GeneralInformation

Hostnames	ns31195936.ip-51-89-234.eu opt.veloplaneta.com.ua www.opt.veloplaneta.com.ua
Domains	ip-51-89-234.eu veloplaneta.com.ua
Country	United Kingdom
City	Bexley
Organization	OVH Ltd
ISP	OVH SAS
ASN	AS16276

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-20372	5.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

21 80 111 443 3306

1491283146 | 2024-03-29T17:24:42.551379

21 / tcp

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 20:24. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
530 Login authentication failed
214-The following SITE commands are recognized
 ALIAS
 CHMOD
 IDLE
 UTIME
214 Pure-FTPd - http://pureftpd.org/
211-Extensions supported:
 EPRT
 IDLE
 MDTM
 SIZE
 MFMT
 REST STREAM
 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
 MLSD
 AUTH TLS
 PBSZ
 PROT
 UTF8
 TVFS
 ESTA
 PASV
 EPSV
 SPSV
211 End.

-1984879341 | 2024-04-16T19:50:28.386053

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.16.1
Date: Tue, 16 Apr 2024 19:50:28 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://51.89.234.150/

-1345205424 | 2024-04-16T21:46:56.157450

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111

-1345205424 | 2024-04-03T16:25:31.263548

111 / udp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111

425553940 | 2024-04-16T19:50:30.764204

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Tue, 16 Apr 2024 19:50:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2226
Last-Modified: Mon, 17 Jan 2022 19:41:13 GMT
Connection: keep-alive
ETag: "61e5c659-8b2"
Cache-Control: public
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            af:9a:ba:fa:d7:ad:2e:ab:d4:2a:a0:a5:a8:f0:2f:a6
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: May  3 00:00:00 2023 GMT
            Not After : May 20 23:59:59 2024 GMT
        Subject: CN=opt.veloplaneta.com.ua
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a4:bb:df:87:93:73:9f:e4:57:2f:54:6e:40:03:
                    5a:2a:0e:7a:5c:83:d2:e8:57:19:cb:d6:9e:68:89:
                    cc:83:db:bf:23:81:08:f6:73:48:55:e1:c7:bf:3f:
                    ba:31:4b:7b:ca:48:37:36:df:08:99:97:7b:5b:5b:
                    8f:a5:96:61:37:7d:ee:7a:82:69:5c:9b:00:58:3b:
                    bc:07:9c:69:8b:ac:b3:10:2c:6b:ef:57:39:00:91:
                    57:df:5d:ea:e1:70:ca:7a:df:e0:dd:77:be:42:62:
                    fd:fb:0c:55:2d:5b:b4:9b:4d:3a:cc:38:93:05:7a:
                    34:b9:21:e4:f2:23:fe:b9:6e:1b:4a:49:17:86:06:
                    c8:26:8f:7d:82:25:77:98:a6:0a:b8:c4:91:89:b5:
                    45:2f:2c:0e:6e:ca:c0:9e:b1:6d:f1:40:53:00:3e:
                    fe:dd:31:2f:f9:d8:42:5c:d1:97:8a:1d:84:2e:0a:
                    70:6d:ff:54:cc:36:ad:2b:8f:5f:6a:fb:78:49:e9:
                    72:37:62:f8:e2:e4:77:17:c9:a0:db:e2:76:92:7f:
                    15:c2:a6:aa:99:ae:cd:cf:3c:a0:10:65:e7:4f:10:
                    7b:da:c7:02:c7:d1:17:e6:f7:3b:81:7b:05:e6:16:
                    25:c1:07:02:f0:a9:e6:4f:e9:9c:0f:b9:7a:b8:98:
                    62:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                9E:D0:5E:A7:EB:12:21:EA:37:8F:7F:06:AA:4C:43:2E:E0:33:2D:95
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:opt.veloplaneta.com.ua, DNS:www.opt.veloplaneta.com.ua
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : May  3 07:11:29.281 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:59:E0:DE:0F:4D:9F:1B:48:DA:FD:FC:C8:
                                58:6F:F5:7F:FE:8D:8A:81:C1:02:D8:F7:3B:86:A8:AB:
                                B1:6C:7F:B2:02:20:21:3B:6D:95:6D:D9:E3:A1:6B:2F:
                                47:04:EC:06:8A:EE:FE:D6:0F:4B:5C:8E:0F:9D:FA:DA:
                                F1:EA:A5:F6:60:D0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : May  3 07:11:29.379 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:76:94:C0:07:B1:36:D6:E4:80:C8:53:57:
                                75:7B:78:8A:B4:EE:46:20:C3:AF:1D:94:83:36:DE:C1:
                                0A:E5:8A:5E:02:21:00:FA:A3:FD:36:8C:76:67:46:DB:
                                E9:FE:58:0E:9C:6F:FD:70:DA:F0:CF:B0:E3:1E:48:BD:
                                6D:4C:7A:B7:CC:E3:A4
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : May  3 07:11:29.321 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:58:D8:68:0A:8A:E2:4C:B5:50:2D:35:AB:
                                69:7E:2B:CB:84:39:C3:00:E8:70:67:28:B0:63:2F:81:
                                BB:44:8D:FB:02:21:00:FD:FE:61:CA:0A:C3:D7:FE:A9:
                                AA:DD:09:0C:F3:88:CE:25:CE:63:EE:26:19:E1:F9:3C:
                                94:AE:2A:F3:0B:99:AA
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        75:72:a4:34:72:9f:f4:c1:c2:c2:8c:17:af:43:43:fd:10:fc:
        39:68:15:26:da:65:1e:1d:86:4e:26:18:f9:00:fd:ef:2b:c7:
        90:a5:d3:4e:fd:6d:9d:33:fc:9d:b8:f5:1f:45:b3:b6:ce:8b:
        72:18:f1:9f:00:75:2c:53:11:71:7e:88:cb:90:8a:a7:13:de:
        b4:7d:f1:0f:0d:2b:9b:90:a7:f5:f5:91:af:4a:e2:ed:e2:60:
        4a:12:65:f7:d5:41:f8:9c:0e:c7:2c:f7:04:c3:d8:d3:9a:de:
        9c:9a:ba:0a:18:83:a9:54:43:d7:ca:0e:50:23:e0:20:76:85:
        e6:24:50:d2:a6:ab:81:6a:70:e7:86:8c:09:11:69:e5:97:13:
        54:60:74:0f:05:57:e3:c3:4d:59:c7:6f:05:6d:82:da:82:fc:
        ad:fe:53:12:fe:38:58:3e:1b:b9:7c:01:1e:2b:5e:df:1f:62:
        af:02:73:45:45:63:c1:96:8f:76:29:41:f6:17:29:9e:e5:d6:
        2c:1b:92:3f:06:41:55:61:0e:97:15:2a:70:38:f0:ae:43:60:
        cd:74:a4:f6:cc:8f:fc:ce:bf:5a:1a:b6:56:43:1e:0e:4c:8f:
        2b:a3:80:4b:90:b7:19:ef:f9:38:1a:23:d6:fd:16:5b:e4:5b:
        48:cf:09:6d

1652703876 | 2024-04-19T12:25:49.778682

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 5.7.37-log
  Capabilities: 65535
  Server Language: 192
  Server Status: 2
  Extended Server Capabilities: 49663
  Authentication Plugin: mysql_native_password

51.89.234.150

Last Seen: 2024-04-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1491283146 | 2024-03-29T17:24:42.551379
21 / tcp

Pure-FTPd

-1984879341 | 2024-04-16T19:50:28.386053
80 / tcp

nginx1.16.1

-1345205424 | 2024-04-16T21:46:56.157450
111 / tcp

-1345205424 | 2024-04-03T16:25:31.263548
111 / udp

425553940 | 2024-04-16T19:50:30.764204
443 / tcp

nginx1.16.1

1652703876 | 2024-04-19T12:25:49.778682
3306 / tcp

MySQL5.7.37-log

Products

Pricing

Contact Us

51.89.234.150

Last Seen: 2024-04-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1491283146 | 2024-03-29T17:24:42.551379 21 / tcp

Pure-FTPd

-1984879341 | 2024-04-16T19:50:28.386053 80 / tcp

nginx1.16.1

-1345205424 | 2024-04-16T21:46:56.157450 111 / tcp

-1345205424 | 2024-04-03T16:25:31.263548 111 / udp

425553940 | 2024-04-16T19:50:30.764204 443 / tcp

nginx1.16.1

1652703876 | 2024-04-19T12:25:49.778682 3306 / tcp

MySQL5.7.37-log

Products

Pricing

Contact Us

1491283146 | 2024-03-29T17:24:42.551379
21 / tcp

-1984879341 | 2024-04-16T19:50:28.386053
80 / tcp

-1345205424 | 2024-04-16T21:46:56.157450
111 / tcp

-1345205424 | 2024-04-03T16:25:31.263548
111 / udp

425553940 | 2024-04-16T19:50:30.764204
443 / tcp

1652703876 | 2024-04-19T12:25:49.778682
3306 / tcp