GeneralInformation

Hostnames	burdamedia.pl kreacja.burdamedia.pl
Domains	burdamedia.pl
Country	Poland
City	Warsaw
Organization	Burda Publishing Polska Sp. z o.o.
ISP	P4 Sp. z o.o.
ASN	AS31242

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

80 443

-1812490505 | 2024-04-28T06:02:40.613812

80 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.16.1
Date: Sun, 28 Apr 2024 06:02:40 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

-1812490505 | 2024-05-07T18:43:18.223131

443 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.16.1
Date: Tue, 07 May 2024 18:43:18 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:dd:cb:3e:a1:9d:5a:25:7a:bf:fc:9b:8c:62:32:16
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Domain Validation CA SHA2
        Validity
            Not Before: Jun 21 13:46:01 2023 GMT
            Not After : Jun 20 13:46:00 2024 GMT
        Subject: CN=*.burdamedia.pl
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a3:f8:23:41:19:02:40:17:6b:0b:e4:26:03:48:
                    11:b2:ae:71:d6:18:29:41:00:6a:2f:9f:bd:71:98:
                    cc:66:5d:ab:94:74:a1:8b:5f:be:54:8f:e8:0e:34:
                    83:e6:14:10:fa:06:56:55:04:12:1b:81:03:df:68:
                    57:f6:58:c4:72:c5:bd:21:4b:45:ee:52:28:8b:da:
                    f2:5d:54:f5:70:03:fc:f1:bf:82:00:18:23:39:56:
                    a8:fe:45:7b:82:4e:e7:e4:7b:ef:fc:40:3c:9c:5a:
                    15:3f:9a:28:a1:e7:0e:30:64:c6:8d:da:86:4e:50:
                    1a:a1:27:63:36:86:51:bf:85:e7:04:d5:09:32:e5:
                    55:00:9a:82:14:db:a6:e0:38:0b:dc:82:55:84:21:
                    16:7d:e5:23:d6:eb:44:c4:1e:10:c3:bf:35:8c:5f:
                    7a:63:42:4b:b1:b9:41:50:f1:d7:fb:cb:ee:1d:1c:
                    02:7e:30:8d:04:a5:e1:84:53:47:d8:0c:71:7e:5c:
                    83:9d:93:ae:dd:29:15:18:05:e5:67:42:5e:d7:c6:
                    b4:dc:44:db:25:0d:5d:50:1f:ca:5e:7e:f6:90:91:
                    b4:d4:0c:4e:f5:11:3c:e9:17:5b:5a:cf:40:98:86:
                    93:36:19:8a:8c:91:40:7c:56:55:7c:8f:dc:08:19:
                    a3:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.certum.pl/dvcasha2.crl
            Authority Information Access: 
                OCSP - URI:http://dvcasha2.ocsp-certum.com
                CA Issuers - URI:http://repository.certum.pl/dvcasha2.cer
            X509v3 Authority Key Identifier: 
                E5:31:AD:BF:3A:11:96:F4:83:BC:50:3C:D4:B7:90:9B:90:EE:DE:25
            X509v3 Subject Key Identifier: 
                4A:70:29:1A:98:F0:2B:A8:2B:05:A8:74:E2:8C:93:1A:0E:0B:6C:85
            X509v3 Issuer Alternative Name: 
                email:dvcasha2@certum.pl
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.2.616.1.113527.2.5.1.3
                  CPS: https://www.certum.pl/CPS
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Subject Alternative Name: 
                DNS:*.burdamedia.pl, DNS:burdamedia.pl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Jun 21 13:46:03.017 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:8D:23:9E:71:8E:86:C3:ED:EB:E5:10:
                                B0:75:92:B5:6D:9C:E0:01:EC:75:CA:FC:8C:32:02:D0:
                                DD:CB:74:2C:28:02:20:26:1E:EF:63:AD:DB:25:AC:24:
                                E6:9A:C5:6F:01:C7:E6:BE:A3:76:FC:2C:F8:A2:ED:41:
                                2D:F0:ED:C8:98:5D:F2
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Jun 21 13:46:03.040 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:DD:67:FA:4E:75:8E:77:2B:C7:AD:E9:
                                15:25:09:AD:09:C2:3B:42:83:42:61:73:4E:66:CD:E5:
                                73:DC:A9:BE:8F:02:21:00:E1:32:B0:7E:07:4A:4E:0C:
                                00:5A:7D:8B:6A:54:EC:F0:93:02:4A:3B:91:B0:96:0C:
                                95:41:68:96:01:98:DF:4E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Jun 21 13:46:03.721 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2D:4D:84:3F:BC:49:BF:6E:B6:9F:0E:00:
                                BC:CD:03:5B:70:F9:FD:48:A4:9C:3E:76:F8:7E:0A:2A:
                                88:0A:6F:DF:02:21:00:C5:09:11:B3:0A:73:36:17:30:
                                BB:EA:CF:93:06:A0:F7:87:C2:F9:4E:85:4F:49:6C:7E:
                                75:7F:F3:A5:82:A2:00
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        04:25:ab:a3:0d:1a:7a:79:3d:fd:8c:74:6c:ef:f6:75:b5:ef:
        12:27:3a:87:85:1f:fc:89:49:2d:e4:fb:2b:39:7a:b5:14:6f:
        68:d7:99:8d:45:b7:52:5f:c7:30:2e:26:66:53:30:59:1d:15:
        26:3b:62:3d:2c:d9:1c:d2:f5:79:a2:85:f7:37:62:4a:82:a8:
        ae:ce:eb:e4:26:03:5a:72:1d:cf:3b:2b:27:32:a7:88:b8:39:
        7c:49:c2:ca:92:f3:cf:a8:fa:fe:64:ae:ad:93:90:a6:4e:e2:
        f8:7e:41:fd:41:c2:51:3c:73:04:37:c6:87:f0:e1:6a:7f:e5:
        b9:7f:12:16:35:35:bf:aa:4a:24:28:31:e5:7a:c4:7b:9d:2d:
        ff:dc:8e:a9:5a:f9:12:d2:0c:6a:bb:63:8c:00:a3:3f:c9:21:
        4a:93:54:a1:2a:22:96:83:20:69:e1:5e:da:84:5e:f5:cc:9a:
        7c:f6:90:07:b9:67:c4:12:aa:a6:7b:48:e8:b7:f3:35:8d:37:
        1a:83:58:6e:ad:e7:86:5d:cc:16:21:f5:e7:65:6a:df:ce:56:
        f4:17:54:fa:95:4b:12:40:05:4e:51:d3:e0:4b:cc:38:5f:b6:
        c7:54:5c:2d:78:6b:47:fe:b6:fe:8c:d2:33:1f:ce:68:59:88:
        89:26:eb:ce

91.208.189.70

Last Seen: 2024-05-07

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1812490505 | 2024-04-28T06:02:40.613812
80 / tcp

nginx1.16.1

-1812490505 | 2024-05-07T18:43:18.223131
443 / tcp

nginx1.16.1

Products

Pricing

Contact Us

91.208.189.70

Last Seen: 2024-05-07

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1812490505 | 2024-04-28T06:02:40.613812 80 / tcp

nginx1.16.1

-1812490505 | 2024-05-07T18:43:18.223131 443 / tcp

nginx1.16.1

Products

Pricing

Contact Us

-1812490505 | 2024-04-28T06:02:40.613812
80 / tcp

-1812490505 | 2024-05-07T18:43:18.223131
443 / tcp