GeneralInformation

Hostnames	premiusa1.com
Domains	premiusa1.com
Country	United States
City	Los Angeles
Organization	Total Server Solutions L.L.C.
ISP	Performive LLC
ASN	AS46562
Operating System	Linux

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 53 80 1194 1701 1723 2086 4500 5555 8080 8880 10000 10001

-1066709914 | 2024-05-01T13:57:47.080161

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQC6UD6wuEw1aGCkVHhDwnkNZRsCTuUiF9ZhxcOVz32Mvj2u
3vViCGlAX0cOhqT9D5YYSEXfxKg0v06frjcdnGj2FOih4Ky/6W/LObHrcbFnradofqBjt8EgSTnE
Do7zSlWEZtLfuWgfAp6xGkfOuPxXDe8REyb70wtY2kWVF6r9fzBUMkCPJN7ISF5BthN4ac+SygV6
ofrswVIY4LtkMU6ExlhVKK2nKygstY6XFf3fESyyLsNW0pxkiKzOC37ZZ8hiwRQbz/yHy4CcNhyC
cg9q/bkm15XwV/i2Q4JNX4/YjDn1WkxPTNGMoVVMMwl8GSpoUeHWha2xQXEUXqwm/Ij0676TeG0g
2iKp/49IN04kA7dt0e8GT4B1yi3Xg20kf7x+0m04dQWvkLJSUmU54c8RLaLnorDuP51ELP+vG7Zc
oKdS4Lwt2X1u/sLiWYyLmJyWoNXHSpJIzopF048ACCkIfKQeOqCH59aoXRYJpkaJ98sV9JsVoNEn
Sy6aTz/E0jM=
Fingerprint: d7:87:f7:63:d9:6a:66:95:22:d1:a6:4b:c4:a7:75:d2

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1558742870 | 2024-05-04T06:09:55.705874

80 / tcp

SSH-2.0-dropbear_2019.78
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCUOAc2u4im1PI1vvvUf/7yNvsJy24dbBtJ1fbE+i7ZwFfm
Oeh8m8KsdMlxgsMbcIXCc9/I9AOdidv2WC4B1VFv4cZuKbiZe7WpsVg40IHOyhvaUhFabiziqYGv
YZQu+RbyD09eibYweP7babGugtCCOq78z9dWsyP8qnoJWIBiL7DcooWA4cKiszP9oo6Fuv1DbL+r
rxDM3hq3sr9oQtgbli/kDZ6buINqIiyBwTEMxkXjWPv0R8riX5CrJoODjLa5AHQXWdIke9y+32Db
zKChBcy6yvz9hkzpOYzmRFiFEA8Bw8iw+pkXfEeNJX0v0uGoIvjmYCyEXWIqloBYJ9OH
Fingerprint: fe:84:42:f5:fd:8a:88:e4:0e:80:37:b1:9a:3c:b9:44

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp521
	ecdh-sha2-nistp384
	ecdh-sha2-nistp256
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1
	kexguess2@matt.ucc.asn.au

Server Host Key Algorithms:
	ecdsa-sha2-nistp256
	ssh-rsa
	ssh-dss

Encryption Algorithms:
	aes128-ctr
	aes256-ctr
	aes128-cbc
	aes256-cbc
	3des-ctr
	3des-cbc

MAC Algorithms:
	hmac-sha1-96
	hmac-sha1
	hmac-sha2-256

Compression Algorithms:
	zlib@openssh.com
	none

-971873776 | 2024-04-25T06:47:25.571221

1194 / udp

@\x9fx\xc5\xa7\xd1V\xc9Y\x01\x00\x00\x00\x00\xd9\xce:\xbe\xf6\x98\xa5m\x00\x00\x00\x00

1596304127 | 2024-05-01T01:39:42.369967

1701 / udp

\xc8\x02\x00Y\x00\x00\x00\x00\x00\x00\x00\x01\x80\x08\x00\x00\x00\x00\x00\x02\x80\x08\x00\x00\x00\x02\x01\x00\x00\n\x00\x00\x00\x03\x00\x00\x00\x03\x00\n\x00\x00\x00\x04\x00\x00\x00\x03\x80\x0f\x00\x00\x00\x07premiusa1\x00\n\x00\x00\x00\x08L2TP\x80\x08\x00\x00\x00\t\x00\x01\x00\x08\x00\x00\x00\n\x00\x10

261189147 | 2024-04-18T05:12:29.733095

1723 / tcp

PPTP:
  Firmware: 1
  Hostname: local
  Vendor: linux

-294036658 | 2024-04-18T10:21:02.697928

2086 / tcp

HTTP/1.1 101 WebSocket by VPNJantit.com
Content-Length: 104857600000

1468396803 | 2024-04-08T20:44:44.095549

4500 / udp

VPN (IKE NAT-T)

Initiator SPI: 8f327f934e72ec93
Responder SPI: 0000000000000000
Next Payload: Notification (N)
Version: 1.0
Exchange Type: Informational
Flags:
    Encryption:     False
    Commit:         False
    Authentication: False
Message ID: 0f5faf74
Length: 48

-294036658 | 2024-04-21T18:55:58.450043

8880 / tcp

HTTP/1.1 101 WebSocket by VPNJantit.com
Content-Length: 104857600000

-1809133189 | 2024-04-26T16:02:56.248633

10000 / tcp

HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 16:02:56 GMT
Content-Length: 0

-2026190751 | 2024-04-26T17:00:24.113779

10001 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 17:00:23 GMT
Content-Type: text/html
Content-Length: 166
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

107.181.187.115

Last Seen: 2024-05-04

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1066709914 | 2024-05-01T13:57:47.080161
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.4

1558742870 | 2024-05-04T06:09:55.705874
80 / tcp

Dropbear sshd2019.78

-971873776 | 2024-04-25T06:47:25.571221
1194 / udp

1596304127 | 2024-05-01T01:39:42.369967
1701 / udp

261189147 | 2024-04-18T05:12:29.733095
1723 / tcp

PPTP

-294036658 | 2024-04-18T10:21:02.697928
2086 / tcp

1468396803 | 2024-04-08T20:44:44.095549
4500 / udp

-294036658 | 2024-04-21T18:55:58.450043
8880 / tcp

-1809133189 | 2024-04-26T16:02:56.248633
10000 / tcp

-2026190751 | 2024-04-26T17:00:24.113779
10001 / tcp

nginx1.18.0

Products

Pricing

Contact Us

107.181.187.115

Last Seen: 2024-05-04

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1066709914 | 2024-05-01T13:57:47.080161 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.4

1558742870 | 2024-05-04T06:09:55.705874 80 / tcp

Dropbear sshd2019.78

-971873776 | 2024-04-25T06:47:25.571221 1194 / udp

1596304127 | 2024-05-01T01:39:42.369967 1701 / udp

261189147 | 2024-04-18T05:12:29.733095 1723 / tcp

PPTP

-294036658 | 2024-04-18T10:21:02.697928 2086 / tcp

1468396803 | 2024-04-08T20:44:44.095549 4500 / udp

-294036658 | 2024-04-21T18:55:58.450043 8880 / tcp

-1809133189 | 2024-04-26T16:02:56.248633 10000 / tcp

-2026190751 | 2024-04-26T17:00:24.113779 10001 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-1066709914 | 2024-05-01T13:57:47.080161
22 / tcp

1558742870 | 2024-05-04T06:09:55.705874
80 / tcp

-971873776 | 2024-04-25T06:47:25.571221
1194 / udp

1596304127 | 2024-05-01T01:39:42.369967
1701 / udp

261189147 | 2024-04-18T05:12:29.733095
1723 / tcp

-294036658 | 2024-04-18T10:21:02.697928
2086 / tcp

1468396803 | 2024-04-08T20:44:44.095549
4500 / udp

-294036658 | 2024-04-21T18:55:58.450043
8880 / tcp

-1809133189 | 2024-04-26T16:02:56.248633
10000 / tcp

-2026190751 | 2024-04-26T17:00:24.113779
10001 / tcp