GeneralInformation

Hostnames	kassa.rambler.ru
Domains	rambler.ru
Country	Russian Federation
City	Moscow
Organization	Rambler News
ISP	Rambler Internet Holding LLC
ASN	AS24638

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443

772258679 | 2024-04-18T23:22:16.972537

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Thu, 18 Apr 2024 23:22:16 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Keep-Alive: timeout=50
Location: https://kassa.rambler.ru

-776683697 | 2024-04-18T23:22:15.438068

443 / tcp

HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Thu, 18 Apr 2024 23:22:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=50
Cache-Control: public,max-age=900
Location: http://m.kassa.rambler.ru/
Vary: X-VaryByCustom-74a52e03-5ac5-494e-b978-4d0f79efbc86
X-Correlation-Id: 0HN2VNN26I05L_00000001
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Server-Node: 0vm0005

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:5c:9d:81:d2:ec:7e:3a:06:1d:c4:32
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 DV TLS CA 2020
        Validity
            Not Before: Apr 18 13:14:59 2024 GMT
            Not After : May 20 13:14:58 2025 GMT
        Subject: CN=*.kassa.rambler.ru
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:d2:9c:84:46:e4:6b:48:9d:71:89:d3:3a:0f:91:
                    42:08:89:cf:ac:66:d5:f2:d3:d0:4c:ec:ed:92:25:
                    05:91:8e:35:5b:6b:09:0c:2a:49:51:20:7e:69:cb:
                    b0:fe:ba:38:a3:76:0f:8e:4c:95:c4:10:92:4b:f2:
                    92:60:45:ad:0b
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3dvtlsca2020.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3dvtlsca2020
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.10
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3dvtlsca2020.crl
            X509v3 Subject Alternative Name: 
                DNS:*.kassa.rambler.ru, DNS:kassa.rambler.ru
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                0D:98:C0:73:7F:AB:BD:BD:D9:47:4B:49:AD:0A:4A:0C:AC:3E:C7:7C
            X509v3 Subject Key Identifier: 
                A8:F1:C5:83:54:3D:49:35:1F:11:75:66:DE:75:89:BC:A5:71:52:BB
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Apr 18 13:15:02.456 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:14:15:02:78:51:84:5D:CD:DD:01:C3:5A:
                                59:0D:C4:9C:71:5C:85:D2:98:EF:8F:1F:E1:9F:59:0C:
                                D5:E5:93:45:02:21:00:EE:61:EE:4C:28:3E:C3:01:90:
                                C2:3C:83:C8:76:2A:99:21:92:48:17:A2:6E:B5:6C:7E:
                                89:44:9C:40:8A:02:5C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Apr 18 13:15:02.681 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:5F:2E:DA:7F:25:13:F6:C3:67:F5:9E:FB:
                                F5:88:5C:1F:1D:B8:33:80:5C:94:A8:41:AD:AD:AC:6C:
                                C1:49:BE:05:02:20:63:75:EE:6D:43:55:D3:E3:0B:5D:
                                B5:D7:CB:1B:32:18:4F:B6:02:46:28:18:5A:E7:5E:2C:
                                ED:26:03:EE:C9:86
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
                                0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
                    Timestamp : Apr 18 13:15:02.626 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:13:3C:54:CC:B8:18:49:15:E8:72:9A:F3:
                                12:17:4E:89:5C:E7:E5:14:43:56:8D:A5:47:F4:86:DE:
                                1F:F2:44:17:02:21:00:ED:7F:CA:00:A5:35:BE:40:DC:
                                E1:E0:5C:6A:83:71:86:88:65:5B:EF:3F:40:8C:A4:E0:
                                87:1D:76:78:60:A7:7F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        94:86:e2:3b:0a:6e:d9:0f:d8:14:ad:8c:fb:1f:10:c5:fe:76:
        5e:35:57:5b:9e:8f:28:91:39:71:0e:9b:56:84:e2:d5:d1:8c:
        f4:c7:6b:ab:49:6b:99:e5:c4:b9:46:b5:a4:f5:d1:ae:7b:64:
        8a:13:21:eb:e2:8f:25:15:5e:95:67:b3:36:a6:2d:d9:73:64:
        3d:6e:b4:fb:37:a6:78:39:31:07:13:85:5a:bd:a1:5c:0d:bf:
        4b:18:04:30:3f:11:40:ad:1c:62:77:e9:14:f5:66:24:4f:0f:
        c9:b3:f5:47:21:dc:c6:73:b6:6c:86:ca:c4:0e:55:11:8c:c0:
        04:2e:00:3a:ba:e1:67:6d:26:4f:44:eb:23:5c:38:12:56:48:
        d6:5f:58:ad:c0:58:77:cf:1b:db:03:8e:57:ca:87:f2:65:41:
        76:fb:80:f9:14:ad:be:b6:e4:b0:a1:0b:2c:fe:7d:f4:8e:0d:
        98:0a:b9:26:a4:fd:b5:6c:f5:b0:1e:3e:2e:13:dd:cf:e8:31:
        6f:d4:b0:a6:78:59:a3:36:fe:70:57:92:60:82:95:3a:16:07:
        3b:0c:e4:b9:23:7d:1f:9b:0b:ae:90:7e:40:0f:09:fa:71:0f:
        08:c9:5b:ae:52:fa:66:cc:63:03:b8:3e:36:74:76:0f:ab:74:
        02:b4:54:66

81.19.92.95

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

772258679 | 2024-04-18T23:22:16.972537
80 / tcp

nginx1.20.1

-776683697 | 2024-04-18T23:22:15.438068
443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

81.19.92.95

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

772258679 | 2024-04-18T23:22:16.972537 80 / tcp

nginx1.20.1

-776683697 | 2024-04-18T23:22:15.438068 443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

772258679 | 2024-04-18T23:22:16.972537
80 / tcp

-776683697 | 2024-04-18T23:22:15.438068
443 / tcp