GeneralInformation

Hostnames	240.103.209.35.bc.googleusercontent.com newzealandlisted.com
Domains	googleusercontent.com newzealandlisted.com
Cloud Provider	Google
Cloud Region	us-central1
Country	United States
City	Council Bluffs
Organization	Google LLC
ISP	Google LLC
ASN	AS15169

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

80 443

-2027688078 | 2024-04-20T22:09:24.532931

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.17.4
Date: Sat, 20 Apr 2024 22:09:23 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://35.209.103.240/

-1013622810 | 2024-04-22T10:54:28.921786

443 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 Apr 2024 10:54:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Strict-Transport-Security: max-age=3072000; includeSubdomains

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:26:dc:fa:cc:3d:cb:48:b8:eb:c9:16:da:06:d8:cb:89:6b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  2 09:10:34 2024 GMT
            Not After : Jul  1 09:10:33 2024 GMT
        Subject: CN=newzealandlisted.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ed:de:5f:ba:4d:0c:1b:2f:44:4a:4f:fd:50:47:
                    4e:c0:5b:82:5b:3e:fd:50:34:02:72:5d:e3:de:be:
                    e5:9a:3f:6a:82:05:3d:67:b3:e6:0f:9d:bc:da:e3:
                    05:4c:81:3b:1b:c4:e0:b1:48:21:b6:f8:e7:b3:61:
                    5c:e6:fd:be:8e:37:55:7d:9d:54:c0:3a:bc:36:c6:
                    2c:7b:53:88:e4:23:6e:a9:19:1c:2b:98:2e:dd:03:
                    3f:dc:a6:9c:da:38:df:1f:16:a2:5f:41:ea:2f:98:
                    9f:21:b5:cf:e5:d3:7e:55:5c:67:ba:71:3b:f0:67:
                    7a:47:30:8b:ad:35:84:ff:60:59:6a:32:04:d2:84:
                    be:23:63:61:7b:2d:5e:98:e4:88:fc:2b:08:0e:d6:
                    48:b2:19:f6:c9:c3:64:ef:de:c7:b9:4c:d0:c2:91:
                    30:3e:65:0c:49:ab:e2:17:9b:1b:c5:ba:06:9f:f2:
                    20:55:73:17:e7:7f:d6:2e:70:66:41:79:38:72:42:
                    1d:48:41:cb:ff:b9:da:66:40:a5:df:a7:74:bc:a9:
                    bc:a7:c6:7e:60:8f:eb:3a:f1:1f:4e:3d:8f:a6:ab:
                    dd:9e:56:73:82:84:92:d1:4c:45:6b:54:b5:5d:2b:
                    5b:1c:3e:2d:99:a1:23:46:be:5e:88:8b:9c:c7:1d:
                    a9:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                74:6F:8A:E5:25:78:24:ED:52:BC:20:04:97:77:B2:47:16:41:E4:31
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.newzealandlisted.com, DNS:newzealandlisted.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr  2 10:10:34.402 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:11:C9:E8:BB:93:D3:44:1F:E8:4D:EC:C0:
                                BF:ED:C8:16:AF:A6:54:7C:ED:62:57:92:89:D9:03:58:
                                EC:6B:AE:B1:02:20:28:96:B4:1B:CF:D5:5E:C6:6B:4D:
                                26:0A:D8:C1:32:67:48:63:F0:0F:C4:48:55:A2:04:94:
                                0C:2D:DA:D8:48:16
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr  2 10:10:34.411 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:3B:AB:E7:17:81:40:BD:29:50:0B:BE:80:
                                18:7D:34:C3:1E:A2:20:9F:BA:A4:B9:7C:62:1B:23:B6:
                                0B:CA:94:52:02:20:5A:14:42:F3:3F:3D:46:A8:AE:EB:
                                A3:84:ED:EF:22:8B:65:3D:C4:D0:28:C6:DB:75:DA:5D:
                                F2:36:A9:9A:14:B3
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        06:43:a9:da:a7:fd:6e:d3:a8:47:3b:90:c8:1d:fb:c6:c3:a2:
        da:fa:c7:c7:f9:72:62:5a:b9:ed:27:d0:ad:ec:e3:27:95:9f:
        9b:62:f9:86:08:26:f6:82:21:65:89:31:b9:41:40:3a:d3:19:
        cb:44:a0:82:f3:b6:25:05:e3:0d:d6:34:d2:a1:f9:83:d9:d6:
        b5:78:8e:42:a5:98:bd:c6:ab:61:01:d7:d5:ba:d6:14:88:c2:
        6a:17:7b:a4:41:33:69:06:be:d3:95:7c:ef:55:52:08:cd:9d:
        51:1b:46:ff:39:af:c6:93:bb:5a:1f:37:9a:86:09:7c:d8:aa:
        a2:a3:4d:eb:f6:39:30:b3:8c:d5:2f:6c:b2:bb:cb:db:8c:5c:
        1a:6a:eb:73:42:49:ac:d2:ba:b0:97:0a:76:d4:7c:20:50:b0:
        7f:1d:3e:5e:d3:74:cf:8b:73:92:87:98:27:2d:be:d1:28:e7:
        ac:0a:f7:cc:6b:8b:c1:69:19:01:e5:0b:1c:9e:64:c4:a6:b6:
        a8:96:93:08:28:37:e7:56:23:16:9e:c7:d0:1f:2a:cd:71:6d:
        db:c0:c2:37:e4:c1:51:5c:22:38:1d:38:6a:76:b4:96:f0:ea:
        1d:31:62:e7:23:9f:d3:69:a0:01:15:f6:91:3d:b2:0f:a1:4c:
        d0:2a:be:5e

35.209.103.240

Last Seen: 2024-04-22

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-2027688078 | 2024-04-20T22:09:24.532931
80 / tcp

nginx1.17.4

-1013622810 | 2024-04-22T10:54:28.921786
443 / tcp

nginx

Products

Pricing

Contact Us

35.209.103.240

Last Seen: 2024-04-22

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-2027688078 | 2024-04-20T22:09:24.532931 80 / tcp

nginx1.17.4

-1013622810 | 2024-04-22T10:54:28.921786 443 / tcp

nginx

Products

Pricing

Contact Us

-2027688078 | 2024-04-20T22:09:24.532931
80 / tcp

-1013622810 | 2024-04-22T10:54:28.921786
443 / tcp