GeneralInformation

Hostnames	sp-postavka.ru sppostavka.ru xn--80aehokufbpel8b6b.xn--p1ai
Domains	sp-postavka.ru sppostavka.ru xn--80aehokufbpel8b6b.xn--p1ai
Country	Russian Federation
City	Saint Petersburg
Organization	Beget LLC
ISP	Beget LLC
ASN	AS198610
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3000 5432 8000

-112177604 | 2024-05-04T07:35:38.017385

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCEzphaVuctoT1wTh3Wp953M
AlODeH0/uliWt7SHz71ip72Jhc5G7c7Ccie9Uf4Y48BlP32SP6FOvKLKRvFwL0A=
Fingerprint: 04:10:c9:01:ae:72:21:e0:db:3d:0a:63:21:23:2e:2f

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

677579724 | 2024-05-09T03:03:56.917076

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 09 May 2024 03:03:56 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

-1214746593 | 2024-05-08T09:02:33.853519

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 08 May 2024 09:02:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 187608
Connection: keep-alive
X-Powered-By: Next.js
ETag: "2dcd8-r6RtoaPv5I9/7C9ceTUG7kncJt4"
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:6a:3f:e7:2b:bc:46:20:ac:fa:c8:20:28:dc:ec:c7:e1:59
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 24 07:10:44 2024 GMT
            Not After : Jun 22 07:10:43 2024 GMT
        Subject: CN=sp-postavka.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a7:bc:63:e6:bf:6a:8f:6b:f3:a4:1f:73:c6:1a:
                    bd:bc:f2:62:b1:42:57:8c:1c:04:41:1e:26:67:fd:
                    2e:86:a5:51:86:7b:d3:97:31:ac:ea:a0:4c:4a:fe:
                    de:85:e9:30:bc:f7:53:1a:ea:cc:ab:61:69:4f:be:
                    ab:50:d3:2b:ce:ba:c6:89:a5:95:2d:4e:6a:4b:70:
                    bb:9f:1e:4b:71:18:39:61:59:f8:2f:ac:e8:c9:e2:
                    fd:74:f4:a9:57:66:f5:b9:61:d3:1a:78:03:ef:99:
                    48:84:1b:0a:99:ed:8b:fd:86:d7:c1:20:49:de:48:
                    e1:6a:c9:44:9a:33:d5:55:1b:04:3e:8c:38:6a:0b:
                    69:8f:bd:fb:b9:fb:c4:39:b7:98:1d:82:86:f7:6b:
                    96:48:60:57:1a:a6:f1:c6:4d:2b:ae:b2:b8:34:18:
                    50:35:37:ca:9b:88:85:90:c2:1c:a2:0a:3d:92:31:
                    f4:0f:6f:03:8d:bf:90:ab:a2:c5:c7:39:6f:26:cb:
                    f0:79:08:21:78:69:1b:ad:ab:a3:b7:e0:22:45:42:
                    3f:dc:c3:57:db:ea:1d:71:47:e6:2f:81:14:57:32:
                    52:4c:5e:45:0d:fa:ac:64:c3:ee:d0:ba:04:be:93:
                    0b:7f:0f:ec:3f:b2:f9:0c:ec:bb:8d:92:e2:f9:f1:
                    50:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                5D:84:FA:DA:BB:68:D8:F4:0C:B8:ED:26:DD:96:FF:F0:8E:94:17:DB
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:sp-postavka.ru, DNS:sppostavka.ru, DNS:xn--80aehokufbpel8b6b.xn--p1ai
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Mar 24 08:10:44.559 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:98:18:A9:4D:4E:61:A7:95:0D:9B:0A:
                                CA:DE:2A:98:E7:22:71:68:2C:FE:BF:96:AE:92:F4:BE:
                                75:E8:84:C8:69:02:21:00:FA:95:81:F9:82:F2:46:04:
                                8B:2B:D0:21:31:98:DA:4B:38:24:1B:78:CA:3F:0E:61:
                                80:36:13:88:97:08:BC:81
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 24 08:10:44.572 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6B:1A:CF:8B:09:CF:09:CE:DA:C7:60:C9:
                                BE:8D:87:A6:89:24:64:38:06:D8:1C:68:88:E6:5F:64:
                                F0:AB:14:FA:02:21:00:AA:45:DC:C8:D8:5F:B2:6E:A1:
                                3A:2A:DA:44:8D:55:67:05:1A:1B:89:6C:56:1C:62:82:
                                71:7D:77:6A:FE:CB:91
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6f:f0:47:e8:b3:3b:0a:79:c3:7d:b7:61:71:82:0f:5b:ce:d9:
        ac:70:de:b6:36:92:d0:20:a2:08:17:c1:33:98:e2:bd:92:85:
        4b:1f:48:68:2e:92:e2:ed:2e:62:57:67:78:f8:c5:53:88:03:
        9c:68:60:b2:75:b9:cd:31:77:64:93:2c:dc:0b:11:7c:57:f7:
        88:48:f2:f5:be:81:fb:f2:56:64:0d:1e:21:e5:a3:22:3f:fb:
        97:e0:89:6a:c1:e5:dc:aa:bb:f4:d0:48:ee:8c:44:cc:c8:3a:
        09:e2:15:0e:72:82:7a:3f:76:4d:b1:3d:64:3c:f4:21:88:f8:
        69:4f:a3:b9:a0:e9:03:2a:7c:fc:b3:b7:71:74:1d:d7:53:8c:
        a5:f2:2a:30:3a:df:8c:41:0b:e0:6f:98:42:89:26:fb:6e:92:
        99:6a:e0:a7:2a:66:46:0f:bb:e6:ea:73:47:d6:0b:f9:c0:93:
        e6:ec:6e:90:0c:12:8f:a2:88:d3:07:85:b2:22:37:9d:4b:39:
        5b:49:c1:ca:17:de:72:f2:ed:df:57:dc:78:52:ad:23:3f:a4:
        1f:27:2e:f9:4c:da:b3:83:ab:64:80:4f:55:a1:ef:fa:ef:ad:
        e5:76:15:fc:4d:0f:4d:1a:5c:16:15:7e:4c:ae:7d:cb:08:22:
        e5:ac:32:a5

-1214746593 | 2024-04-24T09:52:42.566254

3000 / tcp

HTTP/1.1 200 OK
X-Powered-By: Next.js
ETag: "2dcd8-r6RtoaPv5I9/7C9ceTUG7kncJt4"
Content-Type: text/html; charset=utf-8
Content-Length: 187608
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Vary: Accept-Encoding
Date: Wed, 24 Apr 2024 09:52:41 GMT
Connection: keep-alive
Keep-Alive: timeout=5

-726790289 | 2024-04-26T12:54:36.333209

5432 / tcp

PostgreSQL
fe_sendauth: no password supplied

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:e4:d0:1a:b2:33:f2:63:ff:b2:80:09:21:03:6c:dc:1b:6a:05:a0
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fkepgahxvp
        Validity
            Not Before: Jul 11 19:14:07 2022 GMT
            Not After : Jul  8 19:14:07 2032 GMT
        Subject: CN=fkepgahxvp
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b3:7f:f6:ff:df:70:2e:16:64:03:89:7a:f2:e1:
                    69:13:79:63:29:0b:99:f3:c9:f8:08:bf:97:78:90:
                    26:4b:79:35:c9:6b:22:2a:b1:4f:1c:71:d2:fc:ef:
                    3a:3a:3e:3a:fc:01:4e:4c:71:fd:40:c4:ea:9a:1f:
                    5d:82:9f:64:aa:a1:bf:6a:11:3f:9f:fd:23:93:18:
                    6c:48:c0:7a:37:41:ac:f1:ca:06:47:64:6c:57:04:
                    de:7c:7c:42:a5:8c:bf:77:5e:32:f5:51:af:15:72:
                    96:62:6c:95:1f:68:6b:23:c3:34:b4:3c:91:00:8e:
                    41:43:93:3a:01:95:ab:97:c2:f7:82:ef:57:0f:db:
                    ef:f2:ca:a9:c5:3b:bf:a4:34:a4:7f:6b:dc:41:84:
                    28:cb:9a:9e:44:75:bf:10:a3:1a:b0:49:35:cc:6f:
                    2f:9e:ac:ed:53:55:23:d2:d8:af:cb:7f:ad:ac:41:
                    99:72:0d:b9:48:d6:99:28:43:ed:22:3b:58:5c:2c:
                    97:a8:c0:4b:c7:ac:3a:e2:6a:9f:7e:45:02:32:d3:
                    d9:19:b4:de:5a:a9:ab:cb:93:b6:fe:21:51:03:ec:
                    5a:9d:e3:08:0f:3d:69:e4:f9:cc:71:21:b2:8d:b4:
                    f2:c7:80:b1:72:44:11:d2:dd:c0:ba:52:a8:81:76:
                    bd:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:fkepgahxvp
            X509v3 Subject Key Identifier: 
                0D:10:70:C4:1C:75:12:A7:9D:A6:89:41:A9:B7:01:C7:B2:2C:E1:24
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        62:7d:d6:a5:38:07:a1:3c:94:8d:24:30:3a:45:c2:16:80:fc:
        bf:f0:44:a7:17:92:29:5f:c3:37:09:31:0f:bc:7f:8a:f3:4b:
        33:f8:bc:28:b1:e7:92:25:83:e0:d9:56:5e:6c:44:0a:07:5d:
        4d:7c:18:27:32:e5:88:3b:92:3c:26:1c:31:0a:d9:ee:8d:a4:
        19:5c:6d:bf:ae:aa:71:d7:13:03:e3:2f:48:fa:97:96:96:85:
        7e:5e:5f:16:dc:03:a4:8a:08:f9:c1:c2:66:da:93:60:97:58:
        a4:6b:44:dc:4e:42:5b:31:95:d4:3c:24:12:77:f8:77:d7:9a:
        6a:04:fc:8a:da:89:3b:af:a5:d1:85:c2:de:89:91:1f:c3:d0:
        40:48:25:bd:7f:c5:b2:4d:79:b5:03:83:dd:e1:8d:57:45:97:
        b2:9a:39:b2:f8:f2:93:f2:c6:63:5c:ac:7c:d4:83:6a:23:0b:
        a9:27:2d:63:b3:44:d9:1b:59:b5:24:c9:ff:19:a9:46:70:06:
        b3:79:60:72:94:e3:c1:32:0a:82:41:3c:5c:d5:9e:db:9f:e7:
        8c:3f:4f:2a:0c:89:20:bf:8d:42:d7:93:fe:dc:65:25:a1:0d:
        0b:15:f0:96:3e:84:15:33:cc:ec:86:d3:72:19:db:a8:0c:ba:
        3e:73:1b:28

592490958 | 2024-04-30T00:48:35.557326

8000 / tcp

HTTP/1.1 404 Not Found
Date: Tue, 30 Apr 2024 00:48:35 GMT
Server: WSGIServer/0.2 CPython/3.9.10
Content-Type: text/html
X-Frame-Options: DENY
Content-Length: 179
Vary: Origin
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin

62.113.104.158

Last Seen: 2024-05-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-112177604 | 2024-05-04T07:35:38.017385
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

677579724 | 2024-05-09T03:03:56.917076
80 / tcp

nginx1.18.0

-1214746593 | 2024-05-08T09:02:33.853519
443 / tcp

nginx1.18.0

-1214746593 | 2024-04-24T09:52:42.566254
3000 / tcp

-726790289 | 2024-04-26T12:54:36.333209
5432 / tcp

PostgreSQL14.10 - 14.11

592490958 | 2024-04-30T00:48:35.557326
8000 / tcp

Products

Pricing

Contact Us

62.113.104.158

Last Seen: 2024-05-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-112177604 | 2024-05-04T07:35:38.017385 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

677579724 | 2024-05-09T03:03:56.917076 80 / tcp

nginx1.18.0

-1214746593 | 2024-05-08T09:02:33.853519 443 / tcp

nginx1.18.0

-1214746593 | 2024-04-24T09:52:42.566254 3000 / tcp

-726790289 | 2024-04-26T12:54:36.333209 5432 / tcp

PostgreSQL14.10 - 14.11

592490958 | 2024-04-30T00:48:35.557326 8000 / tcp

Products

Pricing

Contact Us

-112177604 | 2024-05-04T07:35:38.017385
22 / tcp

677579724 | 2024-05-09T03:03:56.917076
80 / tcp

-1214746593 | 2024-05-08T09:02:33.853519
443 / tcp

-1214746593 | 2024-04-24T09:52:42.566254
3000 / tcp

-726790289 | 2024-04-26T12:54:36.333209
5432 / tcp

592490958 | 2024-04-30T00:48:35.557326
8000 / tcp