GeneralInformation

Hostnames	87.135.154.104.bc.googleusercontent.com dev.statecoverage.improveourcredit.com
Domains	googleusercontent.com improveourcredit.com
Cloud Provider	Google
Cloud Region	us-central1
Country	United States
City	Council Bluffs
Organization	Google LLC
ISP	Google LLC
ASN	AS396982

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 4000 4500 5000 8010

1272368300 | 2024-06-01T11:51:08.363640

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQCcxvv97L7kfizaYGIHDot9ZtSH6eC9SvRAG5GIiwAoPqCS
qW8zxiyGvF5UYnPeGl8KuHrXA5XSBgK2WkOzob2G2ydsv8YoLjuCLLK+BjuKUtuK5EgCbPzvtBYz
k08qVZG32DC1czsB5zy10o7ZObOazKYRdNZBMqnWPke/QssNvEIKM7Sqpn3LaAGb9o5481znL23w
L+CxXp9oHRbHb+gqbqLbyGWYET+zI2TiKoFEpKW02aazBtokngh/85vCWyWTQ2OGAOay2RBUkFwJ
AdH2mAG/sJyChkmpKVAx3ab5/pimnyd7q+Fjrnkoucmlkhg5z/3YcEXQ4esLAsNomNjryrVBePrz
lCSt8OU99WJfgdNvwrzjZwhN4w7qMaSlro803mvvQHkxeA9a5p4bZjZLhor89Gt5UUoHdxNanWtM
/EnBpCs/xBBiXGr+bydom+WeR4pV//3sppZiz7ZyqJcrRcRT9CMtfsS4bLMo0Bzo43fuUxaiCqPh
J9zocsoVGUM=
Fingerprint: e0:60:ca:52:6e:c2:fc:57:b6:bb:fd:9e:85:a3:9e:db

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1655433945 | 2024-05-24T15:15:49.567525

80 / tcp

HTTP/1.1 401 Unauthorized
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 24 May 2024 15:15:44 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 43
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2b-hGShxOkieaAVDloBubJVM+h58D8"

2076426072 | 2024-05-31T04:01:00.984038

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 May 2024 04:01:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 20
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ETag: W/"14-HIFzQYNXlxTVkwQaF6y+WEHxgiQ"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:1f:2b:35:64:fe:cd:f4:80:4f:83:9a:db:71:6f:13:18:a1
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 20 13:36:09 2024 GMT
            Not After : Jul 19 13:36:08 2024 GMT
        Subject: CN=dev.statecoverage.improveourcredit.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b9:d7:9d:d8:8f:8b:9f:66:9c:f4:ec:a3:32:dc:
                    15:d6:61:20:0f:52:4d:6a:d1:b6:f5:0a:b8:81:52:
                    48:d0:fa:67:44:b7:be:02:5a:97:7d:f8:e6:f5:1a:
                    7e:c4:29:20:59:aa:8b:4f:6c:30:fa:f4:89:a6:fc:
                    c5:e3:3b:bd:aa:ec:35:5b:c8:0a:06:80:b5:ef:76:
                    09:b6:a3:15:65:85:7a:09:04:38:ff:92:05:65:de:
                    da:ee:b0:30:25:c9:c4:80:11:ff:d5:5b:09:9b:f3:
                    b5:a8:4b:12:e1:89:c2:94:bf:18:df:30:34:c5:85:
                    b2:fa:db:88:d6:ad:ec:63:9c:34:75:06:60:cf:dd:
                    a5:60:b9:3e:d7:48:7c:35:05:0d:00:86:1b:bf:44:
                    73:9a:e9:59:ce:11:93:21:95:78:1b:70:1f:13:0a:
                    98:0d:83:75:18:33:dd:a0:53:cc:5f:ab:76:47:f1:
                    dd:f6:62:41:bb:75:24:37:dd:24:ab:c7:1f:d5:5f:
                    05:65:cc:d2:4e:79:05:a5:0b:38:f6:5d:ad:b0:03:
                    d8:28:b7:51:19:82:8d:24:5d:17:14:65:14:c2:37:
                    b6:02:6e:91:7c:17:09:28:c4:72:0f:09:47:97:5f:
                    98:b1:8b:c2:44:e7:71:55:60:f0:65:1e:70:5b:9e:
                    fb:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:22:CC:B1:46:1B:D3:4A:D6:D6:E0:78:3D:0C:7C:F3:13:C0:6D:35
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:dev.statecoverage.improveourcredit.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr 20 14:36:09.575 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:46:6C:4D:3D:4D:D3:C1:1D:FF:2B:C1:6E:
                                AE:C9:AC:18:58:A4:99:70:9A:63:8B:74:E9:32:80:2A:
                                7E:67:DE:F6:02:20:7D:57:3E:23:E6:79:C5:4A:F6:75:
                                55:A1:30:9C:69:4A:B8:98:21:D4:38:68:93:67:53:F8:
                                01:42:FC:F6:9D:21
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr 20 14:36:09.765 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:1A:2E:47:41:20:9D:0B:39:BF:38:B3:9D:
                                BF:E9:E1:3A:EA:5A:96:B8:2C:22:1E:9F:A0:04:B2:A8:
                                04:D9:28:40:02:21:00:E0:5B:77:D8:57:B4:9B:FC:AF:
                                58:8C:11:C3:81:7F:8F:C1:AC:C6:5A:5D:3D:9F:2B:C9:
                                84:22:C1:63:0B:4B:76
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        ab:74:56:10:44:30:5c:af:8c:ea:ac:d5:cf:70:02:9c:c0:ad:
        5d:cd:42:e5:12:6f:6d:1f:b0:f6:62:0d:63:4e:95:33:8d:ba:
        08:b3:67:7b:df:e3:e3:59:03:e6:50:b3:c3:6a:7b:01:bb:c1:
        42:5a:55:cb:0c:a3:fc:7a:f3:80:3e:13:08:e6:47:fd:a5:c0:
        99:29:f5:02:1c:a3:2d:42:b1:f0:da:4d:50:b3:1c:84:69:fe:
        4f:f4:88:f6:33:3b:58:4e:26:85:45:66:8e:59:7b:73:22:87:
        3e:bf:4e:f8:bc:35:1d:64:fa:8a:36:2b:a1:91:76:6e:59:58:
        7f:91:d0:ad:96:1b:90:4f:05:b5:23:bc:9d:4e:4c:88:9e:12:
        c1:03:32:83:02:8b:6a:5a:34:01:78:c1:5d:b5:8d:60:52:b8:
        48:4b:69:51:16:e6:57:bf:34:de:75:2a:0f:af:78:4d:14:8d:
        28:77:0e:13:78:57:f1:3b:5a:70:a5:f7:03:11:84:b5:19:f9:
        1c:9d:ba:8a:0b:ac:98:39:ac:14:8d:f7:9f:43:e7:cd:d3:11:
        e8:28:5e:97:7d:e8:b2:c5:fa:f2:6b:fa:d1:96:2e:a4:80:f1:
        ed:82:10:ee:9a:35:0e:82:f3:c8:96:41:89:5d:5a:34:7f:f0:
        19:a8:9c:1a

-1849879175 | 2024-05-25T17:32:15.623356

4000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.25.5
Date: Sat, 25 May 2024 17:32:15 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.25.5</center>
</body>
</html>

-764816859 | 2024-05-05T04:27:58.221386

4500 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.25.4
Date: Sun, 05 May 2024 04:27:58 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.25.4</center>
</body>
</html>

1663678335 | 2024-05-19T01:52:21.598481

5000 / tcp

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Sun, 19 May 2024 01:52:21 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 32
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ETag: W/"20-lEJugmZp1GDjM3aIiG4+lzpovtc"

-2054717767 | 2024-05-31T03:00:12.479325

8010 / tcp

HTTP/1.1 401 Unauthorized
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Content-Length: 37
ETag: W/"25-mo8ooISdA0jqvBwQHAYrCuUmF2o"
Date: Fri, 31 May 2024 03:00:12 GMT
Connection: keep-alive
Keep-Alive: timeout=5

104.154.135.87

Last Seen: 2024-06-01

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1272368300 | 2024-06-01T11:51:08.363640
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1655433945 | 2024-05-24T15:15:49.567525
80 / tcp

nginx1.18.0

2076426072 | 2024-05-31T04:01:00.984038
443 / tcp

nginx1.18.0

-1849879175 | 2024-05-25T17:32:15.623356
4000 / tcp

nginx1.25.5

-764816859 | 2024-05-05T04:27:58.221386
4500 / tcp

nginx1.25.4

1663678335 | 2024-05-19T01:52:21.598481
5000 / tcp

nginx1.25.5

-2054717767 | 2024-05-31T03:00:12.479325
8010 / tcp

Products

Pricing

Contact Us

104.154.135.87

Last Seen: 2024-06-01

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1272368300 | 2024-06-01T11:51:08.363640 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1655433945 | 2024-05-24T15:15:49.567525 80 / tcp

nginx1.18.0

2076426072 | 2024-05-31T04:01:00.984038 443 / tcp

nginx1.18.0

-1849879175 | 2024-05-25T17:32:15.623356 4000 / tcp

nginx1.25.5

-764816859 | 2024-05-05T04:27:58.221386 4500 / tcp

nginx1.25.4

1663678335 | 2024-05-19T01:52:21.598481 5000 / tcp

nginx1.25.5

-2054717767 | 2024-05-31T03:00:12.479325 8010 / tcp

Products

Pricing

Contact Us

1272368300 | 2024-06-01T11:51:08.363640
22 / tcp

1655433945 | 2024-05-24T15:15:49.567525
80 / tcp

2076426072 | 2024-05-31T04:01:00.984038
443 / tcp

-1849879175 | 2024-05-25T17:32:15.623356
4000 / tcp

-764816859 | 2024-05-05T04:27:58.221386
4500 / tcp

1663678335 | 2024-05-19T01:52:21.598481
5000 / tcp

-2054717767 | 2024-05-31T03:00:12.479325
8010 / tcp