GeneralInformation

Hostnames	api.famed.online knowthishow.com
Domains	famed.online knowthishow.com
Country	Russian Federation
City	Saint Petersburg
Organization	Selectel Network
ISP	OOO "Network of data-centers "Selectel"
ASN	AS49505

WebTechnologies

JavaScript frameworks

JavaScript libraries

Programming languages

Node.js

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-23064	Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

80 123 443 9000 9001

-158149353 | 2024-04-27T02:13:18.216338

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Sat, 27 Apr 2024 02:13:17 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

991231821 | 2024-04-11T14:29:40.212521

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -24
rootdelay: 0.056640625
rootdisp: 0.0305328369141
refid: 3223621506
reftime: 3921833731.79
poll: 3

919013895 | 2024-04-24T00:43:26.901688

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Wed, 24 Apr 2024 00:43:26 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlU5enRDV3lKVXRIQ2xtYUdWOEsrVFE9PSIsInZhbHVlIjoidGUxejgrVEp0QThHM0tWNjQ1elg0S1dPWUNqOHc4ME8xQkNncjBNRVVXVjAxMHdvdmtZZit3SEdnVGRIaGd3WiIsIm1hYyI6IjFiMjEwZjU0YjI4MWVmYWNlYWYxY2M1ODYwODA4MTNmZmMzNzI0ZjAzOWZkN2RmYzk1Y2NhN2U3YTZmOTc5NzUifQ%3D%3D; expires=Wed, 24-Apr-2024 02:43:26 GMT; Max-Age=7200; path=/
Set-Cookie: famed_session=eyJpdiI6Ik9TcjVXUUxQdFRydzkxOHpSTEZTYXc9PSIsInZhbHVlIjoibnI3VmpOanFoOHFOZDhyYVwvdVwvcmdacUpvcTM5RDVXYWhhY2xXK3FvMGkwVHI4eks0WWlpbzJXT3IzcnFCM2JIIiwibWFjIjoiY2FkYzIzNmFlODQxZGJlZmI1MjkyNjc5ZjVmYTUwYjM1MzhiMzkzYmIwNzA2YTM3YjAyNmYxOWZhNzg5MTI1YSJ9; expires=Wed, 24-Apr-2024 02:43:26 GMT; Max-Age=7200; path=/; httponly

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:a3:ae:ca:7e:90:2d:13:a7:4b:27:36:c8:7b:a3:5b:b6:3a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 25 05:31:47 2024 GMT
            Not After : Jun 23 05:31:46 2024 GMT
        Subject: CN=api.famed.online
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a9:1d:bb:b9:10:eb:1f:73:71:d8:27:c1:d8:8e:
                    51:3c:ec:06:1c:08:0b:e8:bd:f6:b8:88:8f:b7:5c:
                    b2:8c:6d:72:6d:09:76:f5:ac:d1:99:65:23:54:29:
                    e8:fb:d8:d4:42:2e:b4:73:ae:58:a0:33:5c:3b:bc:
                    2f:8b:56:e6:b3:ef:66:fd:96:6f:80:27:5d:b6:c7:
                    97:6e:22:4e:ab:ce:89:d9:97:b7:80:74:91:38:0d:
                    19:ae:ca:d3:94:2d:f5:b9:40:ff:e0:1d:b1:0a:10:
                    d8:e7:26:75:53:76:ce:9e:35:9c:ff:d5:59:49:57:
                    e4:84:4e:de:5d:b6:7d:7d:bb:55:1b:01:b9:24:06:
                    1d:71:32:d1:54:30:08:f1:f1:71:7d:da:35:b5:7d:
                    68:37:93:4b:8b:27:c0:9a:1c:1d:8f:ac:10:9f:df:
                    76:a4:6a:e1:0c:6e:92:4a:3e:3a:ab:79:97:c0:86:
                    1e:4f:c3:23:54:2d:33:66:d5:13:bc:70:59:0c:26:
                    ec:1e:24:c7:64:51:76:2b:04:89:12:71:b4:fa:e1:
                    e5:4f:c0:73:86:e9:b0:2a:69:e5:a0:ab:e6:bc:3f:
                    26:e4:da:17:2c:b9:f0:63:d6:75:af:e1:46:ca:c6:
                    d9:b1:6e:ab:3a:b0:5e:e7:b1:b4:ef:28:cb:23:d0:
                    4d:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                14:C6:F1:C0:93:E3:E9:D2:30:9C:DC:60:00:55:5B:C4:A7:0A:EF:DA
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api.famed.online
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 25 06:31:47.926 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:40:94:10:A0:5C:CC:70:15:27:D1:CA:00:
                                F6:54:AD:CE:7A:F8:9B:9B:8D:BD:56:73:CD:7A:0A:5A:
                                AD:23:3C:F1:02:21:00:87:F8:B9:D9:CF:F9:EE:7B:8F:
                                9A:6A:D9:3E:A6:42:5E:B8:3B:17:DF:27:D7:F1:57:F4:
                                42:E5:B6:D4:8F:EA:42
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Mar 25 06:31:49.976 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:ED:2C:47:5E:9E:7B:F5:8F:3D:D1:86:
                                BD:7D:6A:A3:E9:6F:39:3A:0A:AD:18:6C:85:4A:FC:B2:
                                19:EC:A9:F4:9B:02:21:00:99:7C:C8:D4:6C:42:58:A1:
                                23:C0:DC:0D:56:97:55:3D:2C:B5:8B:74:3C:76:6A:D4:
                                5D:BA:45:49:E6:60:47:E9
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        93:59:28:92:c9:14:53:69:ed:97:7b:15:c0:43:a5:e7:d9:35:
        21:c8:ee:9e:60:0f:76:d7:9a:66:ff:97:80:e5:d9:a3:4b:d6:
        c6:46:01:8b:9e:e1:fc:8d:4e:ee:ee:c5:98:71:c4:5a:79:3a:
        00:e6:e8:6b:97:11:02:ef:99:31:8c:a8:79:94:71:71:17:f0:
        fe:e9:22:9f:51:bd:3d:1b:e4:44:7e:75:e1:e6:38:29:ec:f5:
        fe:62:3c:e6:09:6f:b6:a2:46:c5:09:92:c6:6b:61:fc:ec:40:
        72:c4:3e:5b:dd:26:54:81:6e:52:1f:dd:8d:4e:17:bb:f5:20:
        77:f4:ed:b7:50:a3:dd:b5:30:45:23:a8:d1:17:3b:68:3e:54:
        7b:0d:3f:30:e0:e5:d7:e0:c2:7f:db:8f:b9:0e:3f:24:f4:9b:
        08:67:9d:21:c3:5f:41:ca:b4:16:18:39:bf:14:e7:9c:cd:f5:
        36:6b:be:14:64:5c:f3:b5:ec:1d:6b:c1:3d:2d:68:cc:9a:6a:
        ee:c8:d7:ed:8d:b6:a0:63:34:05:79:3f:4d:e4:ba:e3:e5:43:
        d0:4a:8e:b3:2d:45:47:a2:a3:4b:44:51:e0:14:a0:5d:2f:be:
        75:62:f2:b6:94:3c:93:8b:d6:87:38:45:5c:3b:c8:11:26:37:
        ca:3d:3c:40

-1135106403 | 2024-04-25T22:54:26.038666

9000 / tcp

HTTP/1.1 200 OK
X-Powered-By: Express
Date: Thu, 25 Apr 2024 22:54:25 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 40

Hello from rentgenolog Node! Version 1.1

-363809647 | 2024-04-19T11:15:37.657173

9001 / tcp

HTTP/1.1 426 Upgrade Required
Content-Length: 16
Content-Type: text/plain
Date: Fri, 19 Apr 2024 11:15:37 GMT
Connection: keep-alive
Keep-Alive: timeout=5

Upgrade Required

84.38.183.213

Last Seen: 2024-04-27

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-158149353 | 2024-04-27T02:13:18.216338
80 / tcp

nginx1.18.0

991231821 | 2024-04-11T14:29:40.212521
123 / udp

919013895 | 2024-04-24T00:43:26.901688
443 / tcp

nginx1.18.0

-1135106403 | 2024-04-25T22:54:26.038666
9000 / tcp

-363809647 | 2024-04-19T11:15:37.657173
9001 / tcp

Products

Pricing

Contact Us

84.38.183.213

Last Seen: 2024-04-27

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-158149353 | 2024-04-27T02:13:18.216338 80 / tcp

nginx1.18.0

991231821 | 2024-04-11T14:29:40.212521 123 / udp

919013895 | 2024-04-24T00:43:26.901688 443 / tcp

nginx1.18.0

-1135106403 | 2024-04-25T22:54:26.038666 9000 / tcp

-363809647 | 2024-04-19T11:15:37.657173 9001 / tcp

Products

Pricing

Contact Us

-158149353 | 2024-04-27T02:13:18.216338
80 / tcp

991231821 | 2024-04-11T14:29:40.212521
123 / udp

919013895 | 2024-04-24T00:43:26.901688
443 / tcp

-1135106403 | 2024-04-25T22:54:26.038666
9000 / tcp

-363809647 | 2024-04-19T11:15:37.657173
9001 / tcp