.markups.icecorp.ru, DNS:stroy.markups.icecorp.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Dec  4 06:43:09.780 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:85:03:AA:82:0C:65:5B:A7:64:12:C8:
                                37:5E:D6:DA:40:FC:CD:78:53:78:62:98:AF:6D:AA:4E:
                                9B:60:BD:18:71:02:21:00:D6:C4:16:4A:DA:55:81:11:
                                68:CA:66:8E:BB:27:95:6A:52:34:16:54:FA:B0:3F:DA:
                                BE:3C:1B:87:43:BC:E8:0C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Dec  4 06:43:09.806 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6A:86:2D:9A:B4:59:3C:C9:06:E3:21:20:
                                DD:ED:22:A9:24:3E:48:B4:EA:CC:A5:AC:D8:EE:68:FF:
                                50:61:F4:4C:02:21:00:DC:B6:54:B4:31:49:81:09:7D:
                                56:99:3A:7C:E1:3F:B4:DF:2C:47:2E:AA:AF:10:6C:A8:
                                34:13:39:35:62:CF:4C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        23:70:94:f2:11:be:c3:c6:b9:da:02:a6:00:47:97:56:97:e2:
        b3:99:b7:21:47:4b:d2:38:6c:bc:9a:61:2e:87:b9:cd:a1:1b:
        a8:56:42:08:c6:6d:83:86:a7:db:0a:45:2c:df:17:d6:2b:f7:
        9d:a1:84:1d:ab:0e:f5:79:ca:c1:91:38:fc:cd:ed:1c:13:6a:
        0d:fa:f8:9a:ae:b0:37:8e:0e:ce:d7:31:6e:86:93:75:d9:e3:
        7f:b6:72:1d:4f:22:07:5e:d7:df:80:48:21:fd:1b:ef:df:af:
        e5:3a:94:f8:11:0b:1e:43:1b:4a:d1:ce:d4:33:56:f5:67:15:
        dd:85:bf:7f:22:56:eb:82:b6:ac:d9:c5:39:ef:4f:f8:7c:61:
        42:3d:6c:e3:94:00:af:fd:cf:75:f3:be:5c:d6:68:da:10:2e:
        c0:d8:58:c6:44:f4:66:9e:e4:4d:c4:b3:60:bb:fe:73:70:7b:
        a4:52:3c:ab:e8:3f:92:84:b0:7e:e6:8b:6e:63:c4:a7:07:22:
        0a:ca:f5:20:e3:e9:ff:59:56:fb:5e:d2:e3:77:4f:df:00:67:
        3f:55:8e:ab:c3:81:4e:0b:0b:f7:26:a3:70:4f:36:24:b8:b9:
        6e:83:a3:d8:be:25:54:9b:fa:53:aa:9d:fa:38:d5:aa:1d:28:
        d3:00:5a:fb

-357188758 | 2024-04-26T23:15:09.564026

3000 / tcp

HTTP/1.1 200 OK
content-type: text/html;charset=utf-8
Date: Fri, 26 Apr 2024 23:15:09 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 89635

37.228.116.10

Last Seen: 2024-05-07

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-671645753 | 2024-04-23T13:55:03.034532
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

-770651211 | 2024-05-07T01:50:31.733033
80 / tcp

nginx1.18.0

-770651211 | 2024-04-28T00:57:45.640782
443 / tcp

nginx1.18.0

-357188758 | 2024-04-26T23:15:09.564026
3000 / tcp

Products

Pricing

Contact Us

37.228.116.10

Last Seen: 2024-05-07

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-671645753 | 2024-04-23T13:55:03.034532 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

-770651211 | 2024-05-07T01:50:31.733033 80 / tcp

nginx1.18.0

-770651211 | 2024-04-28T00:57:45.640782 443 / tcp

nginx1.18.0

-357188758 | 2024-04-26T23:15:09.564026 3000 / tcp

Products

Pricing

Contact Us

-671645753 | 2024-04-23T13:55:03.034532
22 / tcp

-770651211 | 2024-05-07T01:50:31.733033
80 / tcp

-770651211 | 2024-04-28T00:57:45.640782
443 / tcp

-357188758 | 2024-04-26T23:15:09.564026
3000 / tcp