GeneralInformation

Country	United States
City	Hanover
Organization	ITGLOBAL.COM NL B.V.
ISP	ITGLOBAL.COM NL B.V.
ASN	AS208951

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 1194 4500 5555

-919108430 | 2024-04-28T20:41:24.009820

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDHqHloW9e/gC1S/JB32yNnpn8tEyXlp/+e/1IPQ2lyWLlq
8VGXu2tei0sEFmyRpqgGTlbxUEQNtAlIwi3aWB6aVkdRt2fZ75KszSExJR8VBavfm3LOM8Z97g9L
oImrzOavVp3PZNIeXh4W5YBh4jbeX8kiuzjj8GelRGve878PpkPPuvyOX/UsPDUtJ5zUOh4e9FB9
vOMtYg26kqKPu3ZYAI2c2rLwr/CxmnWXOxwuFUC6IcdgfaXfhrGhfmaAexNGTciqyubDjbQYLzkc
8bE5u54yuS+kb+jCgXrzlJHHLvBBCzqGQBAtzSzZTkdDY3LaIDq0HcopKvsEpQ9SX3uFS9xal4NZ
MhJZ5B9mRbT2ozrGZBXIdox4wPQWVzUqSye3aUe/BAfUvpw6hp15qskepP8KA68fanHscmABRbKx
qZF5bSJDrgbDN1o7VudYcbMpUSk+VQIz2rL07FYsn1+669+Dw/v2uZHE9Qxvc6Dp7cmN0tUUXaIx
rQ4mQDnyS6k=
Fingerprint: f9:af:07:e0:fd:54:ab:bf:c1:49:44:4e:b0:d8:06:c5

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1196936736 | 2024-04-30T00:55:15.591421

80 / tcp

HTTP/1.1 401 Unauthorized
Server: nginx/1.18.0
Date: Tue, 30 Apr 2024 00:55:15 GMT
Content-Type: text/html
Content-Length: 581
Connection: keep-alive
WWW-Authenticate: Basic realm="closed site"

-319991952 | 2024-05-01T03:54:11.175294

443 / tcp

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Length: 1999
Content-Type: text/html
Keep-Alive: timeout=15; max=19

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=US-VPN-Prv, O=US-VPN-Prv, OU=US-VPN-Prv, C=US
        Validity
            Not Before: Mar 16 07:59:13 2023 GMT
            Not After : Dec 31 07:59:13 2037 GMT
        Subject: CN=US-VPN-Prv, O=US-VPN-Prv, OU=US-VPN-Prv, C=US
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:98:9a:63:94:9b:b7:4d:00:09:33:68:8e:66:9d:
                    6d:b9:99:96:e1:26:f8:0f:07:9c:06:74:0c:73:7a:
                    84:ff:86:dd:2e:92:da:2e:1e:b9:62:0b:57:f0:94:
                    50:c5:c9:6c:69:dd:2f:c4:f6:9f:a5:2b:71:7d:43:
                    9d:41:39:4a:7d:5e:05:ed:0d:55:c2:07:95:67:90:
                    b6:90:42:da:ab:a7:5d:42:5e:97:c2:e5:5a:78:1e:
                    a8:22:44:fb:c9:92:60:c7:64:87:88:86:1a:e0:39:
                    ab:4f:06:cd:93:e0:b3:fe:9e:9c:5c:98:64:13:a4:
                    76:84:c6:67:36:e1:93:86:c6:ca:41:0a:50:ef:43:
                    96:fe:5a:d7:89:dd:53:6a:41:00:e5:63:73:86:37:
                    7e:92:04:1f:94:72:d8:65:29:d4:c9:df:dc:bb:d0:
                    80:a0:69:64:4d:92:61:8e:e9:16:d0:05:e9:6d:70:
                    1d:8b:10:4f:38:40:d5:31:95:41:82:2d:d4:44:c8:
                    47:67:5e:9e:1a:84:6b:a4:3d:fe:29:27:f9:72:3c:
                    04:50:14:95:fc:f0:d3:0c:e8:5c:4b:6d:f6:9e:1f:
                    47:30:b5:bf:d5:5f:ff:3d:28:57:3b:aa:f3:2d:de:
                    2c:13:22:35:3c:43:a6:7e:ef:ba:84:e3:0f:9a:ce:
                    95:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: 
                Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Certificate Sign, CRL Sign
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication, Code Signing, E-mail Protection, IPSec End System, IPSec Tunnel, IPSec User, Time Stamping, OCSP Signing
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        47:20:65:53:f2:89:13:d3:60:d9:22:42:1d:16:da:15:3c:04:
        9c:d2:97:46:08:d4:98:0a:7b:fe:13:6f:f7:15:88:b2:38:b9:
        0f:e2:62:e7:03:b3:f9:3a:51:1c:37:f2:1e:fb:c2:21:3b:4d:
        88:f3:c6:0b:e1:51:0a:ae:a7:77:26:b2:4a:f2:78:83:d4:a4:
        ff:8a:88:ee:ed:df:c6:43:f2:96:78:cc:5c:0c:c3:ba:cf:ad:
        af:87:13:1b:cb:f2:24:c0:2f:1e:a6:b5:b0:1e:73:cb:82:1f:
        42:51:6e:10:56:cf:0c:b9:d1:92:4f:95:9a:62:a3:f1:ad:fe:
        76:b9:67:16:32:2a:c3:c6:55:f0:74:a8:fd:3f:6d:d4:cb:a8:
        7e:1d:63:3f:49:fe:2b:f1:c1:d0:11:a4:81:a8:08:f0:42:a3:
        e5:26:cc:8b:e2:50:da:26:6f:33:e6:f7:31:64:71:e6:da:99:
        01:be:e3:01:dc:b2:9b:7d:f7:3c:2e:36:50:dc:db:89:c5:11:
        da:b6:6d:33:b6:50:ae:94:07:a6:f7:30:5c:d7:c4:52:dc:36:
        18:39:00:fe:99:ca:8a:7d:74:84:a0:8d:09:6b:65:ef:21:7b:
        3e:32:7b:ae:b8:08:16:8e:16:d0:1d:33:7c:03:ab:ed:22:d5:
        43:a1:5d:79

-1204072070 | 2024-04-19T12:42:28.760016

1194 / udp

@\x14\xbd\xc8\xd9\xd3\xe7\x17\xf6\x01\x00\x00\x00\x00\xd9\xce:\xbe\xf6\x98\xa5m\x00\x00\x00\x00

-1562336413 | 2024-05-01T18:47:12.468573

4500 / udp

VPN (IKE NAT-T)

Initiator SPI: 052c42661f9b42af
Responder SPI: 0000000000000000
Next Payload: Notification (N)
Version: 1.0
Exchange Type: Informational
Flags:
    Encryption:     False
    Commit:         False
    Authentication: False
Message ID: 1f87095b
Length: 48

188.227.57.52

Last Seen: 2024-05-01

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-919108430 | 2024-04-28T20:41:24.009820
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u1

-1196936736 | 2024-04-30T00:55:15.591421
80 / tcp

nginx1.18.0

-319991952 | 2024-05-01T03:54:11.175294
443 / tcp

-1204072070 | 2024-04-19T12:42:28.760016
1194 / udp

-1562336413 | 2024-05-01T18:47:12.468573
4500 / udp

Products

Pricing

Contact Us

188.227.57.52

Last Seen: 2024-05-01

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-919108430 | 2024-04-28T20:41:24.009820 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u1

-1196936736 | 2024-04-30T00:55:15.591421 80 / tcp

nginx1.18.0

-319991952 | 2024-05-01T03:54:11.175294 443 / tcp

-1204072070 | 2024-04-19T12:42:28.760016 1194 / udp

-1562336413 | 2024-05-01T18:47:12.468573 4500 / udp

Products

Pricing

Contact Us

-919108430 | 2024-04-28T20:41:24.009820
22 / tcp

-1196936736 | 2024-04-30T00:55:15.591421
80 / tcp

-319991952 | 2024-05-01T03:54:11.175294
443 / tcp

-1204072070 | 2024-04-19T12:42:28.760016
1194 / udp

-1562336413 | 2024-05-01T18:47:12.468573
4500 / udp