GeneralInformation

Country	Russian Federation
City	Moscow
Organization	Domain names registrar REG.RU, Ltd
ISP	"Domain names registrar REG.RU", Ltd
ASN	AS197695

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

21 80 111 123 137 445

906388357 | 2024-04-15T10:15:43.650008

21 / tcp

220 (vsFTPd 3.0.3)
530 Login incorrect.
530 Please login with USER and PASS.
211-Features:
 EPRT
 EPSV
 MDTM
 PASV
 REST STREAM
 SIZE
 TVFS
211 End

-2098053163 | 2024-04-15T21:16:08.213653

80 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0
Date: Mon, 15 Apr 2024 21:16:08 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

1031278243 | 2024-04-11T21:01:05.903391

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
mountd	1	udp	48623
mountd	1	tcp	43291
mountd	2	udp	42317
mountd	2	tcp	35601
mountd	3	udp	59500
mountd	3	tcp	57811
status	1	udp	33401
status	1	tcp	35151
nfs	3	tcp	2049
nfs	4	tcp	2049
100227	3	tcp	2049
nfs	3	udp	2049
100227	3	udp	2049
nlockmgr	1	udp	51465
nlockmgr	3	udp	51465
nlockmgr	4	udp	51465
nlockmgr	1	tcp	37035
nlockmgr	3	tcp	37035
nlockmgr	4	tcp	37035

1168642898 | 2024-04-11T18:41:27.287205

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -17
rootdelay: 0.02587890625
rootdisp: 0.0234222412109
refid: 1401893682
reftime: 3921849464.87
poll: 3

353096276 | 2024-04-20T03:04:53.723907

137 / udp

NetBIOS Response:
  Server Name: FAI7
  MAC Address: 00:00:00:00:00:00
  Names:
    FAI7 <0x0>
    FAI7 <0x3>
    FAI7 <0x20>
    \x01\x02__MSBROWSE__\x02 <0x1>
    WORKGROUP <0x0>
    WORKGROUP <0x1d>
    WORKGROUP <0x1e>
  Additional Interfaces:
    89.108.75.24

156027869 | 2024-04-13T01:32:20.039503

445 / tcp

SMB Status:
  Authentication: disabled
  SMB Version: 2
  Capabilities: raw-mode

Shares
Name                 Type       Comments
------------------------------------------------------------------------
iso                  Disk
IPC$                 IPC        IPC Service (fai7 server)

176.99.2.56

Last Seen: 2024-04-20

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

906388357 | 2024-04-15T10:15:43.650008
21 / tcp

-2098053163 | 2024-04-15T21:16:08.213653
80 / tcp

nginx1.18.0

1031278243 | 2024-04-11T21:01:05.903391
111 / tcp

1168642898 | 2024-04-11T18:41:27.287205
123 / udp

353096276 | 2024-04-20T03:04:53.723907
137 / udp

156027869 | 2024-04-13T01:32:20.039503
445 / tcp

Products

Pricing

Contact Us

176.99.2.56

Last Seen: 2024-04-20

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

906388357 | 2024-04-15T10:15:43.650008 21 / tcp

-2098053163 | 2024-04-15T21:16:08.213653 80 / tcp

nginx1.18.0

1031278243 | 2024-04-11T21:01:05.903391 111 / tcp

1168642898 | 2024-04-11T18:41:27.287205 123 / udp

353096276 | 2024-04-20T03:04:53.723907 137 / udp

156027869 | 2024-04-13T01:32:20.039503 445 / tcp

Products

Pricing

Contact Us

906388357 | 2024-04-15T10:15:43.650008
21 / tcp

-2098053163 | 2024-04-15T21:16:08.213653
80 / tcp

1031278243 | 2024-04-11T21:01:05.903391
111 / tcp

1168642898 | 2024-04-11T18:41:27.287205
123 / udp

353096276 | 2024-04-20T03:04:53.723907
137 / udp

156027869 | 2024-04-13T01:32:20.039503
445 / tcp