GeneralInformation

Hostnames	expertapi.ru www.expertapi.ru srv162.expertcen.ru
Domains	expertapi.ru expertcen.ru
Country	Russian Federation
City	Saint Petersburg
Organization	Selectel Network
ISP	OOO "Network of data-centers "Selectel"
ASN	AS49505
Operating System	Ubuntu

WebTechnologies

CDN

JavaScript libraries

Miscellaneous

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

OpenPorts

21 22 25 80 123 443 631 33060

906388357 | 2024-05-09T12:40:39.766153

21 / tcp

220 (vsFTPd 3.0.3)
530 Login incorrect.
530 Please login with USER and PASS.
211-Features:
 EPRT
 EPSV
 MDTM
 PASV
 REST STREAM
 SIZE
 TVFS
211 End

830861814 | 2024-05-23T02:21:58.279920

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQC55PoPGuSlgR9g0fMPg3670OsUlPkW6chorngHdaL27dwg
dkAgxW7zK77VOAm7EYsL4DIWJO62+srjNHK7pJvUrajreVGFKsq7v8W8ETrHrSAq5cFobHEHEnfo
pacjygpn0IjcYyQv4jfAgnTFNtKkACK3muoYvgQuOKWvUWKKQyaEZwcZ4AwW9s6chROfrXoh0Rdd
yTZvVEc+AM2+3VODWmYEdDQ7D39owAXF4eCdgCx2ZXCG7ZGtgxkLDfQt0TqcwoVJsD1hOfuMkDBj
adOLZOHJdMRlT6Czd+gTSG4+v63XQZGizf3/+BZ3LHRZeZsOEZxMblj5g0Aey+ndEK7J9p5Uzi4P
MN0rlBhoStK5u8zetvJs83SKnYhBd+W2cebOp7OG3eeJORKpw8uhRVzgJK+prudTCS1svVRzSIZj
2VG3iY3B0E9O5wmwoWIsEMsgm4tknhBcGq5BVCv7cFVGLOCNZMuYPs6cGfpN+B3NQir8ZJ4sx6xb
UYMLv91B67M=
Fingerprint: 84:d2:37:15:78:7f:cd:54:15:cc:fd:75:9e:9a:54:dd

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

639891272 | 2024-05-20T09:59:40.939632

25 / tcp

220 srv162.expertcen.ru ESMTP Postfix (Ubuntu)
250-srv162.expertcen.ru
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:de:dc:0d:50:98:c7:01:7c:a9:8d:d1:c3:0f:c6:74:26:d7:dc:8a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=srv20.expertcen.ru/emailAddress=admin@expertcen.ru
        Validity
            Not Before: Jul  3 07:12:47 2019 GMT
            Not After : Jul  2 07:12:47 2020 GMT
        Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=srv20.expertcen.ru/emailAddress=admin@expertcen.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d2:08:4b:19:f8:11:a9:d7:a4:b0:dd:02:2c:22:
                    e2:2c:3e:bc:62:c7:4d:27:37:7e:96:d1:79:17:20:
                    58:21:df:7e:60:af:41:5d:63:f5:61:d7:5b:bc:2e:
                    57:9a:8d:15:1f:76:d2:d3:e1:26:3a:ff:3a:4e:1a:
                    92:7f:f0:67:b7:07:e1:0b:d8:17:dc:cb:79:ea:13:
                    bc:f5:04:1f:69:8c:7d:a5:5f:2f:f8:2e:88:e2:9b:
                    3d:13:63:1b:f2:22:96:61:aa:19:66:1b:28:6f:aa:
                    ff:fa:02:20:d0:90:90:14:d9:b6:54:8e:23:93:d1:
                    a2:ba:8e:fc:06:cc:dd:5c:54:30:53:8e:6c:40:0f:
                    5b:8c:49:c4:ca:91:51:1b:6e:64:16:39:1a:1c:ce:
                    87:d1:5c:cc:dd:5a:c3:37:fd:b2:bc:fd:2a:92:27:
                    62:2f:86:5d:1c:b4:78:67:09:79:15:92:8b:d0:71:
                    a2:30:d7:5d:e9:1c:51:68:ce:42:19:e8:e3:8d:eb:
                    2f:24:ee:69:cf:a9:6d:65:49:90:a4:62:2d:4c:af:
                    38:a3:29:18:29:39:ca:45:d3:ce:58:cc:e7:9d:f4:
                    21:74:fd:e4:c5:64:7a:6e:95:39:6a:8d:fe:bb:49:
                    37:aa:3d:7d:de:59:07:97:5e:9d:36:22:f2:cd:72:
                    5a:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                30:AE:AC:AA:ED:EF:3A:84:83:48:32:A6:28:CE:9F:BA:52:89:82:91
            X509v3 Authority Key Identifier: 
                30:AE:AC:AA:ED:EF:3A:84:83:48:32:A6:28:CE:9F:BA:52:89:82:91
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        29:ea:d2:d6:62:10:1b:1d:ce:78:f0:81:87:58:7c:82:0c:57:
        d6:c0:0a:aa:97:0e:b3:c4:9d:b4:85:98:ea:21:d6:b7:42:30:
        a0:13:3c:b7:85:9a:8a:10:18:b0:ee:45:35:ee:ca:f2:cf:e3:
        85:ba:41:25:0b:9a:df:2f:5d:99:0a:fe:81:e7:b2:f7:80:3e:
        4d:6c:28:39:b8:9e:ca:da:8f:a3:ad:eb:cc:5c:c5:25:7d:e9:
        fb:47:0f:ed:ae:80:7d:0d:26:01:93:be:c7:cc:b5:91:50:73:
        9d:b8:c2:b5:2f:15:75:0f:a2:b4:81:90:ed:fc:ff:e3:eb:d6:
        e2:f6:70:18:9d:07:66:49:d2:38:46:1b:b8:4b:0a:51:5d:91:
        d7:a7:9f:32:c0:eb:67:6e:9b:dd:65:f8:d2:6b:a0:8f:eb:72:
        dc:5a:12:00:9f:95:b9:7b:25:5b:62:48:56:db:f2:d2:ce:e2:
        ef:d8:7b:79:e3:da:3d:60:6b:83:bf:ee:07:fc:b2:dc:5e:4a:
        25:ea:9f:e2:fb:aa:6e:0e:7e:b6:1f:ce:bb:18:c2:a9:30:cd:
        7b:a5:9b:9a:42:2e:a5:bd:c2:70:3e:15:f7:df:95:2e:95:2c:
        0a:75:16:5f:4a:03:1d:83:23:93:7d:0e:4d:4d:53:93:9d:28:
        55:30:00:ea

589765266 | 2024-05-20T23:27:59.295295

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 20 May 2024 23:27:26 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://5.189.239.162/

-802498476 | 2024-05-18T17:52:43.753246

123 / udp

NTP
protocolversion: 3
stratum: 3
leap: 0
precision: -25
rootdelay: 0.0175476074219
rootdisp: 240.259262085
refid: 3160215571
reftime: 3909027591.88
poll: 3

879067342 | 2024-05-20T23:28:04.273120

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 20 May 2024 23:27:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:bb:66:9d:c6:e5:31:85:68:f5:b5:1e:b0:75:4f:13:a2:0c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 25 07:22:25 2024 GMT
            Not After : Jul 24 07:22:24 2024 GMT
        Subject: CN=expertapi.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d4:02:31:84:aa:ac:d0:12:2d:1a:3d:84:08:ec:
                    09:d8:bf:e1:21:0e:97:e0:64:eb:98:09:a8:81:77:
                    24:a2:b9:64:3c:b6:5f:8e:db:ce:ee:0a:de:d9:1c:
                    98:48:33:5e:71:c0:42:03:bf:a6:6e:ff:e2:ef:2f:
                    94:18:d6:20:6f:65:87:c9:17:ce:aa:e8:58:54:86:
                    a4:a8:ba:43:4c:75:d2:23:e5:c0:23:c1:9b:8e:6c:
                    4b:1a:ee:1e:ff:4d:b3:6e:c9:81:9b:21:66:c9:b9:
                    42:7e:8b:74:8e:34:3c:96:4f:e1:fe:30:05:9e:49:
                    ae:2a:aa:2d:4f:40:a5:08:22:94:2b:24:f0:ae:b7:
                    4f:1f:c0:73:81:b0:ec:95:40:ec:77:75:96:a4:e9:
                    e1:f1:6b:7c:f8:20:4f:49:73:b8:d3:18:c6:b1:8e:
                    de:d7:97:62:ee:df:df:ce:e1:da:0b:9e:c0:48:ff:
                    c1:63:cf:b7:d0:60:b3:20:9f:4b:77:83:3d:5d:d6:
                    b7:17:25:e0:08:b9:b6:1b:79:03:19:56:3e:ef:2c:
                    97:4a:97:78:48:13:bc:dc:36:c9:bf:bc:5b:cc:bd:
                    f9:90:96:3d:3c:ff:ec:e3:88:fa:de:d1:d5:7a:17:
                    a3:6e:e2:4e:9c:ed:fc:4e:86:cb:0e:40:0a:a5:9a:
                    18:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                CE:DA:DC:FA:6A:1E:F4:46:29:5B:8A:79:9C:E2:19:DD:F7:71:88:B7
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:expertapi.ru, DNS:www.expertapi.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 25 08:22:25.782 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:14:89:22:F7:B0:AC:57:7C:3C:BB:63:43:
                                ED:AA:67:DE:E1:32:DF:4C:C4:7F:E1:22:30:7F:A1:23:
                                D0:6B:E5:94:02:21:00:9A:E4:0A:76:B3:CD:89:94:D9:
                                91:C2:6B:94:92:80:62:7B:47:12:72:83:51:92:03:46:
                                30:81:A4:85:BA:53:51
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 25 08:22:25.787 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:DC:D0:A0:58:00:3C:E9:3F:DF:48:1F:
                                F9:95:C8:D3:94:12:8F:F7:DC:FA:35:CA:AD:55:9D:6F:
                                6F:A3:59:99:6F:02:21:00:DB:2A:9A:E2:CC:C2:B7:89:
                                F8:9D:5A:8E:90:33:75:11:30:73:FC:F3:45:82:6F:0E:
                                ED:76:77:42:CE:B6:7A:03
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        03:4c:95:ee:81:1a:55:ee:84:59:ca:95:05:f6:af:30:1a:cc:
        cc:73:64:e7:1f:e7:4a:8c:28:ea:53:5f:ef:09:b3:b5:44:7c:
        9d:4c:86:33:6c:a4:7d:a4:ce:a9:24:7b:8c:49:5b:86:b8:79:
        f6:22:cf:a4:24:ef:f8:41:9b:26:e6:3a:58:57:4b:9c:a9:34:
        d9:64:5c:2d:0f:1b:93:1f:63:69:e3:e1:79:2e:a5:0e:c8:bd:
        09:52:a5:7c:e5:65:b3:e8:26:82:eb:39:58:44:f3:cf:5a:66:
        58:5d:86:e3:b6:4b:6d:71:27:61:f0:f2:1e:0f:af:f3:47:42:
        aa:76:af:12:f3:7c:8a:7a:8a:34:00:39:ac:0c:f8:e3:bb:55:
        c9:1b:61:b1:b4:f5:81:ec:53:64:5a:31:03:58:cb:07:40:75:
        7b:95:66:71:da:17:c6:fe:ec:c1:f9:0e:32:f9:68:65:f5:df:
        c0:48:b1:f5:f3:f1:3b:61:e2:b5:31:1d:87:a1:84:13:c2:24:
        66:c4:6b:84:c9:1d:42:f8:89:43:5f:8d:69:58:1a:41:7b:f7:
        37:a9:a2:8b:38:8e:c0:f3:79:30:30:1b:de:c7:86:56:54:ae:
        1d:9d:fd:b6:98:94:8a:36:c2:59:97:8a:d5:42:ab:60:73:86:
        3c:08:aa:95

-1617379090 | 2024-05-08T23:51:11.783639

631 / tcp

HTTP/1.1 403 Forbidden
Connection: close
Content-Language: en
Content-Length: 370
Content-Type: text/html; charset=utf-8
Date: Wed, 08 May 2024 23:51:07 GMT
Accept-Encoding: gzip, deflate, identity
Server: CUPS/2.4 IPP/2.1
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none'

-795948505 | 2024-05-22T14:16:26.201965

33060 / tcp

MySQL X Protocol:
  tls: False
  authentication.mechanisms:
    MYSQL41
    SHA256_MEMORY
  doc.formats: text
  client.interactive: False
  compression:
    algorithm:
      deflate_stream
      lz4_message
      zstd_stream
  node_type: mysql
  client.pwd_expire_ok: False

5.189.239.162

Last Seen: 2024-05-23

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

906388357 | 2024-05-09T12:40:39.766153
21 / tcp

830861814 | 2024-05-23T02:21:58.279920
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.4

639891272 | 2024-05-20T09:59:40.939632
25 / tcp

Postfix smtpd

589765266 | 2024-05-20T23:27:59.295295
80 / tcp

nginx1.18.0

-802498476 | 2024-05-18T17:52:43.753246
123 / udp

879067342 | 2024-05-20T23:28:04.273120
443 / tcp

nginx1.18.0

-1617379090 | 2024-05-08T23:51:11.783639
631 / tcp

CUPS (IPP)2.4.8

-795948505 | 2024-05-22T14:16:26.201965
33060 / tcp

MySQL X Protocol

Products

Pricing

Contact Us

5.189.239.162

Last Seen: 2024-05-23

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

906388357 | 2024-05-09T12:40:39.766153 21 / tcp

830861814 | 2024-05-23T02:21:58.279920 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.4

639891272 | 2024-05-20T09:59:40.939632 25 / tcp

Postfix smtpd

589765266 | 2024-05-20T23:27:59.295295 80 / tcp

nginx1.18.0

-802498476 | 2024-05-18T17:52:43.753246 123 / udp

879067342 | 2024-05-20T23:28:04.273120 443 / tcp

nginx1.18.0

-1617379090 | 2024-05-08T23:51:11.783639 631 / tcp

CUPS (IPP)2.4.8

-795948505 | 2024-05-22T14:16:26.201965 33060 / tcp

MySQL X Protocol

Products

Pricing

Contact Us

906388357 | 2024-05-09T12:40:39.766153
21 / tcp

830861814 | 2024-05-23T02:21:58.279920
22 / tcp

639891272 | 2024-05-20T09:59:40.939632
25 / tcp

589765266 | 2024-05-20T23:27:59.295295
80 / tcp

-802498476 | 2024-05-18T17:52:43.753246
123 / udp

879067342 | 2024-05-20T23:28:04.273120
443 / tcp

-1617379090 | 2024-05-08T23:51:11.783639
631 / tcp

-795948505 | 2024-05-22T14:16:26.201965
33060 / tcp