GeneralInformation

Hostnames	mydf385083.rna1.blindsidenetworks.com manhnv-33-briteza.com
Domains	blindsidenetworks.com manhnv-33-briteza.com
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	North Bergen
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Windows (build 10.0.14393)

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 3000 3389

1651973090 | 2024-04-19T12:05:23.216960

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 19 Apr 2024 12:05:23 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 02 Apr 2024 17:35:04 GMT
Connection: keep-alive
ETag: "660c41c8-264"
Accept-Ranges: bytes

660592555 | 2024-04-18T20:43:35.002059

3000 / tcp

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 20:43:34 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

-2346316 | 2024-04-26T08:02:35.409179

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 10 (version 1607)/Windows Server 2016 (version 1607)
  OS Build: 10.0.14393
  Target Name: WIN-II8NCA0731R
  NetBIOS Domain Name: WIN-II8NCA0731R
  NetBIOS Computer Name: WIN-II8NCA0731R
  DNS Domain Name: WIN-II8NCA0731R
  FQDN: WIN-II8NCA0731R

; Administrator
SES

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:7f:13:b6:3e:50:d2:87:44:7b:ca:4c:cc:70:b7:ae
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=WIN-II8NCA0731R
        Validity
            Not Before: Dec  1 06:11:29 2023 GMT
            Not After : Jun  1 06:11:29 2024 GMT
        Subject: CN=WIN-II8NCA0731R
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d2:60:88:21:7b:d9:e3:22:c4:42:a7:0b:33:16:
                    f6:ad:f5:b2:d8:f3:35:69:e0:00:f6:51:6e:f4:c7:
                    ec:ce:78:20:a9:30:d0:39:e9:2e:05:83:28:f9:13:
                    2d:7f:e7:95:7b:32:6a:e0:9c:2e:c7:fb:bd:0f:4f:
                    e8:a5:d6:83:b0:55:86:eb:7d:26:2f:b5:20:25:fd:
                    7f:f9:5c:71:e8:5c:02:06:96:01:fe:55:af:d2:bc:
                    ba:f6:39:8f:71:a1:5b:e1:63:da:b0:ad:07:36:0f:
                    97:37:7e:12:b4:b7:c1:09:7b:23:83:06:f1:54:19:
                    92:04:fc:c0:9a:83:9e:7e:52:8d:55:93:e8:f3:a4:
                    32:91:1c:93:70:5d:e7:4d:09:c8:ce:ed:24:a1:c6:
                    39:21:2e:c3:04:47:fd:9e:14:5c:df:9b:8d:b0:35:
                    35:3e:77:fc:83:85:57:8e:a2:ff:db:2c:0c:64:c7:
                    6e:19:e3:fa:44:0f:4c:d2:f1:70:ce:98:32:51:fa:
                    0c:5c:57:7b:2d:31:68:e5:43:bd:0a:53:e0:be:2e:
                    8b:d5:3a:f0:ac:a3:cb:39:19:5a:38:e0:76:a0:55:
                    2b:8e:e5:fb:a0:4f:58:e9:af:99:2d:1a:ca:ff:d3:
                    ed:49:24:70:9d:2d:5e:f6:6c:b1:1a:e3:61:76:68:
                    d7:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        12:64:e5:6d:61:b0:58:d9:1a:7b:84:7a:5b:ea:d6:d3:c4:38:
        b0:57:bf:c2:73:86:d2:7d:98:10:2a:79:26:9a:3d:27:67:92:
        13:62:73:9b:11:7f:2c:1d:3b:a8:5e:01:7f:13:ca:51:42:f0:
        50:0a:40:82:0c:ee:d2:90:fc:79:58:1e:a9:cb:25:8b:d0:8d:
        7a:9f:3b:b8:11:65:7e:6c:ab:ca:7c:da:5e:83:3d:c5:9d:1d:
        da:b4:74:73:05:58:b0:44:28:1f:6a:d0:66:8b:3a:a4:2f:b5:
        9d:f9:cb:58:68:a8:94:19:0f:f5:4b:24:51:b1:82:b1:47:ca:
        17:9e:50:09:7b:00:9d:ff:d8:e1:1e:70:6f:fb:86:54:0f:aa:
        c9:5b:eb:f4:4a:78:00:7c:31:83:b4:cc:dc:f1:7a:87:30:18:
        b1:68:a2:53:c5:39:f5:de:48:d9:39:cc:90:dc:27:95:17:f0:
        f9:35:a3:7e:b9:1a:9b:fe:63:49:7b:e6:55:24:ba:45:de:ee:
        da:5f:fc:9a:6d:af:68:82:a8:1c:87:7b:3d:60:b8:8e:b2:ba:
        da:94:db:69:51:e7:33:a8:1b:d8:2c:de:7a:d5:e7:80:b3:dd:
        d0:99:39:97:88:05:3b:d4:cb:10:5e:7e:51:dd:c1:0a:0c:8e:
        06:b4:42:a5

143.198.190.132

Last Seen: 2024-04-26

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1651973090 | 2024-04-19T12:05:23.216960
80 / tcp

nginx1.18.0

660592555 | 2024-04-18T20:43:35.002059
3000 / tcp

-2346316 | 2024-04-26T08:02:35.409179
3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

143.198.190.132

Last Seen: 2024-04-26

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1651973090 | 2024-04-19T12:05:23.216960 80 / tcp

nginx1.18.0

660592555 | 2024-04-18T20:43:35.002059 3000 / tcp

-2346316 | 2024-04-26T08:02:35.409179 3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

1651973090 | 2024-04-19T12:05:23.216960
80 / tcp

660592555 | 2024-04-18T20:43:35.002059
3000 / tcp

-2346316 | 2024-04-26T08:02:35.409179
3389 / tcp