GeneralInformation

Hostnames	yitservice.ksdev.ru ekb.yitservice.ksdev.ru kzn.yitservice.ksdev.ru msk.yitservice.ksdev.ru rnd.yitservice.ksdev.ru spb.yitservice.ksdev.ru tmn.yitservice.ksdev.ru y-service.site
Domains	ksdev.ru y-service.site
Country	Russian Federation
City	Moscow
Organization	JSC IOT
ISP	JSC IOT
ASN	AS29182

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 123 443 3306

73666988 | 2024-04-21T03:39:41.400372

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u2
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDAr8LxkFIiGHG9Ljf1JaIhsIOMQwPD0hiERguA1u79wC2S
bu9S7dXdJV6hIpvL903mAj7FKpQYOI1WEO4PxzRT4abiURMdl/wSwEmAy0zSRwKE19kgN2iqGke6
CLCdAx4enIWiagO7hKHK4S+X5z4hgpE3UbSdcbI9Wc38OmFA0+0ogF5KeSEPKGzzS08B39i2SpIq
AA+vyAg78bwz6VzD9XPQHx8YF5oX7OGKntezOlfs1fCQ7d+L5xz81MYWkXNCqXXLPkJwu3KOkGOB
0In+CW2IiI4Kv0OurBFpAxCSVphBw2ML7nvgLPfxxmaeeggMqScSSHG4lUimxTqSvudNz+Jy8m95
OU3eYklUTFzD4h3GDIkeDJI8DGU6hwv6kB9uTdOhiRKv8K3KyHwgMuv4LYpgnQceb2SVaq+UI3gS
kzbejH/8aBc1bJOwIM3mitfzw33nR5V9OMODS9NAalHslBghR5j2N9BIjObQdk+84Y/W8OfeSU/I
MecMvj/JKnE=
Fingerprint: db:1a:bf:be:75:f0:5a:ff:a0:6c:31:c8:01:0e:13:98

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1584412971 | 2024-04-28T10:34:56.674162

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 10:34:56 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://78.24.216.58:443/

-2037328890 | 2024-04-24T06:37:33.717945

123 / udp

NTP
protocolversion: 3
stratum: 0
leap: 3
precision: 0
rootdelay: 0.0
rootdisp: 0.0
refid: 1380013125
reftime: 0.0
poll: 3

-1196936736 | 2024-05-01T21:05:22.993467

443 / tcp

HTTP/1.1 401 Unauthorized
Server: nginx/1.18.0
Date: Wed, 01 May 2024 21:05:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 581
Connection: keep-alive
WWW-Authenticate: Basic realm="Access limited by ispmanager"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:8f:56:75:5d:f5:7a:25:35:f4:e2:7f:9e:6b:99:ea:8f:2f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  8 23:19:42 2024 GMT
            Not After : Jul  7 23:19:41 2024 GMT
        Subject: CN=yitservice.ksdev.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:d9:04:99:b9:4e:a3:52:b5:83:84:bd:df:74:8b:
                    fd:99:39:dc:ae:67:b7:96:c1:46:07:d8:eb:56:d3:
                    a4:b0:32:49:c7:57:6d:82:45:e5:87:bd:cd:17:09:
                    a8:5d:83:c9:a7:bb:36:58:cc:8f:f7:8b:e8:d4:73:
                    d0:cd:83:55:b6:dd:9b:9e:d7:a1:66:93:14:47:2a:
                    0b:5c:57:91:62:a6:cc:c3:38:a9:36:18:04:11:50:
                    db:a4:05:fa:29:e7:3b:e3:df:28:c8:94:1d:f0:5a:
                    a9:8e:d7:21:69:ca:be:4c:5e:70:32:b6:83:90:38:
                    b4:39:0b:c1:d0:e4:bd:95:6a:1a:69:66:18:6f:9d:
                    03:40:72:4f:57:c5:87:08:ac:c2:df:d6:f8:1c:88:
                    7b:7b:1c:7d:6b:9d:58:09:16:9b:5f:73:d1:8b:41:
                    ed:54:e7:31:9e:a0:e1:65:a8:d6:a0:45:00:66:5b:
                    25:46:32:8c:d5:c9:a5:e5:db:0f:1b:b7:57:0e:88:
                    30:48:03:de:fa:b5:55:c8:b7:ea:fa:02:3f:55:1a:
                    30:52:d1:d5:62:bd:f9:9e:32:26:ef:85:59:72:6f:
                    23:94:99:2a:68:58:75:03:1f:b3:53:85:79:13:83:
                    5e:b7:25:b1:35:a7:75:7d:56:14:54:71:68:fc:dd:
                    3e:97:52:6e:32:0a:d9:83:6c:aa:31:15:2f:b2:c1:
                    99:bb:a0:5a:92:3c:75:fa:d3:59:c7:a8:03:98:e6:
                    80:db:e5:42:f3:64:e3:5f:3f:ba:a9:0c:0e:53:0a:
                    10:ff:31:f0:22:46:bf:bf:e0:fd:e8:34:35:6c:d5:
                    1b:cf:d4:6f:1d:e2:09:55:45:fd:0c:ed:07:f3:8a:
                    3e:4c:c9:2a:03:9e:77:fa:c8:ec:ca:42:3b:47:ee:
                    cf:4a:90:76:62:27:24:47:de:2f:71:3c:e6:81:e7:
                    49:0c:7c:46:0e:24:4f:48:69:3f:6a:74:73:50:5e:
                    b9:7a:7f:de:76:d9:92:ff:38:07:8e:e5:4c:0f:fa:
                    62:37:8d:7c:06:28:5c:05:0d:dc:6d:8a:d9:be:c3:
                    3d:e9:f9:f1:38:c4:08:af:6e:a9:68:e8:a6:19:39:
                    34:e7:66:8c:19:38:91:c2:67:e0:ec:61:13:34:88:
                    7d:1d:eb:c0:d1:54:0e:a7:ae:f6:09:c1:e2:1a:c4:
                    e7:f5:73:aa:89:1a:12:19:00:e6:d4:1a:0b:3e:c1:
                    19:35:55:97:4e:1b:64:3a:a9:1f:46:c4:96:c7:ad:
                    c3:2e:c4:78:15:f9:68:69:9c:c5:71:f8:88:52:c8:
                    3f:6e:21:f2:54:f0:58:01:4f:e3:a1:b2:cd:b7:e3:
                    7b:69:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                F3:76:59:1F:5F:08:71:75:2D:FB:B7:C6:20:8F:08:C9:7F:82:EE:A3
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:ekb.yitservice.ksdev.ru, DNS:kzn.yitservice.ksdev.ru, DNS:msk.yitservice.ksdev.ru, DNS:rnd.yitservice.ksdev.ru, DNS:spb.yitservice.ksdev.ru, DNS:tmn.yitservice.ksdev.ru, DNS:yitservice.ksdev.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr  9 00:19:42.554 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:36:34:7A:D7:F0:09:20:8B:18:70:53:0D:
                                75:C4:83:2F:E6:1F:B8:53:95:C7:F7:C8:90:CF:57:78:
                                25:EF:01:83:02:20:24:7C:01:91:8D:04:DD:47:90:90:
                                AE:51:0E:E0:D0:DC:94:02:AC:AB:7C:9D:27:8A:36:83:
                                A7:29:D3:1F:FC:A5
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr  9 00:19:42.745 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:53:CA:6A:53:64:43:22:A1:CE:1C:1A:35:
                                4E:3F:42:C5:B7:0E:69:0C:4C:6E:06:49:F6:BF:C3:68:
                                28:8B:B2:B6:02:20:2C:90:9F:9D:FB:B7:25:1A:3D:BA:
                                BB:95:18:85:6A:9A:EC:DA:42:8B:FD:9C:0D:0E:60:F6:
                                C7:4A:09:05:FA:3F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        01:fa:09:cd:7e:1b:a0:36:69:75:ea:07:45:9e:8b:3b:be:6a:
        d4:32:fd:74:51:e3:26:35:a7:cd:41:8a:43:1a:0d:35:9a:a6:
        bd:9a:1d:c4:01:13:cb:7b:1e:ba:f5:7b:9e:84:9b:72:8d:18:
        6b:b0:1a:a9:0b:df:9d:89:9a:df:48:35:16:93:fa:c3:e6:ae:
        fc:d4:cf:aa:3e:07:83:93:bd:88:f4:14:1f:44:5c:ac:1f:1b:
        55:7d:59:2f:8e:8e:5d:88:97:c9:8d:3f:c8:5c:cc:5b:f8:a7:
        ef:65:a8:34:66:4e:51:46:93:1e:3d:5d:fa:34:b0:e9:07:c2:
        39:e0:48:16:2c:0d:75:77:ac:04:bc:7f:d1:c5:0f:72:7e:ac:
        dc:a9:82:a6:57:24:68:03:a4:46:e0:a4:c2:80:fc:8d:85:02:
        5e:39:83:57:df:56:c1:50:59:13:f0:b4:3e:49:0f:66:b2:49:
        14:0c:06:11:f6:72:0f:4a:4d:9c:4f:a9:f1:30:69:7e:e5:8c:
        00:55:98:26:ba:48:24:b2:4e:d3:58:40:30:7c:51:00:39:a6:
        f7:ff:0e:9c:96:fc:c8:d1:70:17:0a:7d:92:26:52:48:9e:d1:
        6e:9b:74:fb:95:42:61:50:08:fe:ea:7f:a5:8f:06:bd:dd:f8:
        6a:f6:9e:53

978387633 | 2024-04-28T04:16:24.004637

3306 / tcp

MariaDB:
  Protocol Version: 10
  Version: 10.5.21-MariaDB-0+deb11u1
  Capabilities: 63486
  Server Language: 45
  Server Status: 2
  Extended Server Capabilities: 33279
  Authentication Plugin: mysql_native_password

78.24.216.58

Last Seen: 2024-05-01

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

73666988 | 2024-04-21T03:39:41.400372
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u2

1584412971 | 2024-04-28T10:34:56.674162
80 / tcp

nginx1.18.0

-2037328890 | 2024-04-24T06:37:33.717945
123 / udp

-1196936736 | 2024-05-01T21:05:22.993467
443 / tcp

nginx1.18.0

978387633 | 2024-04-28T04:16:24.004637
3306 / tcp

MariaDB10.5.21-MariaDB-0+deb11u1

Products

Pricing

Contact Us

78.24.216.58

Last Seen: 2024-05-01

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

73666988 | 2024-04-21T03:39:41.400372 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u2

1584412971 | 2024-04-28T10:34:56.674162 80 / tcp

nginx1.18.0

-2037328890 | 2024-04-24T06:37:33.717945 123 / udp

-1196936736 | 2024-05-01T21:05:22.993467 443 / tcp

nginx1.18.0

978387633 | 2024-04-28T04:16:24.004637 3306 / tcp

MariaDB10.5.21-MariaDB-0+deb11u1

Products

Pricing

Contact Us

73666988 | 2024-04-21T03:39:41.400372
22 / tcp

1584412971 | 2024-04-28T10:34:56.674162
80 / tcp

-2037328890 | 2024-04-24T06:37:33.717945
123 / udp

-1196936736 | 2024-05-01T21:05:22.993467
443 / tcp

978387633 | 2024-04-28T04:16:24.004637
3306 / tcp