GeneralInformation

Hostnames	amp.allboxing.ru amp.calend.ru amp.clickiocdn.com amp.dailystorm.ru amp.dgl.ru amp.jornada.com.mx amp.kolesa.ru amp.kopilka-kulinara.ru hosted-by.leaseweb.com amp.lvrach.ru amp.sardegnalive.net amp.shkolazhizni.ru
Domains	allboxing.ru calend.ru clickiocdn.com dailystorm.ru dgl.ru jornada.com.mx kolesa.ru kopilka-kulinara.ru leaseweb.com lvrach.ru sardegnalive.net shkolazhizni.ru
Country	Netherlands
City	Amsterdam
Organization	LeaseWeb Netherlands B.V.
ISP	LeaseWeb Netherlands B.V.
ASN	AS60781

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

22 80 443 873 9999

-1622650223 | 2024-04-26T20:31:03.579540

22 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDAVaQbvge6ctASfIYIypXn3jNbXxZD9GOJlOABaT85F45U
LVPc+ohpfVcJeHm6y/dGasIFrHlm1m1GgV/3GO7sgLQy6Y6IE1BwMuXkwdnBdtsfE6U99V3sSAdj
si6s4P3xmMfZNMN5efqNzuZWm8CoMR9/klmp8FbJNTDfCmRFbgGG3kbM3+/2doZGF9AvQODpMZdR
QbJb97nCqKz99V+YysgyAcKyRzqZlXM5qPyQX7XUSVzDFAKy4pI+aWsAQkUlFGY0mPUKMlH5cLe6
Ti6YU8DpLV4E8crf5cfMnXzv5oO7EoXXk0m3En5zaLqmGWY1f0N9OZ/rzGkAcsoB6I0h
Fingerprint: 56:1e:e9:f5:39:ae:88:42:61:56:e5:02:d4:ee:d3:23

Kex Algorithms:
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1836475360 | 2024-05-02T04:39:16.248404

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Thu, 02 May 2024 04:39:16 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

-1836475360 | 2024-05-13T02:30:28.437416

443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Mon, 13 May 2024 02:30:28 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:96:65:5b:4a:2e:fe:4e:77:69:7b:48:69:7a:2e:09:66:e2
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 25 08:04:49 2024 GMT
            Not After : Jun 23 08:04:48 2024 GMT
        Subject: CN=amp.clickiocdn.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:da:2a:c9:1e:d1:ba:f2:5e:8d:11:37:ef:21:f3:
                    1b:31:b8:23:0d:97:1e:89:6b:d9:8d:c6:bd:6c:63:
                    65:18:f3:5b:c1:6f:85:ca:0c:71:1a:df:f2:cf:27:
                    cb:8e:f4:fd:28:83:82:d3:7b:c5:94:2b:1f:ad:1b:
                    79:3a:34:8d:33
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                D3:E4:32:88:74:83:DC:D1:88:15:9E:80:51:22:7D:CC:09:2E:3C:17
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:amp.allboxing.ru, DNS:amp.calend.ru, DNS:amp.clickiocdn.com, DNS:amp.dailystorm.ru, DNS:amp.dgl.ru, DNS:amp.jornada.com.mx, DNS:amp.kolesa.ru, DNS:amp.kopilka-kulinara.ru, DNS:amp.lvrach.ru, DNS:amp.sardegnalive.net, DNS:amp.shkolazhizni.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 25 09:04:49.325 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2D:DD:D9:9D:4A:4D:E4:6F:0E:21:CF:3B:
                                CA:5D:C0:C3:47:9F:96:2F:92:8B:98:33:5D:4E:37:7E:
                                69:71:DC:18:02:21:00:E9:0D:75:B7:4A:CB:14:FD:97:
                                67:DF:CF:EE:80:CC:E7:6C:EF:5E:52:AB:AC:93:61:AE:
                                F7:90:DD:8B:72:89:96
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar 25 09:04:51.267 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A1:C0:A8:23:CC:FE:6D:23:B8:F0:2A:
                                CD:38:E5:AD:7E:4E:DA:FF:F2:ED:5A:CC:E6:A6:01:CC:
                                B9:4A:94:DF:A2:02:20:4C:10:70:06:58:63:B5:CA:72:
                                30:F2:AF:C4:0D:0C:D4:7E:5E:F2:CB:AE:56:FA:7F:77:
                                AD:10:DF:D2:00:7D:B2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        8d:67:a4:91:5e:d1:40:28:86:c1:47:93:43:75:7f:8c:32:eb:
        f1:9e:31:e7:95:94:ca:a3:eb:b4:51:e7:c3:4b:23:22:1e:5d:
        06:9a:92:e0:21:17:51:42:e6:cd:c2:bc:23:30:70:e3:1f:c5:
        8e:c6:e2:82:6f:41:ab:68:7e:18:94:e3:3d:2c:d2:bf:21:7a:
        0b:23:b2:2b:d1:ce:ae:ff:66:d6:e9:89:9e:a9:87:9e:54:96:
        62:fc:60:b7:aa:f2:53:4c:ef:83:9f:90:2d:90:d2:f2:41:da:
        93:aa:6e:f8:da:22:b8:ff:21:c6:80:5a:76:2b:d7:6d:d7:d4:
        0b:77:bb:77:47:4f:f0:d3:5a:19:2c:5b:4f:97:8c:89:f4:40:
        f6:c0:17:5d:27:c0:0f:98:a6:ac:46:af:e1:95:31:58:04:17:
        2f:a4:8a:36:9d:45:22:88:58:19:c2:45:0d:23:59:21:b1:ec:
        b8:2b:63:d3:2b:08:0e:4a:12:93:0a:fa:c4:31:e3:1e:eb:53:
        76:9b:4b:63:aa:48:26:ed:6f:b3:01:a9:32:6e:c1:ff:13:6e:
        ff:27:3f:51:95:d1:96:3d:20:15:66:a0:a4:04:45:c1:61:7d:
        1a:20:71:46:39:cd:6b:9e:29:2c:c7:93:fa:09:c6:e9:f5:dd:
        24:2c:90:46

-1971759260 | 2024-05-08T12:01:33.058578

873 / tcp

@RSYNCD: 31.0\nt              	t
pu             	t
retail.adlabs.ru	s
platform_static	platform_static
@RSYNCD: EXIT

-1836475360 | 2024-05-09T04:14:21.434967

9999 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Thu, 09 May 2024 04:14:21 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

95.211.66.35

Last Seen: 2024-05-13

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1622650223 | 2024-04-26T20:31:03.579540
22 / tcp

OpenSSH7.2p2 Ubuntu-4ubuntu2.8

-1836475360 | 2024-05-02T04:39:16.248404
80 / tcp

nginx1.20.1

-1836475360 | 2024-05-13T02:30:28.437416
443 / tcp

nginx1.20.1

-1971759260 | 2024-05-08T12:01:33.058578
873 / tcp

rsyncd31.0

-1836475360 | 2024-05-09T04:14:21.434967
9999 / tcp

nginx1.20.1

Products

Pricing

Contact Us

95.211.66.35

Last Seen: 2024-05-13

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1622650223 | 2024-04-26T20:31:03.579540 22 / tcp

OpenSSH7.2p2 Ubuntu-4ubuntu2.8

-1836475360 | 2024-05-02T04:39:16.248404 80 / tcp

nginx1.20.1

-1836475360 | 2024-05-13T02:30:28.437416 443 / tcp

nginx1.20.1

-1971759260 | 2024-05-08T12:01:33.058578 873 / tcp

rsyncd31.0

-1836475360 | 2024-05-09T04:14:21.434967 9999 / tcp

nginx1.20.1

Products

Pricing

Contact Us

-1622650223 | 2024-04-26T20:31:03.579540
22 / tcp

-1836475360 | 2024-05-02T04:39:16.248404
80 / tcp

-1836475360 | 2024-05-13T02:30:28.437416
443 / tcp

-1971759260 | 2024-05-08T12:01:33.058578
873 / tcp

-1836475360 | 2024-05-09T04:14:21.434967
9999 / tcp