GeneralInformation

Hostnames	lab.pik-market.ru
Domains	pik-market.ru
Country	Russian Federation
City	Moscow
Organization	Selectel Ltd. Moscow
ISP	OOO "Network of data-centers "Selectel"
ASN	AS50340
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 53 443 10000 10001

-134831031 | 2024-04-19T23:57:45.292540

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDd2SWBlnpzFFmZmAkwbOGdUKevO5j2S//roVLweECY/o6S
niyTp2dC8ZUR4bJSGOweEJEpY7afmGztr1QgI/DhVzGy7jTjyjkQGMGRWGN1hS5Amh3ydil3qSvD
5z3q6JuNMXImh3f/EvtHsHSYZ3cXlGp0JY5EwoSTH3ijM/kc8wX14JHwbozIv33NuW8kEjNtrbUt
toTjPi0HGr+QaOSfr90Jt968e2p0k0idj+RWCvw+Ee3QmezxYmT2KhhVe4sMN4y3yZCgf/xCxRQ1
04CWoNtjiXoX5ghQM8yJdkt+i1mrQjLwgZD87JVgLRiNy2bnslWYjS6ozR+sxflAVI8KI5V8ChHl
Dnk3Pnt+DkdBTz2nmrZCOFzE8Pg8fpf41JSdnHvnEhu6CvzjZNTs9VJBvB4mEptty19B+maoHrIe
O60HWu7NenOD+0qurD9nLj6a1AKpkOhlVZ5rrEzR7fGs6C3mmF4oMeqbdFOmZuqdkWLY5NDeF2Cf
EJt7FmDsUTc=
Fingerprint: 65:b4:4d:87:4e:72:1c:0e:6b:88:21:d2:b0:4e:ee:cd

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1973284535 | 2024-04-12T16:02:53.618204

53 / tcp

9.16.48-Ubuntu
Resolver name: v.pkmk.dev

-1973284535 | 2024-04-17T09:19:28.670401

53 / udp

9.16.48-Ubuntu
Resolver name: v.pkmk.dev

408091574 | 2024-04-22T19:27:56.740450

443 / tcp

HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 22 Apr 2024 19:27:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Set-Cookie: sid_customer_s_4516c=23f40a0d2bae9611bf9de17040317882-C; expires=Mon, 06-May-2024 19:27:56 GMT; Max-Age=1209600; path=/; domain=.lab.pik-market.ru; secure; HttpOnly; SameSite=lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: frame-ancestors 'self';
Set-Cookie: ab__device=desktop; expires=Mon, 22-Apr-2024 20:27:56 GMT; Max-Age=3600
Retry-After: 300

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:27:93:f6:9d:7a:ec:08:70:c0:24:5e:82:d3:a9:59:40:49
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 17 04:56:15 2024 GMT
            Not After : Jul 16 04:56:14 2024 GMT
        Subject: CN=lab.pik-market.ru
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:b6:36:24:5b:95:4f:9e:2d:d0:fe:28:4f:ad:3b:
                    92:e5:18:9f:3e:c8:b8:71:ff:6d:f4:3b:88:9d:02:
                    7a:fb:55:e1:12:cf:78:66:00:26:98:e9:b6:ee:bf:
                    9a:ed:de:8e:65:e5:da:89:1e:d1:3b:26:33:ff:87:
                    3e:2a:07:79:68
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                EC:27:72:56:E2:85:DA:F8:33:55:49:01:FF:F4:0A:CF:C9:32:22:67
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:lab.pik-market.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 17 05:56:15.421 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E1:50:8D:9F:99:44:DA:20:F5:5E:EB:
                                41:69:E2:16:71:C2:4E:F9:C8:1D:7F:95:9E:A4:52:08:
                                2A:9A:FF:83:C7:02:20:70:07:4A:75:A5:41:CF:CF:29:
                                4A:C8:F9:07:20:D4:F7:64:E6:6A:16:38:50:D3:E3:38:
                                78:9C:A3:E3:C1:E9:43
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Apr 17 05:56:15.490 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D2:E2:0C:96:FC:3C:31:77:2C:29:3E:
                                D9:EB:A6:35:DA:F9:A2:DF:3D:0F:56:2D:6B:F8:B7:47:
                                8E:05:E6:55:C7:02:20:10:AD:34:91:17:57:7B:5C:98:
                                B3:A3:9B:C9:49:4F:6E:9E:74:A5:5E:EC:5C:A5:F1:F0:
                                7E:C6:C0:D7:38:DB:E3
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        3c:c9:17:8c:bb:6e:f0:9c:5f:46:4d:af:9d:56:ed:20:2c:df:
        2c:4a:48:fb:7e:48:89:46:85:c9:15:e9:55:9c:e5:de:32:6c:
        9f:56:b2:86:c2:e1:07:9d:9a:7f:3d:9f:ef:d3:c7:fd:9d:f4:
        5e:c9:50:85:4a:d4:14:0c:df:25:38:c8:f4:32:ca:d3:8e:fa:
        6e:40:f9:07:a8:99:ae:b7:4b:0b:d7:52:c8:3a:95:8b:44:a7:
        09:65:a3:35:47:77:fe:f4:71:48:4e:ca:b8:44:53:ce:98:5c:
        3f:bc:83:9e:ac:5e:a3:98:d0:0d:92:1c:26:bf:86:5d:d1:00:
        6f:e0:c0:5a:51:fd:82:99:67:9c:7b:0f:2f:ed:74:b7:eb:b9:
        c4:80:6c:cf:ad:e3:e5:3d:7a:dc:bf:08:26:c0:80:3f:01:de:
        48:fb:db:93:ac:e4:0c:30:4b:85:07:ea:d8:da:d0:b2:66:ed:
        8a:94:8a:85:e9:10:b5:99:2d:5d:05:d7:92:1b:3d:ed:60:21:
        28:3e:b4:74:81:3f:c6:f2:cb:0a:0e:4e:57:04:36:60:38:80:
        9f:11:b4:b1:d1:cd:bc:72:9f:eb:3b:99:2f:f4:81:93:65:4c:
        5b:5b:07:7c:9f:3e:bd:17:51:08:a7:7e:c4:f9:be:97:56:cd:
        a6:7b:ba:69

1248701297 | 2024-04-21T22:10:28.533220

10000 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
Vary: Origin
X-Content-Type-Options: nosniff
Date: Sun, 21 Apr 2024 22:10:17 GMT
Content-Length: 19

404 page not found

731197476 | 2024-04-08T13:04:24.883378

10001 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
Vary: Origin
X-Content-Type-Options: nosniff
Date: Mon, 08 Apr 2024 13:04:24 GMT
Content-Length: 19

5.178.85.157

Last Seen: 2024-04-22

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-134831031 | 2024-04-19T23:57:45.292540
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

-1973284535 | 2024-04-12T16:02:53.618204
53 / tcp

-1973284535 | 2024-04-17T09:19:28.670401
53 / udp

408091574 | 2024-04-22T19:27:56.740450
443 / tcp

nginx1.18.0

1248701297 | 2024-04-21T22:10:28.533220
10000 / tcp

731197476 | 2024-04-08T13:04:24.883378
10001 / tcp

Products

Pricing

Contact Us

5.178.85.157

Last Seen: 2024-04-22

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-134831031 | 2024-04-19T23:57:45.292540 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

-1973284535 | 2024-04-12T16:02:53.618204 53 / tcp

-1973284535 | 2024-04-17T09:19:28.670401 53 / udp

408091574 | 2024-04-22T19:27:56.740450 443 / tcp

nginx1.18.0

1248701297 | 2024-04-21T22:10:28.533220 10000 / tcp

731197476 | 2024-04-08T13:04:24.883378 10001 / tcp

Products

Pricing

Contact Us

-134831031 | 2024-04-19T23:57:45.292540
22 / tcp

-1973284535 | 2024-04-12T16:02:53.618204
53 / tcp

-1973284535 | 2024-04-17T09:19:28.670401
53 / udp

408091574 | 2024-04-22T19:27:56.740450
443 / tcp

1248701297 | 2024-04-21T22:10:28.533220
10000 / tcp

731197476 | 2024-04-08T13:04:24.883378
10001 / tcp