GeneralInformation

Hostnames	u7694.col.agava.net app.zapmagazin.ru
Domains	agava.net zapmagazin.ru
Country	Russian Federation
City	Moscow
Organization	Reg.Ru Hosting
ISP	"Domain names registrar REG.RU", Ltd
ASN	AS197695

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443

-1725574243 | 2024-04-26T06:34:11.573640

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDUo1NERySMwWLN/pp0bHWc03VpO11N56xFkL+L9uti1Go5
781mHNWf3z98ynKw+ms8OFeuMFOh3TCI/toTeg8wHRUu29nfShmiCY6JNGoAX/aMU0c8uQXiZHXv
pCa+NwvhEk8itjz0amBwXX0whZCf+Qzqt4/zKPAF6RMfwSpOWQ30rVD9QwcggSEkFmaDqQu79PrE
aXs6c7y1lkbZwjJSPglE4EtuiBXz3fNRvVGhbiS3M1O/eFIIalRTpO2RkfFiCUAO/2GrpGOt/qrp
H4SBXRMGbXU/mgKctayAPNMBc4kw1+tzonm42JuD+98QuIlFX/91R5eFs1SQ9+KdP8ehRbWh/oMV
jFAcgtJPTczYSLjRrOaadw7xbjTx2apdTRyxfcmFC9/q6TcH8S0U1H/ISzjDuEtwytmMAY1OU4Kw
oajI8ZzQE27FmL6dQVPIZFWv6g9K6myi+k+3LcuQg5iNa53RU2pIqKJG2Dx22gb4I9+gjNHEQ7Jb
IIFfWB7ncrs=
Fingerprint: 94:f3:f3:bf:4f:b3:10:76:1f:b0:f0:86:86:05:59:7e

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1489525118 | 2024-04-24T07:52:43.406571

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 24 Apr 2024 07:52:43 GMT
Content-Type: text/html; charset=us-ascii
Content-Length: 315
Connection: keep-alive

703707298 | 2024-04-25T14:02:34.000963

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 25 Apr 2024 14:02:33 GMT
Content-Type: text/html
Content-Length: 703
Connection: keep-alive
Last-Modified: Thu, 09 Feb 2023 09:03:06 GMT
Accept-Ranges: bytes
ETag: "aee9c452653cd91:0"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:54:98:44:ca:88:09:81:5e:2e:7c:2e:7a:69:3c:80:d8:80
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar  5 20:58:40 2024 GMT
            Not After : Jun  3 20:58:39 2024 GMT
        Subject: CN=app.zapmagazin.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:aa:34:11:ac:5d:08:b1:31:07:79:fe:9d:75:19:
                    f3:7f:a3:e7:c3:4f:e0:5c:12:d5:57:4b:52:ff:d2:
                    0d:ef:39:6a:f0:4e:4f:a7:50:5d:d9:59:77:a1:18:
                    f2:c2:57:68:d4:00:6d:46:78:9a:db:07:97:b5:cd:
                    76:2c:10:a2:92:79:a0:9a:75:a2:78:02:6c:cb:f6:
                    e2:d4:7c:43:36:57:f4:dd:27:63:0e:db:ff:b0:38:
                    e5:3f:fa:57:54:2b:7b:20:74:75:db:72:fe:bf:a5:
                    ce:83:52:db:02:8f:1e:64:ca:99:7b:2f:2d:f3:54:
                    5d:9a:64:ad:b2:18:2e:d2:70:24:8f:16:fd:e8:2d:
                    a0:8f:d3:06:30:40:65:2f:73:f0:85:6f:e9:11:67:
                    56:bd:9f:41:0e:30:81:c9:31:d1:f4:cd:85:d4:df:
                    53:f1:4b:3b:2d:0b:ec:08:f6:ce:df:1f:75:33:ab:
                    84:3f:68:d7:f1:a6:4e:13:e3:a2:b0:ad:16:13:15:
                    00:7e:45:12:6c:ba:de:53:1f:13:0c:77:cd:fc:0f:
                    b2:54:6c:cc:e1:8e:43:42:13:67:56:4a:b5:60:9a:
                    23:be:2f:01:2e:a7:e1:aa:eb:bc:7b:e5:c9:94:e4:
                    f1:4b:8d:6e:1e:cf:be:da:43:d3:4b:79:ef:ee:96:
                    5e:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                50:15:E8:B4:CC:43:25:B8:7E:F2:E9:94:B0:9D:F1:2A:91:B9:08:86
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:app.zapmagazin.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar  5 21:58:40.144 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A9:25:BF:1B:40:4A:F8:FC:BD:AA:69:
                                3A:15:85:53:89:80:60:35:B3:66:96:5B:7D:1E:2A:D3:
                                91:A1:E2:EB:AB:02:20:0E:6A:04:49:FE:ED:D6:77:1D:
                                F6:56:6A:16:B2:EF:0A:A3:00:06:B9:2E:EE:86:92:4B:
                                A8:75:9B:BC:2E:0C:42
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar  5 21:58:40.145 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:87:82:43:4E:FB:3E:D0:80:71:0B:50:
                                04:7D:A5:3B:73:07:02:74:96:B5:D7:96:7E:22:96:67:
                                05:07:96:50:87:02:21:00:E1:0F:C4:F7:D0:49:7F:BF:
                                FB:19:89:DC:48:41:36:C7:1F:53:53:91:F8:82:74:BE:
                                A5:D6:4B:E7:11:46:57:C4
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        90:7a:01:5c:fa:99:1a:57:1f:f3:8a:ee:9d:c8:9b:41:b8:c2:
        1a:6f:de:a6:9f:ff:12:fc:10:7f:f2:2a:c4:bd:aa:bd:b2:9b:
        04:a1:ff:8c:29:7d:ee:27:26:96:15:4a:41:ba:89:64:fc:61:
        0a:bd:62:1d:40:b8:2b:ab:e0:0a:36:e1:95:97:d2:8d:c0:83:
        f9:c7:2f:9c:89:e2:04:6d:34:29:b1:41:57:1d:30:74:d6:72:
        62:c9:bc:89:bb:d5:bf:b7:fd:27:da:b2:60:d9:41:45:d3:8e:
        58:92:69:83:00:f4:9a:30:fe:4b:25:0d:b1:cd:64:c8:b7:35:
        e8:4d:e3:26:5b:29:41:b0:fa:4b:b7:a7:5b:2c:fa:fb:62:55:
        71:f7:5d:dc:da:4d:db:a4:87:2c:45:10:f3:10:29:87:97:e6:
        87:da:71:c3:79:61:1f:ec:e5:78:32:ff:20:da:79:40:56:07:
        5b:fe:45:8d:12:df:dd:5f:b5:b5:e5:8e:6e:ce:79:e9:17:d5:
        39:7f:15:e7:aa:4e:c4:66:1c:6d:50:4f:c4:bc:30:91:93:33:
        4e:85:a3:99:21:ae:c2:f9:70:a0:37:d6:53:9f:f1:c4:b1:bb:
        bc:ed:17:a0:88:cb:12:67:f2:89:2d:8c:9b:ae:e3:65:8c:fc:
        51:93:a9:d2

89.108.108.136

Last Seen: 2024-04-26

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1725574243 | 2024-04-26T06:34:11.573640
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1489525118 | 2024-04-24T07:52:43.406571
80 / tcp

nginx1.18.0

703707298 | 2024-04-25T14:02:34.000963
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

89.108.108.136

Last Seen: 2024-04-26

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1725574243 | 2024-04-26T06:34:11.573640 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1489525118 | 2024-04-24T07:52:43.406571 80 / tcp

nginx1.18.0

703707298 | 2024-04-25T14:02:34.000963 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-1725574243 | 2024-04-26T06:34:11.573640
22 / tcp

1489525118 | 2024-04-24T07:52:43.406571
80 / tcp

703707298 | 2024-04-25T14:02:34.000963
443 / tcp