GeneralInformation

Hostnames	kubot.kubwa.co.kr
Domains	kubwa.co.kr
Country	Korea, Republic of
City	Seoul
Organization	Korea Telecom
ISP	Korea Telecom
ASN	AS4766

WebTechnologies

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3000 3001 6443 8001 9000

789948413 | 2024-04-28T21:27:24.307952

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDFJBH2ZL9flSA1+Qj6BiGUbGQq96b0YOGXgNKSwEdpaIek
QFOe4Bujvo9Q0FtrB6UlrUxLmFp5HVm5GybctJooJ26uUaa5Z9EyWq8sfmY9HOF94ColUY/9DtSw
4UcxX2Oa/5mrjJZkkbjc9qMxzgQieXLDCuec9Gg8AgBRf39/faxPxVcO0+e1gL9f3N4u2GgRJdSQ
0Wb2P2/vFaXhRNWTAh10DogllSfdhpoZTOzPeNOfDddwWFdEzPb7rwmjxPN7/yS6lENyR28q4k8G
lp+/f8sBSOsydQEBtOtWSg5QhvOFniyD8tCKqvt+3mbfZ+S8jmYclKgFgUyEGDxZByS28i1DaGx2
uUvUVF1VsotNXJhiKVITDSnKZzDb7hyd19UA5et6kbhxqTKbwrQerUHoHGSdM9157YKDmVr0X6VV
V/o+AAw1OvNDY3pw/yHvG33Jjn2bWv1QU6DeXjVSNFHVOsYbCd4g6mkOdOPiI52iFusuPP563g4V
Sb2GeEJ9iV0=
Fingerprint: 2a:87:fd:2d:3d:ac:d9:36:91:dd:f7:f8:25:f5:10:c1

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

869281729 | 2024-05-02T19:05:36.326335

80 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 02 May 2024 19:05:35 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

1037154887 | 2024-05-01T14:13:08.362455

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 14:13:07 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-next-i18n-router-locale: en
x-middleware-rewrite: /en/
Vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
Cache-Control: no-store, must-revalidate
X-Powered-By: Next.js
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://kubot.kubwa.co.kr
Access-Control-Allow-Methods: GET, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:22:c7:32:e8:aa:f7:ba:56:dd:a3:65:3e:42:04:b9:f1:61
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 29 02:22:47 2024 GMT
            Not After : Jul 28 02:22:46 2024 GMT
        Subject: CN=kubot.kubwa.co.kr
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:db:fc:71:19:74:af:8e:4e:52:d1:06:62:b4:5c:
                    3b:b4:88:9f:61:5e:ef:bc:a5:44:40:a5:bd:ce:68:
                    b0:dd:e9:9b:35:9d:30:84:18:09:2b:35:7b:84:1f:
                    a6:79:6d:9a:37:38:32:b1:bd:0e:65:9e:72:36:9b:
                    63:44:ff:be:22:85:7c:02:a5:07:95:64:94:50:f5:
                    98:1a:54:5e:bc:9c:19:49:a6:dc:dc:06:1c:f4:82:
                    5c:ab:77:3a:69:34:7c:dd:94:d1:22:f4:d3:91:f6:
                    17:04:95:c4:2b:d2:af:0f:6a:b3:64:96:3b:f4:e9:
                    c4:a5:ed:54:da:ce:ed:ee:cc:15:2f:c7:57:64:c9:
                    45:54:c4:26:46:4b:26:db:ce:e4:bb:c9:52:4d:89:
                    68:f6:a6:44:31:db:81:24:90:9c:06:6b:d7:6a:40:
                    af:e5:b2:fd:e9:70:dc:c4:aa:d1:84:ff:f0:98:31:
                    f3:79:24:eb:e0:e7:f5:cd:3b:fc:22:14:3d:ae:74:
                    63:7b:e5:9f:73:58:91:00:0b:15:a6:20:c7:5f:0e:
                    c6:22:a4:1a:87:82:8d:37:15:ca:b6:7c:13:ac:0d:
                    3b:16:22:98:5a:0b:c5:ce:0b:59:63:11:38:93:d2:
                    81:3d:88:84:da:21:f8:13:aa:e4:06:64:90:c2:0d:
                    0d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                85:76:41:F1:8B:1B:37:3C:89:81:08:E9:1F:85:46:D0:6E:90:0B:3B
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:kubot.kubwa.co.kr
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 29 03:22:47.790 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6A:5F:B8:36:5F:52:97:07:76:39:27:82:
                                E9:39:5D:00:F0:83:73:AD:E6:71:A7:F0:19:5F:A5:72:
                                6C:4F:BF:7D:02:21:00:A8:44:C7:6F:5E:F1:BE:91:9F:
                                E3:8C:E5:9B:91:61:92:18:7D:8B:BF:0F:DE:A7:7B:AF:
                                F2:B0:DC:6E:C6:E4:C4
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr 29 03:22:48.000 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D5:CB:16:BD:25:67:80:44:21:28:74:
                                8B:15:5C:35:22:4A:A7:2E:E3:60:97:96:D2:82:E1:35:
                                F3:B1:67:0D:43:02:21:00:F2:DE:B7:92:01:51:8F:DF:
                                B6:CF:C7:7A:C4:74:43:58:66:0A:F9:F4:A6:1A:75:93:
                                DB:AE:8D:A1:1D:1C:F8:D3
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2a:6a:90:bf:bf:75:a6:1a:04:62:36:cc:14:55:74:98:a7:ef:
        95:ca:db:2b:40:ef:bc:bb:24:be:49:ab:4d:69:a3:8d:9d:76:
        25:c0:35:96:34:bc:b1:9b:77:4a:d0:7d:c1:5a:06:f1:38:5b:
        6f:8e:cb:88:26:8e:6c:16:3a:74:d5:77:f8:d0:2a:91:46:d2:
        98:ba:06:56:0a:61:10:99:bd:50:95:b5:57:46:92:e9:7c:9e:
        96:82:46:07:f2:2f:42:5d:03:0d:cb:61:60:0e:94:4f:2a:74:
        57:88:14:f7:f6:ac:ae:d8:ad:75:b3:45:19:55:07:93:73:61:
        0e:fb:eb:18:33:00:be:70:a2:d9:04:d9:80:41:90:96:ac:1b:
        88:13:5e:6f:d0:14:2b:07:d3:ce:e2:f4:b2:d4:80:56:55:01:
        fe:ab:16:1d:f1:1b:45:d9:20:4e:49:8e:56:98:f4:67:35:90:
        6a:e6:dd:6d:b1:88:c6:bd:28:da:31:ce:69:32:9d:70:6a:2f:
        17:cf:4e:95:71:73:3d:89:67:bf:80:1a:42:f1:01:84:63:5e:
        74:55:ac:d0:16:18:e4:5f:06:2f:73:49:d1:83:22:da:41:03:
        75:b2:3a:64:ea:20:5f:d0:ce:44:c2:e0:be:d6:c9:bb:1c:51:
        d8:3a:08:65

-21529078 | 2024-04-25T15:55:51.739122

3000 / tcp

HTTP/1.1 200 OK
Vary: Origin
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 05 Feb 2024 08:48:31 GMT
ETag: W/"40f-18d78746752"
Content-Type: text/html; charset=UTF-8
Content-Length: 1039
Date: Thu, 25 Apr 2024 15:55:51 GMT
Connection: keep-alive
Keep-Alive: timeout=5

-1246004407 | 2024-05-03T03:03:56.875820

3001 / tcp

HTTP/1.1 400 Bad Request
Connection: close

-61568676 | 2024-04-21T22:38:18.241454

6443 / tcp

HTTP/1.1 403 Forbidden
Audit-Id: c5465018-fc5f-4c7a-a1d9-fbcf9ef5c3df
Cache-Control: no-cache, private
Content-Type: application/json
X-Content-Type-Options: nosniff
X-Kubernetes-Pf-Flowschema-Uid: c8630f7f-546d-4cd3-a549-d105effc577c
X-Kubernetes-Pf-Prioritylevel-Uid: d047e9f6-6ab7-4248-a08a-6144b14d0f94
Date: Sun, 21 Apr 2024 22:38:18 GMT
Content-Length: 217

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4854069368989830661 (0x435d1e5f85be4e05)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=kubernetes
        Validity
            Not Before: Jul 21 01:35:12 2023 GMT
            Not After : Jul 20 01:35:12 2024 GMT
        Subject: CN=kube-apiserver
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ab:7d:2e:49:c0:96:b9:e8:c6:92:51:b1:1d:25:
                    fb:39:0b:0a:a1:77:59:19:05:fe:e8:e7:a2:91:51:
                    f3:83:dc:95:57:5b:84:a0:5b:a7:d6:ef:76:fa:37:
                    77:46:63:eb:b9:de:1d:7b:37:b8:88:03:e0:03:3e:
                    32:e3:45:64:95:39:c0:b3:eb:9c:70:93:0c:3b:18:
                    b2:a8:64:df:82:2d:f9:74:b0:bb:99:3f:89:c0:8b:
                    e0:07:5c:ea:d6:c8:f0:72:80:de:ca:9a:a5:34:bf:
                    df:d2:20:a9:70:9c:1f:2e:c2:ff:88:3c:04:7d:75:
                    ed:e7:e5:fc:d6:9a:37:56:ee:68:77:e9:dc:4c:3d:
                    0d:c7:15:8a:54:a8:22:1c:65:64:ab:b5:f7:18:74:
                    da:c9:9a:35:98:b2:39:44:7d:9e:bf:cc:63:45:7a:
                    6a:3a:25:58:dc:dc:88:05:f6:b6:29:6e:55:5b:fa:
                    f3:9e:bc:59:ba:37:a1:f6:47:eb:09:54:e8:f7:69:
                    9d:8c:c3:63:c3:49:39:cd:a2:4c:c5:a6:24:6f:03:
                    92:eb:40:ee:8b:c9:4d:05:6e:c4:88:1a:27:53:59:
                    23:b0:3e:c7:c2:53:41:dd:d9:be:a9:69:d6:87:5e:
                    88:d8:f1:de:15:23:6d:b4:f7:72:9a:ec:15:56:7c:
                    4e:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier: 
                54:B9:0F:ED:41:CB:88:C0:BD:DF:B7:FA:8F:DB:80:21:56:7D:25:C9
            X509v3 Subject Alternative Name: 
                DNS:kubernetes, DNS:kubernetes.default, DNS:kubernetes.default.svc, DNS:kubernetes.default.svc.cluster.local, DNS:kubwa-quantagrid-d52g-4u, IP Address:10.96.0.1, IP Address:222.122.118.72
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        03:5a:38:9b:d0:68:31:ce:b1:98:9b:26:f6:03:f0:bd:9c:ea:
        20:65:8c:f8:aa:4d:61:fd:79:ee:3c:2b:0a:4c:58:e3:8c:67:
        dc:df:4b:63:8b:6d:3e:3f:ea:c0:90:6b:bb:72:2a:b9:e2:03:
        03:19:2f:66:3a:b7:c0:0d:13:9d:0e:27:fd:df:1c:98:38:52:
        40:78:5c:39:3f:6d:ea:3c:9c:bb:33:b1:e5:62:07:bc:32:80:
        40:ad:c6:f3:62:3d:3f:d1:1a:14:21:e0:0b:71:73:04:72:e4:
        47:42:5d:bb:e0:f7:aa:e0:84:e9:c1:96:cf:c1:0e:c8:c4:05:
        3e:66:35:ed:73:f8:89:62:10:c0:48:ef:00:60:ff:e5:31:af:
        91:42:c7:cd:4e:ed:9f:f8:2f:af:a9:dd:82:13:a0:47:1f:0e:
        71:4c:cf:65:f3:92:67:fe:cd:26:6e:9f:f1:de:c5:03:2c:1c:
        0d:7a:77:2d:93:d3:ff:62:ef:38:0d:9f:64:d1:ab:e6:bd:b5:
        69:79:d4:df:f6:31:63:cf:9a:4b:e5:94:3a:09:8f:2c:7e:61:
        f7:24:3d:49:30:68:db:b5:38:19:7f:1b:1b:c5:61:52:0a:4d:
        98:17:69:aa:a9:47:56:f8:12:d4:bc:81:31:b7:94:06:6d:1c:
        fc:be:56:2f

1087555008 | 2024-04-21T19:03:49.249316

8001 / tcp

HTTP/1.1 200 OK
Server: TornadoServer/6.2
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Apr 2024 19:03:49 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; report-uri /api/security/csp-report
Access-Control-Allow-Origin: *
Etag: "eaef304d15286c973e60e0b376aa46fb7591868e"
Content-Length: 3685
Set-Cookie: _xsrf=2|62f12ded|e11868db181fc3d120a2184ea57f47bd|1713726229; expires=Tue, 21 May 2024 19:03:49 GMT; Path=/

-758785555 | 2024-04-30T12:36:08.573940

9000 / tcp

HTTP/1.1 200 OK
Server: TornadoServer/6.3.2
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Apr 2024 12:36:08 GMT
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; report-uri /api/security/csp-report
Etag: "5b75a52d4f4e929ece828c10c25cdb3e03d7c0f3"
Content-Length: 6245
Set-Cookie: _xsrf=2|59c79d1a|84b789b0e0bc9e170066539d16707275|1714480568; expires=Thu, 30 May 2024 12:36:08 GMT; Path=/

222.122.118.72

Last Seen: 2024-05-03

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

789948413 | 2024-04-28T21:27:24.307952
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

869281729 | 2024-05-02T19:05:36.326335
80 / tcp

nginx1.18.0

1037154887 | 2024-05-01T14:13:08.362455
443 / tcp

nginx1.18.0

-21529078 | 2024-04-25T15:55:51.739122
3000 / tcp

-1246004407 | 2024-05-03T03:03:56.875820
3001 / tcp

-61568676 | 2024-04-21T22:38:18.241454
6443 / tcp

1087555008 | 2024-04-21T19:03:49.249316
8001 / tcp

Tornado Web Server6.2

-758785555 | 2024-04-30T12:36:08.573940
9000 / tcp

Tornado Web Server6.3.2

Products

Pricing

Contact Us

222.122.118.72

Last Seen: 2024-05-03

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

789948413 | 2024-04-28T21:27:24.307952 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

869281729 | 2024-05-02T19:05:36.326335 80 / tcp

nginx1.18.0

1037154887 | 2024-05-01T14:13:08.362455 443 / tcp

nginx1.18.0

-21529078 | 2024-04-25T15:55:51.739122 3000 / tcp

-1246004407 | 2024-05-03T03:03:56.875820 3001 / tcp

-61568676 | 2024-04-21T22:38:18.241454 6443 / tcp

1087555008 | 2024-04-21T19:03:49.249316 8001 / tcp

Tornado Web Server6.2

-758785555 | 2024-04-30T12:36:08.573940 9000 / tcp

Tornado Web Server6.3.2

Products

Pricing

Contact Us

789948413 | 2024-04-28T21:27:24.307952
22 / tcp

869281729 | 2024-05-02T19:05:36.326335
80 / tcp

1037154887 | 2024-05-01T14:13:08.362455
443 / tcp

-21529078 | 2024-04-25T15:55:51.739122
3000 / tcp

-1246004407 | 2024-05-03T03:03:56.875820
3001 / tcp

-61568676 | 2024-04-21T22:38:18.241454
6443 / tcp

1087555008 | 2024-04-21T19:03:49.249316
8001 / tcp

-758785555 | 2024-04-30T12:36:08.573940
9000 / tcp