GeneralInformation

Hostnames	v-avto.ru mail.v-avto.ru
Domains	v-avto.ru
Country	Russian Federation
City	Chelyabinsk
Organization	ChelTelecom Ltd.
ISP	JSC "ER-Telecom Holding"
ASN	AS41661

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 119 389 636 995 1701 9000 9191

841828983 | 2024-04-27T14:56:19.915145

80 / tcp

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Close
Content-Length: 5485
Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.kerio.com wss: ws: https: http: *.microsoft.com login.microsoftonline.com; img-src 'self' data: *.kerio.com;
Content-Type: text/html; charset=utf-8
Date: Sat, 27 Apr 2024 14:56:19 GMT
Expires: Wed, 4 Jun 1980 06:02:09 GMT
Pragma: no-cache
Server: WebServer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block

93918544 | 2024-04-16T21:03:43.187332

119 / tcp

200 NNTP server ready

-455162815 | 2024-04-23T19:05:11.932550

389 / tcp

LDAP:
  NamingContexts: fn=ContactRoot
  DefaultNamingContext: fn=ContactRoot
  SupportedControl:
    1.2.840.113556.1.4.319
    1.2.840.113556.1.4.473
    1.2.840.113556.1.4.474

-455162815 | 2024-05-04T16:42:04.441594

636 / tcp

LDAP:
  NamingContexts: fn=ContactRoot
  DefaultNamingContext: fn=ContactRoot
  SupportedControl:
    1.2.840.113556.1.4.319
    1.2.840.113556.1.4.473
    1.2.840.113556.1.4.474

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:5b:10:a4:58:23:ac:73:f4:c9:ec:61
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 DV TLS CA 2020
        Validity
            Not Before: Nov 10 09:57:36 2023 GMT
            Not After : Dec 11 09:57:35 2024 GMT
        Subject: CN=*.v-avto.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ee:ff:4c:29:60:8f:8b:40:ee:4d:e3:0c:d3:c5:
                    97:fc:8e:58:f8:9d:b8:76:60:99:b9:72:9a:0b:bc:
                    f6:f0:f3:6f:42:f7:fb:56:79:d0:8d:97:7c:77:6c:
                    ea:09:df:f3:b9:7e:f9:72:63:04:83:3d:96:7d:d2:
                    7a:fe:d3:ea:c3:ff:b2:91:9d:df:ea:85:c9:10:97:
                    e9:9d:74:ac:a7:3b:ed:0f:dc:97:15:08:7c:32:92:
                    71:75:0b:da:1b:57:a7:94:e5:69:86:29:01:87:c9:
                    48:6d:fa:78:9e:3d:ae:ca:a7:de:56:f5:cf:1e:7f:
                    52:d1:58:39:36:c8:22:de:52:97:92:f0:7b:2e:2a:
                    ad:aa:e1:b8:28:d0:e1:65:18:6d:79:6a:d3:92:6b:
                    fd:4c:67:ec:75:c0:57:6c:6d:fe:f4:bc:fd:c1:50:
                    da:e8:fe:35:ef:f2:2a:f8:04:c0:3d:6a:ed:f7:27:
                    a2:49:1e:ea:71:d9:ec:27:d2:05:dc:73:75:25:19:
                    95:0e:1f:62:df:37:3d:58:67:e6:a8:98:74:e3:58:
                    36:04:4e:3a:3b:66:c8:fd:5e:0d:eb:a1:90:67:c0:
                    04:b8:b1:1b:51:2e:77:1a:50:ab:17:ba:39:56:40:
                    92:70:9e:85:1c:31:bf:3e:2d:5f:88:76:65:d4:cd:
                    0a:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3dvtlsca2020.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3dvtlsca2020
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.10
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3dvtlsca2020.crl
            X509v3 Subject Alternative Name: 
                DNS:*.v-avto.ru, DNS:v-avto.ru
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                0D:98:C0:73:7F:AB:BD:BD:D9:47:4B:49:AD:0A:4A:0C:AC:3E:C7:7C
            X509v3 Subject Key Identifier: 
                1F:B0:E2:BB:21:64:B4:8C:19:A0:3E:21:47:F6:AC:08:41:0B:7C:85
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Nov 10 09:57:39.921 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:39:57:82:76:A6:88:50:7C:37:32:9B:08:
                                C3:D2:3D:31:4B:A3:56:21:EA:77:1E:80:E6:47:DD:E9:
                                DB:CF:6D:0C:02:20:24:BC:93:25:E5:EE:F8:63:ED:2A:
                                BE:F6:82:0F:32:54:94:9A:36:3B:A5:56:8F:F7:2C:2F:
                                52:2C:A3:0D:05:D9
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Nov 10 09:57:40.279 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:51:FD:3B:3D:EB:9B:18:EE:28:9F:A1:1B:
                                79:4A:32:0C:F7:49:79:D3:4C:16:72:7E:16:65:26:CB:
                                EC:93:50:D6:02:20:6F:4A:D8:0A:08:A4:7F:E6:4A:86:
                                22:9F:BF:30:1F:7F:76:DD:C0:23:6A:A6:4F:65:3B:0B:
                                BA:AC:A8:E8:35:92
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Nov 10 09:57:41.007 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FC:94:D0:FD:F9:11:20:09:64:15:FE:
                                5E:42:29:16:FE:E5:1A:60:DB:86:85:D7:32:04:84:B7:
                                3D:8A:DA:74:ED:02:21:00:EE:93:57:AB:C7:FC:03:35:
                                AB:84:CB:9D:6E:01:17:02:31:F9:5C:27:24:6F:3B:DE:
                                7C:36:61:B8:B8:DD:C5:D4
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        06:52:80:f0:21:d2:8f:2f:fe:c6:e5:48:d3:d0:bd:bb:08:c8:
        54:bf:84:7c:e7:96:9c:38:54:36:a6:be:61:04:7f:4e:89:3e:
        1f:c0:46:ce:bd:be:93:24:1b:3f:d6:8a:7f:68:3f:83:dc:34:
        eb:1a:c5:50:4d:c6:d9:36:65:45:fb:c5:7c:6c:5a:c2:9a:fa:
        94:2e:9e:54:8d:f8:c2:c1:7d:60:25:5d:b7:02:7f:d8:fb:1b:
        6b:47:69:75:62:88:3b:b6:3a:5b:8c:e5:7d:80:a2:68:a1:be:
        8f:09:22:a5:85:fc:2e:f9:a0:f8:ef:fa:ea:d4:84:93:83:63:
        3a:33:d5:07:cb:92:49:0d:87:c3:fe:51:a5:81:ba:a9:db:e5:
        fa:89:f5:c4:81:1d:bf:f4:dc:17:10:c0:f2:14:05:91:54:38:
        9e:b1:3e:45:ef:96:24:fb:f9:a2:68:8e:9e:d3:c4:a9:80:2b:
        6e:5e:68:43:56:c0:b6:3f:a6:b3:dd:37:b4:19:0d:f5:5c:25:
        09:b2:52:62:56:77:05:85:16:0c:90:ba:39:ff:02:68:17:73:
        61:18:42:b5:00:d3:9a:18:58:93:d7:65:2a:89:b7:1c:65:5b:
        6f:28:21:b1:e2:0f:07:54:db:e6:d6:09:7b:f5:77:b2:24:4c:
        67:4b:de:14

1802636423 | 2024-04-26T13:16:23.097566

995 / tcp

+OK POP3 server ready <265152.1714137363@mail.v-avto.ru>
+OK Capability list follows
SASL CRAM-MD5 PLAIN LOGIN DIGEST-MD5 NTLM
TOP
USER
UIDL
.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:5b:10:a4:58:23:ac:73:f4:c9:ec:61
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 DV TLS CA 2020
        Validity
            Not Before: Nov 10 09:57:36 2023 GMT
            Not After : Dec 11 09:57:35 2024 GMT
        Subject: CN=*.v-avto.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ee:ff:4c:29:60:8f:8b:40:ee:4d:e3:0c:d3:c5:
                    97:fc:8e:58:f8:9d:b8:76:60:99:b9:72:9a:0b:bc:
                    f6:f0:f3:6f:42:f7:fb:56:79:d0:8d:97:7c:77:6c:
                    ea:09:df:f3:b9:7e:f9:72:63:04:83:3d:96:7d:d2:
                    7a:fe:d3:ea:c3:ff:b2:91:9d:df:ea:85:c9:10:97:
                    e9:9d:74:ac:a7:3b:ed:0f:dc:97:15:08:7c:32:92:
                    71:75:0b:da:1b:57:a7:94:e5:69:86:29:01:87:c9:
                    48:6d:fa:78:9e:3d:ae:ca:a7:de:56:f5:cf:1e:7f:
                    52:d1:58:39:36:c8:22:de:52:97:92:f0:7b:2e:2a:
                    ad:aa:e1:b8:28:d0:e1:65:18:6d:79:6a:d3:92:6b:
                    fd:4c:67:ec:75:c0:57:6c:6d:fe:f4:bc:fd:c1:50:
                    da:e8:fe:35:ef:f2:2a:f8:04:c0:3d:6a:ed:f7:27:
                    a2:49:1e:ea:71:d9:ec:27:d2:05:dc:73:75:25:19:
                    95:0e:1f:62:df:37:3d:58:67:e6:a8:98:74:e3:58:
                    36:04:4e:3a:3b:66:c8:fd:5e:0d:eb:a1:90:67:c0:
                    04:b8:b1:1b:51:2e:77:1a:50:ab:17:ba:39:56:40:
                    92:70:9e:85:1c:31:bf:3e:2d:5f:88:76:65:d4:cd:
                    0a:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3dvtlsca2020.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3dvtlsca2020
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.10
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3dvtlsca2020.crl
            X509v3 Subject Alternative Name: 
                DNS:*.v-avto.ru, DNS:v-avto.ru
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                0D:98:C0:73:7F:AB:BD:BD:D9:47:4B:49:AD:0A:4A:0C:AC:3E:C7:7C
            X509v3 Subject Key Identifier: 
                1F:B0:E2:BB:21:64:B4:8C:19:A0:3E:21:47:F6:AC:08:41:0B:7C:85
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Nov 10 09:57:39.921 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:39:57:82:76:A6:88:50:7C:37:32:9B:08:
                                C3:D2:3D:31:4B:A3:56:21:EA:77:1E:80:E6:47:DD:E9:
                                DB:CF:6D:0C:02:20:24:BC:93:25:E5:EE:F8:63:ED:2A:
                                BE:F6:82:0F:32:54:94:9A:36:3B:A5:56:8F:F7:2C:2F:
                                52:2C:A3:0D:05:D9
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Nov 10 09:57:40.279 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:51:FD:3B:3D:EB:9B:18:EE:28:9F:A1:1B:
                                79:4A:32:0C:F7:49:79:D3:4C:16:72:7E:16:65:26:CB:
                                EC:93:50:D6:02:20:6F:4A:D8:0A:08:A4:7F:E6:4A:86:
                                22:9F:BF:30:1F:7F:76:DD:C0:23:6A:A6:4F:65:3B:0B:
                                BA:AC:A8:E8:35:92
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Nov 10 09:57:41.007 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FC:94:D0:FD:F9:11:20:09:64:15:FE:
                                5E:42:29:16:FE:E5:1A:60:DB:86:85:D7:32:04:84:B7:
                                3D:8A:DA:74:ED:02:21:00:EE:93:57:AB:C7:FC:03:35:
                                AB:84:CB:9D:6E:01:17:02:31:F9:5C:27:24:6F:3B:DE:
                                7C:36:61:B8:B8:DD:C5:D4
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        06:52:80:f0:21:d2:8f:2f:fe:c6:e5:48:d3:d0:bd:bb:08:c8:
        54:bf:84:7c:e7:96:9c:38:54:36:a6:be:61:04:7f:4e:89:3e:
        1f:c0:46:ce:bd:be:93:24:1b:3f:d6:8a:7f:68:3f:83:dc:34:
        eb:1a:c5:50:4d:c6:d9:36:65:45:fb:c5:7c:6c:5a:c2:9a:fa:
        94:2e:9e:54:8d:f8:c2:c1:7d:60:25:5d:b7:02:7f:d8:fb:1b:
        6b:47:69:75:62:88:3b:b6:3a:5b:8c:e5:7d:80:a2:68:a1:be:
        8f:09:22:a5:85:fc:2e:f9:a0:f8:ef:fa:ea:d4:84:93:83:63:
        3a:33:d5:07:cb:92:49:0d:87:c3:fe:51:a5:81:ba:a9:db:e5:
        fa:89:f5:c4:81:1d:bf:f4:dc:17:10:c0:f2:14:05:91:54:38:
        9e:b1:3e:45:ef:96:24:fb:f9:a2:68:8e:9e:d3:c4:a9:80:2b:
        6e:5e:68:43:56:c0:b6:3f:a6:b3:dd:37:b4:19:0d:f5:5c:25:
        09:b2:52:62:56:77:05:85:16:0c:90:ba:39:ff:02:68:17:73:
        61:18:42:b5:00:d3:9a:18:58:93:d7:65:2a:89:b7:1c:65:5b:
        6f:28:21:b1:e2:0f:07:54:db:e6:d6:09:7b:f5:77:b2:24:4c:
        67:4b:de:14

-2129060956 | 2024-04-22T23:53:41.577759

1701 / udp

\xc8\x02\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x01

-492476291 | 2024-05-04T01:55:48.907831

9000 / tcp

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 2637
Content-Type: text/html
Date: Sat, 04 May 2024 01:55:48 GMT
Server: Devline Linia Server

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
	<title>Devline</title> 
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta name="language" content="en" />
	<meta name="description" content="" />
	<meta name="keywords" content="" />	
	<script src="js/swfobject.js" type="text/javascript"></script>
	<script type="text/javascript">
        var ip = window.location.hostname;
        var port = window.location.port;
        if(port == "") {
            port = 80;
        }
        var quality = [30, 50, 80];// quality[low, medium, high]
        var constFPS = -1; //fps -1  - comboBox;  0 - 1fps;  1 - 6 fps; 2 - 12fps; 3 - max;
		var linkLanguagesFile = "/lang.json"; 	//link to lang.json - localization file
		var hideServerSettings = false; // hide servers settings
		var hideChangeUser = false; // hide change user
		var hideIpPort = false; //change user window hide ip and port info
		var hideCamerasMenu = false; //hide menu of cameras
		//set servers here
		var servers = [{nameServer:"server", //server name 
						host:ip,				//ip 
						port:port,				//port
						login:"web",				
						password

2128602611 | 2024-05-01T08:02:32.610295

9191 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0
Date: Wed, 01 May 2024 08:02:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 657
Connection: close

92.255.247.13

Last Seen: 2024-05-04

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

841828983 | 2024-04-27T14:56:19.915145
80 / tcp

93918544 | 2024-04-16T21:03:43.187332
119 / tcp

-455162815 | 2024-04-23T19:05:11.932550
389 / tcp

-455162815 | 2024-05-04T16:42:04.441594
636 / tcp

1802636423 | 2024-04-26T13:16:23.097566
995 / tcp

-2129060956 | 2024-04-22T23:53:41.577759
1701 / udp

-492476291 | 2024-05-04T01:55:48.907831
9000 / tcp

2128602611 | 2024-05-01T08:02:32.610295
9191 / tcp

nginx1.18.0

Products

Pricing

Contact Us

92.255.247.13

Last Seen: 2024-05-04

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

841828983 | 2024-04-27T14:56:19.915145 80 / tcp

93918544 | 2024-04-16T21:03:43.187332 119 / tcp

-455162815 | 2024-04-23T19:05:11.932550 389 / tcp

-455162815 | 2024-05-04T16:42:04.441594 636 / tcp

1802636423 | 2024-04-26T13:16:23.097566 995 / tcp

-2129060956 | 2024-04-22T23:53:41.577759 1701 / udp

-492476291 | 2024-05-04T01:55:48.907831 9000 / tcp

2128602611 | 2024-05-01T08:02:32.610295 9191 / tcp

nginx1.18.0

Products

Pricing

Contact Us

841828983 | 2024-04-27T14:56:19.915145
80 / tcp

93918544 | 2024-04-16T21:03:43.187332
119 / tcp

-455162815 | 2024-04-23T19:05:11.932550
389 / tcp

-455162815 | 2024-05-04T16:42:04.441594
636 / tcp

1802636423 | 2024-04-26T13:16:23.097566
995 / tcp

-2129060956 | 2024-04-22T23:53:41.577759
1701 / udp

-492476291 | 2024-05-04T01:55:48.907831
9000 / tcp

2128602611 | 2024-05-01T08:02:32.610295
9191 / tcp