GeneralInformation

Hostnames	register.freenom.com www.register.freenom.com busy.trolling.info
Domains	freenom.com trolling.info
Country	Netherlands
City	Amsterdam
Organization	Netrouting Telecom
ISP	Netrouting B.V.
ASN	AS6206
Operating System	Debian

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 111 123 443

774956362 | 2024-04-18T12:34:03.356992

22 / tcp

SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDXxmtiuF9iN/ha99cc/xYUZRYaB0jFx8Y/XFt60/ZtSt06
UBFmdL9kbnYmdZZL3zhXvVB5Yq+tXqOTj5s40VocBp84odfDBOKgYHHxkMqAG7f3GPSK7DAU/v6k
0pDfA0o7pHdzz5xW4zmHE22QffqRMtO/bUHExcwhl2uY9a7MZHqKF+p/wg4Y5faP10bwNDqKaSo3
ck+NmL6wD9HHE4LP32avl3lsMBXtJkrQxoV5tLkjzTfypPY1JYjuJgEV1Pe3wrHjfdIdmo3iG3FI
ei69gGGN8hhqLwVKbt9BskJedp5K+jFM42OzF6z38l876ud7a1dQxhPAhbA1QpV5/ZK3
Fingerprint: 2c:14:bf:5f:04:ea:2f:10:90:22:5c:53:46:4c:a3:ee

Kex Algorithms:
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group-exchange-sha1
	diffie-hellman-group14-sha1
	diffie-hellman-group1-sha1

Server Host Key Algorithms:
	ssh-rsa
	ssh-dss
	ecdsa-sha2-nistp256

Encryption Algorithms:
	aes128-ctr
	aes192-ctr
	aes256-ctr
	arcfour256
	arcfour128
	aes128-cbc
	3des-cbc
	blowfish-cbc
	cast128-cbc
	aes192-cbc
	aes256-cbc
	arcfour
	rijndael-cbc@lysator.liu.se

MAC Algorithms:
	hmac-md5
	hmac-sha1
	umac-64@openssh.com
	hmac-sha2-256
	hmac-sha2-256-96
	hmac-sha2-512
	hmac-sha2-512-96
	hmac-ripemd160
	hmac-ripemd160@openssh.com
	hmac-sha1-96
	hmac-md5-96

Compression Algorithms:
	none
	zlib@openssh.com

735572739 | 2024-04-15T05:45:26.767086

80 / tcp

HTTP/1.0 200 OK
Date: Mon, 15 Apr 2024 05:39:26 GMT
Server: nginx/1.18.0
Content-Type: text/html
Content-Length: 131
Last-Modified: Tue, 02 Sep 2014 09:21:44 GMT
ETag: "ec3ca-83-54058c28"
Accept-Ranges: bytes
Connection: close

540366357 | 2024-04-18T11:09:57.881914

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	54119
status	1	tcp	37648

540366357 | 2024-04-09T19:34:41.837210

111 / udp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	54119
status	1	tcp	37648

2098373791 | 2024-04-14T13:27:05.711557

123 / udp

NTP
protocolversion: 3
stratum: 3
leap: 0
precision: -23
rootdelay: 0.0108184814453
rootdisp: 0.0595397949219
refid: 1427192671
reftime: 3922089242.99
poll: 3

735572739 | 2024-04-15T08:01:17.724316

443 / tcp

HTTP/1.0 200 OK
Date: Mon, 15 Apr 2024 07:55:16 GMT
Server: nginx/1.18.0
Content-Type: text/html
Content-Length: 131
Last-Modified: Tue, 02 Sep 2014 09:21:44 GMT
ETag: "ec3ca-83-54058c28"
Accept-Ranges: bytes
Connection: close

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:9f:93:66:f5:d7:77:06:51:6f:32:ad:b2:f4:e8:47
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Sep 25 00:00:00 2019 GMT
            Not After : Sep 24 23:59:59 2021 GMT
        Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=register.freenom.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:dd:7c:c1:40:c3:58:c1:be:4d:1e:e2:0d:38:cf:
                    14:d8:75:1a:4a:d6:78:a9:b2:90:2a:a8:0a:10:7e:
                    1a:cd:2d:df:90:9c:d8:19:bc:6e:8b:40:a5:8b:52:
                    58:2e:d9:28:09:a4:35:0e:2e:c5:dc:5d:75:be:8c:
                    45:cd:17:76:52:03:74:41:06:bf:33:c3:60:94:85:
                    e6:a8:d5:0a:c0:cd:e0:ab:4c:67:cd:2b:a1:9c:cc:
                    ab:8a:bb:60:b5:3a:ff:83:2c:73:25:30:73:0d:8b:
                    32:b1:b1:f5:0c:aa:68:83:50:01:a2:3f:6a:93:cc:
                    bf:c2:64:26:e0:80:b9:19:a6:1e:ab:3b:dd:f9:32:
                    4b:b3:9e:26:cc:71:a8:e2:48:4a:32:93:4d:c4:d8:
                    db:b7:fa:23:82:02:76:bc:60:63:d9:6e:58:ff:94:
                    a4:1c:60:6d:da:bb:80:56:03:91:a0:d4:96:2a:48:
                    3b:17:9b:96:78:28:de:bc:b3:ce:ea:c3:46:5c:a4:
                    68:d1:8c:3b:90:d8:14:73:21:90:c7:1e:85:f0:4b:
                    69:7f:8c:08:02:24:e7:1c:c2:5e:bf:27:db:15:dd:
                    ca:2c:9d:10:e2:eb:7e:f6:b2:ba:ee:d3:a8:b0:9d:
                    41:a5:e7:c7:37:91:14:cb:e7:af:57:69:a4:79:f0:
                    f0:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                7F:6D:67:2C:90:FD:74:75:35:B5:F1:D3:0A:D5:DE:6A:85:41:7D:A1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:register.freenom.com, DNS:www.register.freenom.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
                                E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
                    Timestamp : Sep 25 18:01:59.464 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:74:19:E6:A0:6E:1A:A9:BB:34:88:6A:EC:
                                4B:4F:8D:43:DF:6B:E4:07:72:E8:DE:57:FA:63:47:A6:
                                6D:6D:B1:98:02:21:00:9B:32:C4:F5:65:9B:09:64:D5:
                                69:AA:0F:4B:3A:AA:2A:FD:F7:7D:41:35:66:3E:36:29:
                                4B:6C:57:CB:11:69:FA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
                                DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
                    Timestamp : Sep 25 18:01:59.501 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:0C:48:02:61:52:2F:96:C0:75:91:CA:60:
                                E4:E9:D9:7C:B6:2E:64:8A:E2:7F:12:B4:00:40:98:D9:
                                FC:FE:DA:9C:02:20:3D:0F:3B:1D:C5:B6:B1:77:31:CA:
                                B8:51:61:F3:E1:48:82:6C:A3:6F:0C:8B:69:F3:85:31:
                                70:17:93:D7:B7:65
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
                                C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
                    Timestamp : Sep 25 18:01:59.619 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B1:2B:42:CA:B4:2D:54:AD:6F:78:5C:
                                0B:8C:01:7E:54:CA:54:5C:2B:99:73:93:9B:BA:26:F4:
                                C2:27:27:D2:42:02:20:77:B9:8B:9E:74:55:C4:94:8D:
                                FC:87:A2:B6:B3:44:AE:23:54:29:B2:78:70:1F:02:19:
                                C3:11:61:D2:EF:7A:DE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        30:d4:cd:c5:32:8b:6c:b5:a7:e0:87:ed:13:fe:fa:e5:c0:41:
        cb:d1:3a:55:d6:79:e3:b6:d3:e3:7c:14:97:00:04:81:5b:a8:
        f2:ef:ce:7c:d1:56:cf:5f:71:73:52:3a:96:19:fd:bd:6e:97:
        5d:5c:7f:a5:19:a8:cc:34:55:16:df:7b:ec:f2:9e:d6:66:f6:
        60:c2:b2:3e:f2:65:a9:0d:6e:74:85:4c:cc:f4:79:37:8a:eb:
        16:ad:66:72:68:a0:5c:be:cf:82:bc:ff:26:15:2f:dc:6a:14:
        d5:55:48:c2:66:47:cc:e3:bd:33:c0:25:40:27:7f:5d:97:aa:
        2b:10:75:25:ea:8d:c5:84:64:b1:50:c6:a0:a4:39:27:80:04:
        f9:17:5e:59:77:ef:f3:3e:51:b1:9e:7a:e5:37:d3:37:bd:01:
        0b:ad:6e:fb:2d:23:d9:ea:f5:74:31:d5:d3:61:d6:7b:d8:dc:
        db:b2:81:de:76:bb:14:fa:85:4e:64:bf:0c:bb:15:b5:94:b3:
        8e:24:de:2c:19:79:1b:37:98:12:f3:aa:37:75:1f:fd:b7:82:
        d3:e5:60:9e:ea:15:21:52:19:2f:9c:f1:2e:5a:4a:60:f6:83:
        b9:a3:ed:7a:99:69:f4:7b:0d:18:0b:5d:82:e4:52:15:33:c4:
        69:42:52:86

109.235.49.199

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

774956362 | 2024-04-18T12:34:03.356992
22 / tcp

OpenSSH6.0p1 Debian 4+deb7u2

735572739 | 2024-04-15T05:45:26.767086
80 / tcp

nginx1.18.0

540366357 | 2024-04-18T11:09:57.881914
111 / tcp

540366357 | 2024-04-09T19:34:41.837210
111 / udp

2098373791 | 2024-04-14T13:27:05.711557
123 / udp

735572739 | 2024-04-15T08:01:17.724316
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

109.235.49.199

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

774956362 | 2024-04-18T12:34:03.356992 22 / tcp

OpenSSH6.0p1 Debian 4+deb7u2

735572739 | 2024-04-15T05:45:26.767086 80 / tcp

nginx1.18.0

540366357 | 2024-04-18T11:09:57.881914 111 / tcp

540366357 | 2024-04-09T19:34:41.837210 111 / udp

2098373791 | 2024-04-14T13:27:05.711557 123 / udp

735572739 | 2024-04-15T08:01:17.724316 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

774956362 | 2024-04-18T12:34:03.356992
22 / tcp

735572739 | 2024-04-15T05:45:26.767086
80 / tcp

540366357 | 2024-04-18T11:09:57.881914
111 / tcp

540366357 | 2024-04-09T19:34:41.837210
111 / udp

2098373791 | 2024-04-14T13:27:05.711557
123 / udp

735572739 | 2024-04-15T08:01:17.724316
443 / tcp