| Hostnames |
ip242.ip-188-165-50.eu clone-node-entrant.jobphoning.com octopuce.fr |
| Domains | ip-188-165-50.eu jobphoning.com octopuce.fr |
| Country | France |
| City | Roubaix |
| Organization | OVH SAS |
| ISP | OVH SAS |
| ASN | AS16276 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
| CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
| CVE-2021-3618 | 5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. |
| CVE-2021-23017 | 6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. |
-1028839394 | 2024-03-28T16:57:12.80684022 / tcp
SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3 Key type: ssh-rsa Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDeRKrsnAPOx68xYxij9x8rB788xnBfZa5hbH8DU9aSRfes rEW3O9C/QTdQW9mBS3KmLdOUU5Jj/Q138iS1RtD1g0vD/G4tRSEz5vkmkwDZSmZTbFivhgouAH/c zPZPVqVRYgTvk1DwnmJMMmTqsB1/DHIlKrQ0Jk3zDNRlFMKlcWkt79JjzIKtTq397fS5737Fnwau 4fviFpyTDF3321+XaMdfMBZBiFGIKt8YCp6+im7Xnob1qqcMtOE76ah1tmrKfm/A/wJVqVVisT2k tpk1fu5Y4Sm/k2T9eX5s07KjDyYOn6zzGDIouUOmOA4je856ZUc3iwrkDdWP3BhJTeOH Fingerprint: 70:24:cf:72:33:9c:74:56:fa:77:e4:9b:6a:b8:53:0f Kex Algorithms: curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 kex-strict-s-v00@openssh.com Server Host Key Algorithms: rsa-sha2-512 rsa-sha2-256 ssh-rsa ecdsa-sha2-nistp256 ssh-ed25519 Encryption Algorithms: chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com MAC Algorithms: umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com umac-128@openssh.com hmac-sha2-256 hmac-sha2-512 Compression Algorithms: none zlib@openssh.com
1897460867 | 2024-04-20T14:21:59.21776325 / tcp
220 jpodev1.octopuce.fr ESMTP Postfix (Debian/GNU) 250-jpodev1.octopuce.fr 250-PIPELINING 250-SIZE 10240000 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250 CHUNKING
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:a9:06:13:c2:3b:3f:fa:8f:53:54:cb:3d:fc:d5:70
Signature Algorithm: sha384WithRSAEncryption
Issuer: C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA
Validity
Not Before: Jun 26 00:00:00 2023 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: CN=*.octopuce.fr
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:95:41:5a:92:c3:88:3a:f1:26:e1:c4:35:3a:24:
dd:04:7a:42:88:98:9a:db:c1:c6:0e:86:2d:08:6c:
be:87:32:15:95:fc:7b:ec:2d:32:36:98:bf:57:3f:
01:2e:83:93:4a:65:4e:24:6e:c5:eb:67:ce:22:c8:
bb:27:e4:fe:6b:e2:64:8e:2b:e2:82:6e:a6:6d:9b:
6f:c2:91:b2:5c:e9:84:d1:ff:11:37:32:e4:9c:c8:
bb:85:a9:6d:68:0f:07:f0:24:2e:2e:24:d4:d4:70:
f4:03:cb:e7:db:e6:69:51:20:1c:80:1a:32:3a:8f:
6b:96:cf:2b:8d:08:39:f0:e7:29:79:43:ef:65:a3:
10:da:a5:49:02:c4:9b:c6:d5:11:17:cd:28:b1:a7:
da:8b:ab:3a:8d:31:f3:ed:45:ea:97:4b:6f:b5:15:
13:d3:4c:2d:6f:8f:9a:cd:55:d4:bf:46:49:02:f5:
99:ca:4e:00:9a:52:e4:73:a9:5e:e1:06:ce:9d:4d:
91:6d:82:5e:51:b5:63:61:63:07:20:6c:49:e1:fd:
64:e1:ff:ca:65:6e:83:39:c5:4a:95:85:51:44:be:
44:75:89:fe:29:7e:a4:19:d7:81:29:ba:f4:1f:77:
22:fc:2f:f3:c2:4c:dd:55:f6:e7:f6:e9:75:7e:3e:
79:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
C8:D9:78:68:A2:D9:19:68:D5:3D:72:DE:5F:0A:3E:DC:B5:86:86:A6
X509v3 Subject Key Identifier:
27:F8:17:58:9B:5F:FE:E1:58:2D:9C:27:7D:3B:AF:77:D3:22:59:95
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.78
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1
Authority Information Access:
CA Issuers - URI:http://zerossl.crt.sectigo.com/ZeroSSLRSADomainSecureSiteCA.crt
OCSP - URI:http://zerossl.ocsp.sectigo.com
X509v3 Subject Alternative Name:
DNS:*.octopuce.fr, DNS:octopuce.fr
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Jun 26 08:28:01.025 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:90:39:92:C8:B5:16:27:F4:8B:E2:5B:
22:33:85:C8:87:63:88:E2:6B:FB:EB:7F:B0:9B:0A:80:
A7:04:15:9E:76:02:20:79:5F:6E:38:05:45:77:A7:C9:
7B:8D:1C:15:CA:8D:DA:7B:17:0A:B7:CE:75:C6:BD:BD:
38:75:97:32:21:9F:65
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
Timestamp : Jun 26 08:28:01.109 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:C9:24:74:53:31:0D:F7:9B:B7:57:74:
E5:71:7E:BA:D2:B4:7E:F9:2A:FE:79:68:03:8A:FF:0A:
83:9A:30:43:6D:02:21:00:A8:11:1D:08:7F:3A:6D:BA:
EC:D7:9C:B7:81:78:AF:73:1B:DD:6B:92:38:8F:85:A0:
F9:7A:FD:96:F1:DE:67:1C
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Jun 26 08:28:01.065 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:4C:6E:C0:C9:91:EF:41:E1:D9:64:53:AB:
94:38:69:4F:8E:EC:16:B5:ED:EA:26:F4:14:E3:82:70:
85:45:0F:F5:02:20:66:64:C1:45:B2:B6:A8:C0:7A:2F:
DB:03:EA:8A:15:A7:09:2D:B0:12:71:89:36:1B:DE:20:
E3:A8:85:08:5F:C2
Signature Algorithm: sha384WithRSAEncryption
Signature Value:
6f:4b:55:4e:ac:1b:b7:0a:d5:1a:31:06:38:ea:62:76:5b:ac:
b8:61:7b:d0:c5:ac:9e:24:5b:55:12:1d:e7:8e:c3:f3:b3:38:
01:8e:de:25:c3:e5:09:75:3a:56:07:dc:80:21:48:02:fa:44:
f2:0c:7f:78:07:08:5e:cf:93:9c:1e:12:d4:87:31:50:0c:a8:
83:5f:0a:63:54:34:2e:01:0d:71:6d:bb:72:9b:32:92:aa:c7:
cd:f5:c8:1f:e6:72:a2:fc:bd:55:e1:cd:d4:d8:10:ae:99:32:
04:c2:3c:9c:40:c8:d3:71:5e:96:60:64:78:50:fa:da:50:ee:
41:d7:7f:97:a3:5f:27:22:39:67:6b:7c:e2:b7:be:06:de:5b:
33:4e:75:42:8c:4b:45:eb:63:e8:a9:1c:c7:18:1f:6c:0c:5f:
3c:15:7f:ee:49:f3:d3:d9:0b:6d:66:4d:f5:37:54:c8:ad:83:
d1:db:6f:fc:c7:72:92:22:d2:c3:27:56:67:29:9f:11:df:32:
de:60:9c:31:d9:df:c8:cb:31:17:23:9a:51:be:27:96:c1:51:
50:6e:cb:a7:a0:8f:68:84:74:e0:6d:31:01:39:ae:65:a0:9e:
63:22:ac:3d:cc:74:fd:28:b9:c3:d8:c8:6f:b2:c3:82:76:a5:
13:4f:9d:38:30:f0:ab:62:3f:5a:af:fd:95:f5:b2:58:25:1b:
6b:61:8c:ff:0b:e2:43:df:5d:17:d3:bd:d4:e1:e1:52:0a:d9:
12:c1:cd:91:eb:20:cb:f1:dd:c5:33:19:be:38:1a:14:e6:cf:
07:99:be:b4:79:db:d7:91:93:23:df:ca:40:ec:60:b7:a9:48:
ba:c0:d6:dd:a7:bc:fd:17:c2:ad:bc:49:61:70:f6:57:7d:77:
b2:6d:60:66:06:a2:5e:b3:b8:b5:fa:c9:37:48:c3:3d:66:80:
c2:35:c3:57:6b:4a:2a:4a:e9:c1:8b:cc:95:bd:f7:f8:d0:7b:
42:18:c8:f9:ab:7f:f0:8e:d6:46:da:36:ef:f0:d6:c7:fb:4e:
25:14:18:71:d1:d8:7c:fb:be:c9:81:25:a2:f8:c9:e3:8c:78:
a8:8a:fa:6f:16:97:39:e4:fa:8c:9c:0c:7c:fd:db:8c:45:41:
24:c5:16:d9:76:21:24:94:bf:bb:c8:fa:97:43:00:10:f0:58:
ab:7b:8d:12:d2:2f:76:57:3f:22:01:ed:32:b3:71:78:0d:60:
57:3c:4c:99:8d:19:77:4a:1a:54:17:14:97:be:1d:5b:33:a6:
77:11:a2:ce:b4:21:41:9e:5f:46:8b:7a:3c:d7:78:3c:a8:91:
eb:15:dd:5a:99:ad:a6:24
-1502437757 | 2024-04-15T12:34:51.13419080 / tcp
HTTP/1.1 302 Found content-length: 0 location: https://188.165.50.242/ cache-control: no-cache
1877923141 | 2024-04-10T12:02:43.84014381 / tcp
HTTP/1.1 401 Unauthorized content-length: 112 cache-control: no-cache content-type: text/html www-authenticate: Basic realm="HAProxy-Statistics"
1371342164 | 2024-04-13T00:05:03.144376161 / udp
SNMP:
Versions:
3
Engine Boots: 11
Engineid Data: 80001f8880a483831d1517336300000000
Enterprise: 8072
Engine Time: 269 days, 10:53:28
1045160298 | 2024-04-19T01:29:45.216221443 / tcp
HTTP/1.0 403 Forbidden cache-control: no-cache content-type: text/html
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:99:2b:15:a8:51:0f:2c:ef:03:d5:85:37:10:3b:97:95:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R3
Validity
Not Before: Mar 31 23:17:51 2024 GMT
Not After : Jun 29 23:17:50 2024 GMT
Subject: CN=clone-node-entrant.jobphoning.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c4:46:14:63:ba:e8:12:0c:f6:f6:12:6d:b0:1e:
46:55:31:22:b0:ef:05:b6:b4:02:de:df:fe:9d:cb:
8a:6c:e6:fa:05:50:26:6d:3d:42:09:20:08:b2:da:
21:9f:ca:19:8c:9e:2e:30:61:ee:ef:46:0d:b8:94:
9d:d1:11:38:3f:05:10:b9:ef:6f:38:75:9c:93:b4:
4e:02:15:ec:17:0e:54:7e:58:6d:1e:14:7b:ed:c9:
7e:06:4c:21:2a:78:ba:b6:71:cf:99:78:9f:b5:c0:
78:78:54:b7:ed:23:a9:a7:0e:d3:1a:be:92:5d:dc:
6d:3f:5d:e9:76:73:70:be:0f:09:3c:a6:c6:ae:8e:
62:6a:4a:37:34:c0:57:2b:13:13:c7:e9:18:00:72:
8e:d6:c3:59:77:ca:a5:8c:59:3d:49:28:9a:2d:76:
ad:59:4d:71:84:83:c4:89:94:d7:d1:eb:77:1a:32:
e0:88:07:2f:c8:d0:44:ce:75:4b:00:fd:03:26:6a:
2a:6b:df:ae:8e:b2:8e:f6:b5:36:a7:74:c8:46:50:
23:a8:ed:a8:69:5e:9a:87:40:3b:b2:84:6f:53:ab:
54:20:96:2e:1e:fc:01:57:a7:54:f9:69:f6:90:13:
b2:d7:f1:e4:5f:2c:9d:f1:81:e9:89:1b:5a:38:e6:
9d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
A0:B7:78:9D:6D:C6:DF:C8:66:08:2F:EA:AD:19:53:D3:03:B8:AF:D4
X509v3 Authority Key Identifier:
14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
Authority Information Access:
OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:clone-node-entrant.jobphoning.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
Timestamp : Apr 1 00:17:51.455 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:8D:CD:F7:E5:09:F6:24:D6:0C:0A:2F:
A5:02:C0:E9:58:0E:43:2A:E9:3D:E5:4D:CD:86:70:57:
98:2C:C6:75:5D:02:21:00:83:1F:9D:16:34:63:37:98:
44:32:54:30:9E:10:FF:C7:BE:41:2A:23:23:55:A0:14:
18:62:D3:F4:4F:FD:EA:F3
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
Timestamp : Apr 1 00:17:51.463 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:F7:4F:3F:95:6B:4D:70:E8:AC:B5:9E:
58:A4:96:4E:E7:B3:93:90:C9:E0:7E:F4:70:BF:CF:C2:
1A:15:48:B7:F0:02:21:00:B2:12:A8:53:D5:18:34:15:
C8:E0:3E:33:80:AD:1D:A2:22:7F:44:2B:64:5B:90:BF:
E1:89:4E:F4:50:C8:E3:D3
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
b5:3f:3e:73:19:b7:18:30:4d:36:24:95:dc:de:e5:37:67:e0:
47:67:26:03:fb:03:97:4d:f0:27:a5:63:8e:88:70:c1:c9:4b:
90:85:ea:89:11:28:80:c9:49:8c:be:7f:1a:0b:de:8f:a3:5e:
ac:30:a6:3d:81:e9:f1:0c:03:b9:e2:e6:4d:ab:26:7a:bd:f3:
9e:2b:a2:3e:1c:51:ad:f6:c7:88:3f:8a:54:7b:8d:1c:85:31:
01:4a:f6:92:95:68:3b:79:8a:1d:9e:39:d8:61:9d:2c:d6:cc:
d9:26:16:e6:30:12:a8:fe:d3:28:50:fb:d4:84:4a:30:0e:a8:
32:83:13:19:b0:63:2e:26:7e:ff:4c:64:e0:7b:13:a9:98:1e:
af:a9:2e:e3:d6:73:fa:99:6b:6a:d6:22:cc:98:ec:79:05:45:
16:15:23:5c:fa:60:d5:2d:95:05:18:5e:a5:b3:cc:28:ec:05:
1c:e2:90:68:d5:2e:c7:1c:f1:6f:f6:8b:de:64:57:1f:3f:93:
99:57:31:f2:47:56:aa:b9:a4:03:ed:36:39:1e:a8:05:34:92:
e7:5a:3d:d5:4e:b4:84:50:7f:98:d3:c5:9a:43:f5:aa:37:af:
e4:a2:fe:d7:00:26:60:2e:9b:4a:ce:b3:6c:89:15:28:5c:38:
de:4b:27:2f
1440772385 | 2024-04-21T06:42:27.1457313000 / tcp
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Sun, 21 Apr 2024 06:42:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1838 Connection: keep-alive X-Frame-Options: deny X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-UA-Compatible: IE=edge Referrer-Policy: same-origin Content-Language: en ETag: W/"72e-OrzRE2Bi20/Rz3sA/2SlqtixcTs" Vary: Accept-Encoding
-1246004407 | 2024-04-24T00:15:30.5811433050 / tcp
HTTP/1.1 400 Bad Request Connection: close
610553330 | 2024-04-22T16:44:10.5487993306 / tcp
MariaDB: Protocol Version: 10 Version: 10.5.23-MariaDB-1:10.5.23+maria~deb11-log Capabilities: 63486 Server Language: 45 Server Status: 2 Extended Server Capabilities: 33279 Authentication Plugin: mysql_native_password
-2098053163 | 2024-04-01T10:00:49.8656988080 / tcp