GeneralInformation

Hostnames	march8.dobroagency.ru
Domains	dobroagency.ru
Country	Russian Federation
City	Saint Petersburg
Organization	Selectel Network
ISP	JSC Selectel
ASN	AS49505

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

21 22 123 443 3306 6379 7777 8080 33060

21 / tcp

627838022 | 2025-02-03T08:17:59.219100

220 ProFTPD Server (clients.dobroagency.ru) [::ffff:5.188.118.83]
530 Некорректные данные аутентификации.
214-Следующие команды были распознаны (* => не реализовано):
214-CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
214-EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
214-XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
214-NOOP    FEAT    OPTS    HOST    CLNT    AUTH*   CCC*    CONF*   
214-ENC*    MIC*    PBSZ*   PROT*   TYPE    STRU    MODE    RETR    
214-STOR    STOU    APPE    REST    ABOR    USER    PASS    ACCT*   
214-REIN*   LIST    NLST    STAT    SITE    MLSD    MLST    
214 Прямой комментарий для root@Planck
211-Features:
211-CLNT
211-EPRT
211-EPSV
211-HOST
211-LANG en-US.UTF-8;en-US;ru-RU.UTF-8*;ru-RU
211-MDTM
211-MFF modify;UNIX.group;UNIX.mode;
211-MFMT
211-MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
211-REST STREAM
211-SITE COPY
211-SITE MKDIR
211-SITE RMDIR
211-SITE SYMLINK
211-SITE UTIME
211-SIZE
211-TVFS
211-UTF8
211 Конец

22 / tcp

-394064290 | 2025-02-04T00:38:30.736450

SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u4
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDWEJtAL4lU4ZHPvWfl7iLNbwTi/0l+TQ75Ud+IGsWKPffF
3I3cil38mcPCyd+3T1CjEpzv+AsYQ16znGzwT8oBIZ7B8vijrnF3gOBtu/Amus17Argtfv6LpcK9
48ZmEU1a1o/5oPALCi+r14LjQNfl6ud2W58a7vAcvSdmFqCG5mmGep58UbFMf2rYoB5QpqCg10Wv
jkXjxB8XuZSVkDksnq6zmmYPT90jJRw6gS5KTrEIydnv6UqAb320Stc8RqAOi+eB87u7q4MRA6Ld
uwn9Hqq/GddcdMt1gNw0ZF9Gxbv719cKDntip0wIkstjgjtEqL+1OX+JKcwMTPrtp6vT
Fingerprint: ca:21:c4:83:c0:26:db:bf:56:f2:56:1c:a8:f3:27:8d

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

123 / udp

970342552 | 2025-01-28T10:02:39.693407

NTP
protocolversion: 3
stratum: 4
leap: 0
precision: -23
rootdelay: 0.0130004882812
rootdisp: 0.0400848388672
refid: 1306489467
reftime: 3947045748.32
poll: 3

443 / tcp

1942135465 | 2025-01-30T12:12:19.703474

Hashes

hash

-254921270

http.dom_hash

-449488089

http.favicon.hash

698548139

http.html_hash

1942135465

http.robots_hash

778604375

http.server_hash

390592471

Есть DOBRO - есть идея для 8 марта

HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Thu, 30 Jan 2025 12:12:19 GMT
Content-Type: text/html
Content-Length: 1301
Last-Modified: Tue, 07 Mar 2023 15:22:42 GMT
Connection: keep-alive
ETag: "640756c2-515"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:87:3e:53:a2:98:34:c2:53:b2:b8:4d:77:5d:28:47:9f:ce
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Dec 26 20:07:20 2024 GMT
            Not After : Mar 26 20:07:19 2025 GMT
        Subject: CN=march8.dobroagency.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c6:0c:49:0b:3c:5f:6e:48:ca:1b:be:22:a9:98:
                    60:80:e2:11:fc:ca:b6:d9:94:5f:ce:ce:9d:9e:03:
                    ed:a5:79:0c:26:69:e1:8b:cb:18:91:9a:38:36:5f:
                    ea:98:37:5a:34:71:ba:30:76:3d:b8:a0:66:4f:8e:
                    b2:1d:69:65:eb:a4:9c:21:7c:c7:1b:0f:bb:a6:4e:
                    56:7b:53:23:05:30:6f:af:40:ae:c1:47:80:11:71:
                    76:6f:c0:df:45:6a:31:92:d8:56:8d:0d:2e:cf:da:
                    fe:f7:27:92:64:1c:c2:6e:9f:ac:5e:a1:a4:3f:bb:
                    49:45:7a:5d:1a:7d:ef:44:df:53:07:0f:b7:cf:ef:
                    5a:a3:f6:9f:83:04:73:31:35:00:64:4e:2b:76:b5:
                    76:6f:0d:be:7d:1b:3e:5b:01:7f:fa:aa:a6:26:7f:
                    45:a4:09:8b:ac:3b:b7:aa:96:2d:45:f3:a5:69:4b:
                    da:14:fd:b4:51:12:70:80:e8:75:6e:af:cb:d8:fc:
                    eb:f1:c7:94:77:39:55:18:c9:4b:87:e6:32:24:03:
                    88:80:50:bc:3a:da:8d:3b:9c:88:ce:76:86:e4:b7:
                    ba:2c:e5:1c:57:b0:46:19:db:e1:6d:69:fb:d4:4d:
                    37:21:14:5f:c9:f6:d6:79:12:f1:51:03:33:b4:bc:
                    01:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                2E:AC:78:00:3F:6B:82:89:AA:1A:D7:39:1F:E3:36:EC:E8:ED:D3:D2
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:march8.dobroagency.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Dec 26 21:05:50.456 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6D:8A:3B:16:C0:BD:D9:AA:15:2A:A5:46:
                                36:89:47:AE:72:15:70:8A:26:6A:66:4F:42:14:BA:51:
                                6C:55:82:96:02:21:00:A2:13:15:F2:67:AA:C8:48:73:
                                4E:2F:84:03:1C:B6:95:32:02:24:7E:AD:4E:53:5D:B9:
                                60:10:EC:4E:BF:45:58
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
                                0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
                    Timestamp : Dec 26 21:05:50.505 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:AD:46:A0:6E:D4:16:51:73:70:54:08:
                                84:66:82:C0:A2:02:E8:BD:8E:7A:6D:BA:31:98:39:30:
                                14:14:25:F5:96:02:21:00:AF:FF:A9:6D:D8:FC:26:47:
                                4E:70:DC:B8:16:B4:BD:BE:94:F1:B1:93:F9:97:0C:54:
                                C5:B9:B9:AD:BB:22:D7:46
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        00:c8:31:92:06:15:7e:2b:9f:db:00:6a:ba:59:b9:dc:42:23:
        bb:de:a6:ef:97:e7:f1:4e:2d:57:1b:43:da:af:7b:7a:2c:cb:
        3c:b6:e2:b6:c5:70:e9:85:a0:62:ed:53:26:1d:de:9c:da:7e:
        ad:4c:dd:39:c9:86:f1:f1:b7:83:de:7b:64:dc:b5:8e:46:0e:
        bc:be:56:70:c0:70:e3:1d:aa:bf:74:4b:a5:36:54:53:32:48:
        4e:5a:db:c9:f5:19:fe:14:9f:18:a7:1d:8a:7e:cc:91:da:d6:
        b1:d4:8d:89:a5:4c:3b:12:ae:f4:d9:b1:43:b2:ba:34:70:22:
        18:58:53:c6:a7:e2:0f:3f:0b:c9:99:25:12:3b:71:b1:a3:56:
        67:70:30:74:31:15:e1:f5:12:89:28:9f:ad:c3:7a:92:af:cc:
        b4:c8:84:24:40:10:92:1d:83:b0:65:a7:fb:ab:ff:71:aa:b6:
        5c:1a:00:f2:d9:e0:84:50:77:48:28:18:e5:bc:66:a0:d2:ad:
        3d:2f:bd:de:7a:58:5c:71:4b:0c:af:0c:89:e5:fb:07:ed:b7:
        42:26:78:5e:4e:55:c6:de:96:7f:88:16:65:9e:01:14:ae:a5:
        6e:f2:1a:eb:8f:23:fa:f8:97:75:96:22:50:0f:32:e0:e0:3c:
        ff:a2:53:7d

CVE-2023-44487 CVE-2021-23017 CVE-2021-3618 CVE-2019-9516 CVE-2019-9513 3 moreCVE-2019-9511 CVE-2018-16845 CVE-2019-20372

3306 / tcp

923442282 | 2025-01-26T14:34:05.124668

MySQL:
  Error Message: Host '224.228.165.8' is not allowed to connect to this MySQL server
  Error Code: 1130

6379 / tcp

-1927723706 | 2025-02-06T19:38:52.014764

-NOAUTH Authentication required.

7777 / tcp

-1066691056 | 2025-01-18T21:32:27.703671

Hashes

hash

-688411913

http.dom_hash

455661561

http.html_hash

-1066691056

http.server_hash

-984292577

http.title_hash

324767378

DisallowedHost at /

HTTP/1.1 400 Bad Request
Server: gunicorn
Date: Sat, 18 Jan 2025 21:32:27 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Vary: origin
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin

8080 / tcp

-941707179 | 2025-01-31T08:03:43.479898

Hashes

hash

-816607888

http.dom_hash

-1991180783

http.html_hash

-941707179

http.server_hash

2011486879

http.title_hash

1998919690

Page not found at /

HTTP/1.1 404 Not Found
Server: gunicorn/20.0.4
Date: Fri, 31 Jan 2025 08:03:43 GMT
Connection: close
Content-Type: text/html; charset=utf-8
X-Frame-Options: DENY
Content-Length: 2163
Vary: Origin
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin

33060 / tcp

-795948505 | 2025-01-24T04:54:40.978807

MySQL X Protocol:
  tls: False
  authentication.mechanisms:
    MYSQL41
    SHA256_MEMORY
  doc.formats: text
  client.interactive: False
  compression:
    algorithm:
      deflate_stream
      lz4_message
      zstd_stream
  node_type: mysql
  client.pwd_expire_ok: False

5.188.118.83

Last Seen: 2025-02-06

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

21 / tcp

627838022 | 2025-02-03T08:17:59.219100

22 / tcp

-394064290 | 2025-02-04T00:38:30.736450

OpenSSH7.9p1 Debian 10+deb10u4

123 / udp

970342552 | 2025-01-28T10:02:39.693407

443 / tcp

1942135465 | 2025-01-30T12:12:19.703474

Hashes

nginx1.14.2

3306 / tcp

923442282 | 2025-01-26T14:34:05.124668

MySQL

6379 / tcp

-1927723706 | 2025-02-06T19:38:52.014764

Redis key-value store

7777 / tcp

-1066691056 | 2025-01-18T21:32:27.703671

Hashes

8080 / tcp

-941707179 | 2025-01-31T08:03:43.479898

Hashes

33060 / tcp

-795948505 | 2025-01-24T04:54:40.978807

MySQL X Protocol

Products

Pricing

Contact Us

5.188.118.83

Last Seen: 2025-02-06

Tags:

GeneralInformation

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

21 / tcp 627838022 | 2025-02-03T08:17:59.219100

22 / tcp -394064290 | 2025-02-04T00:38:30.736450

OpenSSH7.9p1 Debian 10+deb10u4

123 / udp 970342552 | 2025-01-28T10:02:39.693407

443 / tcp 1942135465 | 2025-01-30T12:12:19.703474

Hashes

nginx1.14.2

3306 / tcp 923442282 | 2025-01-26T14:34:05.124668

MySQL

6379 / tcp -1927723706 | 2025-02-06T19:38:52.014764

Redis key-value store

7777 / tcp -1066691056 | 2025-01-18T21:32:27.703671

Hashes

8080 / tcp -941707179 | 2025-01-31T08:03:43.479898

Hashes

33060 / tcp -795948505 | 2025-01-24T04:54:40.978807

MySQL X Protocol

Products

Pricing

Contact Us

Vulnerabilities

21 / tcp

627838022 | 2025-02-03T08:17:59.219100

22 / tcp

-394064290 | 2025-02-04T00:38:30.736450

123 / udp

970342552 | 2025-01-28T10:02:39.693407

443 / tcp

1942135465 | 2025-01-30T12:12:19.703474

3306 / tcp

923442282 | 2025-01-26T14:34:05.124668

6379 / tcp

-1927723706 | 2025-02-06T19:38:52.014764

7777 / tcp

-1066691056 | 2025-01-18T21:32:27.703671

8080 / tcp

-941707179 | 2025-01-31T08:03:43.479898

33060 / tcp

-795948505 | 2025-01-24T04:54:40.978807