GeneralInformation

Hostnames	ns311105.ip-188-165-201.eu
Domains	ip-188-165-201.eu
Country	France
City	Lille
Organization	OVH SAS
ISP	OVH SAS
ASN	AS16276

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

21 22 80 111 3128 5000 9100

-1032529606 | 2024-05-02T21:24:37.830428

21 / tcp

220 Welcome to the FTP server.
530 Login incorrect.
530 Please login with USER and PASS.
211-Features:
 AUTH TLS
 EPRT
 EPSV
 MDTM
 PASV
 PBSZ
 PROT
 REST STREAM
 SIZE
 TVFS
 UTF8
211 End

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            b3:c5:73:4d:98:7a:00:d0
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=FR, ST=France, L=Paris, O=Eugen Systems, OU=IT Department, CN=files.eugensystems.com/emailAddress=admin@eugensystems.com
        Validity
            Not Before: Jul  6 14:27:45 2018 GMT
            Not After : Jul  3 14:27:45 2028 GMT
        Subject: C=FR, ST=France, L=Paris, O=Eugen Systems, OU=IT Department, CN=files.eugensystems.com/emailAddress=admin@eugensystems.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:ce:db:43:59:3a:13:5d:9b:47:58:7d:e5:1a:9e:
                    ed:3d:e4:db:6e:91:9e:69:50:cb:1a:e1:2d:09:20:
                    5d:d7:e1:f7:70:5a:ff:4f:f2:94:c6:f0:31:6e:68:
                    03:cc:76:46:c5:99:6d:85:ac:6f:a8:e1:fe:4b:a0:
                    a3:52:cc:b5:d3:7e:1f:1d:85:47:cf:a6:00:3c:fd:
                    ce:62:d8:27:25:4d:53:2f:ed:05:e8:3f:76:bc:71:
                    ba:87:88:15:86:3f:f6:84:a6:b5:e3:53:83:8e:b6:
                    2f:82:de:06:38:b2:55:7a:36:4f:47:c6:7c:fd:a1:
                    79:9e:72:94:fd:47:4a:8b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                6A:55:5A:A3:79:E7:A1:A7:CD:34:DB:B1:B4:15:3E:2F:17:85:0A:5F
            X509v3 Authority Key Identifier: 
                6A:55:5A:A3:79:E7:A1:A7:CD:34:DB:B1:B4:15:3E:2F:17:85:0A:5F
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        8e:c6:5f:ee:4d:7f:9e:e7:71:e4:52:47:6c:fb:57:ab:8b:8d:
        d7:e2:dc:47:8b:16:9d:1a:e5:04:09:04:da:1f:cc:ee:54:fa:
        a3:f5:2d:d2:da:d3:2b:11:09:8e:fa:42:4c:bb:2c:03:fd:e9:
        93:0b:07:64:c1:81:70:6a:23:2f:3d:38:20:49:3b:fc:67:1a:
        7c:99:69:1d:8c:18:a2:c7:e8:b7:2b:67:24:e8:db:2f:31:06:
        26:d3:7c:65:b6:f0:a0:37:55:4d:c5:99:88:2e:73:6b:b9:53:
        5f:6e:f3:94:59:13:48:b2:f7:52:8f:6a:c8:fa:7b:dd:cb:56:
        8a:b1

-796048418 | 2024-05-01T15:01:07.674963

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDxOgfO9hiHbdJnekIl+bRpdtpqfIlkcCgw0iuEg0nmRztL
L8BHPw4ewlT3rHdSHIxNRVa14OWeMyGmRgZRys+pBP5SQQfiar9/DJ+qevt1QjYA3+xVU1ubw6YM
UBZhYOA9wKwjJcq7j8a0Q/cS7CoPJijClaNJSZT8bevGGCo5j/KrMhzxxB/SsLloc8ibjbBvfqCG
gwJg6iWtgE63rj2YTw3xIE3OLbiX4SSh7aJPmfU1qn/a/UKCv7BL7WFh95Lj9e8nFp/HdZkHe/vI
CRP9cqCIxBB80EwECFdmJDUjzMW2DG0JvX3ph2p9WW1ZMPNGFosja1spjPNCM13/ArefMKXRrAOL
M0lHzRWMEF9SO1CB9w/YqRh9CSJUGLzulS1qv1z0Wjg1mGM2WXCxHI6eFdlKTFWwMzZsV6jS0hIV
JJSeJoBjUhR7k1ANXAa1YMlJB9PpOd0B78X5CKqqamseDfpFnP6HUE8IG4ysbgB+NQcDssvEFFot
0iSlGeOuNu8=
Fingerprint: 3d:54:2e:bb:0f:79:3f:a8:0d:78:dc:16:47:42:b2:fc

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-04-28T17:54:21.866348

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 28 Apr 2024 17:54:21 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Fri, 15 Dec 2023 16:36:22 GMT
Connection: keep-alive
ETag: "657c8086-264"
Accept-Ranges: bytes

-1345205424 | 2024-04-27T18:35:05.657595

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111

-1345205424 | 2024-05-01T19:24:25.608811

111 / udp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111

-108767391 | 2024-04-20T10:39:42.346336

3128 / tcp

HTTP/1.1 501 method 'GET' not available
Cache-Control: max-age=0
Connection: close
Date: Sat, 20 Apr 2024 10:39:42 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Expires: Sat, 20 Apr 2024 10:39:42 GMT

2128602611 | 2024-04-15T16:10:04.158697

5000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0
Date: Mon, 15 Apr 2024 16:10:04 GMT
Content-Type: text/html
Content-Length: 657
Connection: close

1941459490 | 2024-04-27T22:47:03.328706

9100 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
Connection: close

400 Bad Request
Prometheus Node Exporter:
  node_exporter_build_info:
    branch: debian/sid
    goversion: go1.15.9
    revision: 1.1.2+ds-2.1
    version: 1.1.2+ds
  node_uname_info:
    domainname: (none)
    machine: x86_64
    nodename: prox-sys-1
    release: 5.13.19-5-pve
    sysname: Linux
    version: #1 SMP PVE 5.13.19-12 (Mon, 07 Mar 2022 15:54:28 +0100)
  node_network_info:
    fwln104i0:
      address: de:7a:db:4a:04:ce
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwln104i0
      duplex: full
      operstate: up
    fwbr103i0:
      address: 1a:9f:ed:7b:25:c6
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwbr103i0
      duplex: unknown
      operstate: up
    veth102i0:
      address: fe:4f:03:1f:1a:9c
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth102i0
      duplex: full
      operstate: up
    fwbr101i0:
      address: 22:a6:85:a1:09:9f
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwbr101i0
      duplex: unknown
      operstate: up
    fwbr104i0:
      address: 46:28:b5:83:45:ab
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwbr104i0
      duplex: unknown
      operstate: up
    fwpr104p0:
      address: e6:a6:ab:c9:99:95
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwpr104p0
      duplex: full
      operstate: up
    vmbr0:
      address: 70:54:d2:90:0f:06
      broadcast: ff:ff:ff:ff:ff:ff
      device: vmbr0
      duplex: unknown
      operstate: up
    lo:
      address: 00:00:00:00:00:00
      broadcast: 00:00:00:00:00:00
      device: lo
      operstate: unknown
    fwln101i0:
      address: c6:f1:c7:f6:eb:75
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwln101i0
      duplex: full
      operstate: up
    fwpr101p0:
      address: 22:9d:aa:79:99:26
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwpr101p0
      duplex: full
      operstate: up
    fwln103i0:
      address: ce:08:4d:65:b4:ca
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwln103i0
      duplex: full
      operstate: up
    fwbr102i0:
      address: c6:c8:c9:a9:41:9d
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwbr102i0
      duplex: unknown
      operstate: up
    eno1:
      address: 70:54:d2:90:0f:06
      broadcast: ff:ff:ff:ff:ff:ff
      device: eno1
      duplex: full
      operstate: up
    veth100i0:
      address: fe:bc:2b:87:1f:b9
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth100i0
      duplex: full
      operstate: up
    veth101i0:
      address: fe:13:f0:35:cd:9f
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth101i0
      duplex: full
      operstate: up
    vmbr1:
      address: 4e:9c:f4:8b:c9:0b
      broadcast: ff:ff:ff:ff:ff:ff
      device: vmbr1
      duplex: unknown
      operstate: up
    veth104i0:
      address: fe:fd:ca:88:e7:29
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth104i0
      duplex: full
      operstate: up
    fwpr102p0:
      address: fa:c8:37:96:90:de
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwpr102p0
      duplex: full
      operstate: up
    veth103i0:
      address: fe:7f:42:da:64:d9
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth103i0
      duplex: full
      operstate: up
    fwln102i0:
      address: ce:74:6e:b5:da:82
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwln102i0
      duplex: full
      operstate: up
    fwpr103p0:
      address: 42:12:e8:4a:74:58
      broadcast: ff:ff:ff:ff:ff:ff
      device: fwpr103p0
      duplex: full
      operstate: up

MAC Addresses

70:54:D2:90:0F:06
    OUI: 70:54:D2
    Organization: PEGATRON CORPORATION
    Assignment: MA-L
    Registration Date: 2012-10-17

188.165.201.16

Last Seen: 2024-05-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1032529606 | 2024-05-02T21:24:37.830428
21 / tcp

-796048418 | 2024-05-01T15:01:07.674963
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1651973090 | 2024-04-28T17:54:21.866348
80 / tcp

nginx1.18.0

-1345205424 | 2024-04-27T18:35:05.657595
111 / tcp

-1345205424 | 2024-05-01T19:24:25.608811
111 / udp

-108767391 | 2024-04-20T10:39:42.346336
3128 / tcp

2128602611 | 2024-04-15T16:10:04.158697
5000 / tcp

nginx1.18.0

1941459490 | 2024-04-27T22:47:03.328706
9100 / tcp

Prometheus Node Exporter1.1.2+ds

Products

Pricing

Contact Us

188.165.201.16

Last Seen: 2024-05-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1032529606 | 2024-05-02T21:24:37.830428 21 / tcp

-796048418 | 2024-05-01T15:01:07.674963 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1651973090 | 2024-04-28T17:54:21.866348 80 / tcp

nginx1.18.0

-1345205424 | 2024-04-27T18:35:05.657595 111 / tcp

-1345205424 | 2024-05-01T19:24:25.608811 111 / udp

-108767391 | 2024-04-20T10:39:42.346336 3128 / tcp

2128602611 | 2024-04-15T16:10:04.158697 5000 / tcp

nginx1.18.0

1941459490 | 2024-04-27T22:47:03.328706 9100 / tcp

Prometheus Node Exporter1.1.2+ds

Products

Pricing

Contact Us

-1032529606 | 2024-05-02T21:24:37.830428
21 / tcp

-796048418 | 2024-05-01T15:01:07.674963
22 / tcp

1651973090 | 2024-04-28T17:54:21.866348
80 / tcp

-1345205424 | 2024-04-27T18:35:05.657595
111 / tcp

-1345205424 | 2024-05-01T19:24:25.608811
111 / udp

-108767391 | 2024-04-20T10:39:42.346336
3128 / tcp

2128602611 | 2024-04-15T16:10:04.158697
5000 / tcp

1941459490 | 2024-04-27T22:47:03.328706
9100 / tcp