GeneralInformation

Hostnames	46-248-186-12.rev.iq.pl nextcommerce.io
Domains	iq.pl nextcommerce.io
Country	Poland
City	Gdańsk
Organization	IQ PL Sp. z o.o.
ISP	IQ PL Sp. z o.o.
ASN	AS47544

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 81 82 88 111 443 1337

1122055230 | 2024-05-02T18:50:37.949832

22 / tcp

SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQC+Mdsct7VHJNohYFMjASz5xiDDEdTqoTjSk46qcgKnssmc
uLs46ZzhCQo3hrFtzgVaOu5orxB275per6tmyCT1XiHbByYqSrhaZuNML9yMONb1YMrekDP4BeFQ
BhrhaWfsuYDtUM66NWSns/LPnOainLmsXXsUrKoH2B6A70hxea/HcaOTChBPtzbUoa5SxtDoevzw
yLJF8vW0qNujn70GM67TuvNhm0XxnyEnx5ASGCyvErxx8tLPLSw6N0gWwnsRHXJznbJO3qjywNIt
ppoU1GGvS1nYA4MeqeP8d88kpONwpOCmiaoAjeBlBPwXeQb6V9J6jcwRVqXV84VP8vnN
Fingerprint: 82:ef:a4:63:28:01:e7:98:00:5a:86:1f:ba:45:da:c2

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1280035240 | 2024-04-29T14:17:12.176742

80 / tcp

HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://46.248.186.12/

1107245023 | 2024-05-14T19:45:27.151773

81 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 14 May 2024 19:45:27 GMT
Content-Type: directory
Transfer-Encoding: chunked
Connection: keep-alive

-1250504565 | 2024-04-30T11:54:24.824250

82 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

1877923141 | 2024-05-14T04:35:35.811687

88 / tcp

HTTP/1.1 401 Unauthorized
content-length: 112
cache-control: no-cache
content-type: text/html
www-authenticate: Basic realm="HAProxy Statistics"
connection: close

-1253220820 | 2024-05-05T07:25:23.003650

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	41586
status	1	tcp	60683
nlockmgr	1	udp	59080
nlockmgr	3	udp	59080
nlockmgr	4	udp	59080
nlockmgr	1	tcp	33347
nlockmgr	3	tcp	33347
nlockmgr	4	tcp	33347

-96473662 | 2024-05-11T23:36:50.868351

111 / udp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
status	1	udp	56307
status	1	tcp	44851
nlockmgr	1	udp	49347
nlockmgr	3	udp	49347
nlockmgr	4	udp	49347
nlockmgr	1	tcp	33535
nlockmgr	3	tcp	33535
nlockmgr	4	tcp	33535

1674065309 | 2024-05-10T22:16:19.725217

443 / tcp

HTTP/1.1 200 OK
server: nginx/1.18.0
date: Fri, 10 May 2024 22:16:19 GMT
content-type: directory
transfer-encoding: chunked
cache-control: max-age=2592000
x-server: s5
x-backend: static
x-static: static_rc:static1

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:5d:1a:22:9b:89:46:42:f4:87:53:cf:48:58:58:e9:99:a2
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 16 13:10:31 2022 GMT
            Not After : May 17 13:10:30 2022 GMT
        Subject: CN=*.nextcommerce.io
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b2:d6:05:5a:13:43:8e:73:0b:e9:15:e4:0b:5a:
                    fe:66:72:6d:20:80:64:17:bc:e0:08:f6:10:3d:cf:
                    40:5c:c6:ff:e2:25:df:a9:7f:b9:70:49:ea:1c:44:
                    77:48:70:3b:07:1b:b7:11:e3:73:a7:05:d0:30:f1:
                    ed:84:ee:23:5f:cc:e6:12:ae:93:3a:27:4e:34:55:
                    c2:eb:df:9a:a1:75:e8:3d:74:6e:95:26:1b:0f:51:
                    d2:a6:fd:a9:33:a8:ca:69:d1:52:66:26:8c:a1:36:
                    68:fd:8d:cc:84:89:48:21:af:44:d8:0e:54:b4:48:
                    37:57:86:85:15:10:99:86:61:d3:62:a3:06:c7:77:
                    3d:4d:f1:e5:45:43:d3:e8:b7:9a:df:13:ce:7c:43:
                    57:9d:74:91:ba:c5:ab:be:66:b6:d1:06:cb:7b:4e:
                    f9:9b:c4:bd:63:2c:d4:65:5e:19:ef:93:d6:b0:13:
                    33:26:c4:d5:ee:ec:67:78:3f:a3:74:d0:91:c9:06:
                    58:b9:88:42:c3:47:4c:68:fe:70:2e:63:f3:97:45:
                    92:08:52:01:7c:b7:47:55:33:56:7b:f9:aa:be:95:
                    98:0a:1d:0e:e0:da:dd:3d:9d:5f:0d:1b:39:07:8a:
                    1c:75:e2:d3:c6:8c:88:bd:dc:87:00:ca:ab:e2:80:
                    f8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                90:33:C6:97:1A:87:3D:5E:E6:4E:DF:94:7D:59:8B:EF:BD:AB:3C:DA
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.nextcommerce.io, DNS:nextcommerce.io
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:A5:5E:AB:68:82:4F:1F:6C:AD:EE:B8:5F:4E:3E:5A:
                                EA:CD:A2:12:A4:6A:5E:8E:3B:12:C0:20:44:5C:2A:73
                    Timestamp : Feb 16 14:10:31.742 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:92:59:04:0B:82:ED:8D:23:0A:23:46:
                                8C:97:FA:2B:9C:C1:25:5A:63:DB:EA:82:D7:E4:32:73:
                                44:E5:E2:3E:FF:02:21:00:8C:99:D8:C1:F6:C5:BD:CE:
                                B4:E4:7D:7B:E6:D3:71:22:8A:28:BC:6D:70:E8:64:A9:
                                AD:16:F5:54:D6:06:6D:34
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
                                BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
                    Timestamp : Feb 16 14:10:31.724 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:DC:63:EB:76:C1:FB:E0:35:6A:20:11:
                                54:04:21:7C:17:B3:89:00:F9:48:33:5E:57:F7:FA:24:
                                B3:BA:9C:3D:D1:02:21:00:ED:2E:D9:3E:B4:CE:55:69:
                                38:20:0E:D4:27:D4:02:F8:30:25:86:1D:A5:63:3F:DA:
                                B7:16:BB:C5:30:75:62:D1
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        ab:65:02:03:43:2d:9f:92:83:ea:8d:03:77:e6:d2:84:f9:85:
        a4:94:fb:34:ea:ae:db:e1:8e:cc:d8:07:50:5e:d7:5a:f1:47:
        c1:eb:40:bb:a0:a5:13:21:38:b4:5d:31:d9:a1:0a:78:1d:3e:
        64:a6:ed:4d:60:e0:04:42:77:b7:67:58:29:1a:72:3d:b3:60:
        87:4f:18:56:e1:ff:0a:36:8d:fd:16:bf:d6:0f:c6:bb:af:cb:
        f8:f1:a7:76:b4:7b:ca:c3:2b:83:5b:57:97:cf:c1:43:70:5f:
        1d:68:84:68:89:03:78:75:3c:2b:bb:ec:fc:8d:ea:77:4f:f7:
        6c:c7:60:8f:0e:0e:01:f0:af:d9:bc:e2:c7:8c:91:27:2f:95:
        eb:b2:83:6a:78:5d:d6:53:26:34:b2:81:d9:7e:68:4e:ed:0d:
        d3:af:d3:80:45:91:d7:b3:d3:bd:3e:17:c9:9e:5e:33:01:eb:
        f3:fb:90:1f:c8:17:ea:e3:4d:f1:f1:0a:5e:14:fb:79:b2:07:
        8e:39:a2:13:1e:4b:99:83:f5:09:e7:ff:09:29:74:d3:31:5c:
        f2:de:c3:05:8d:6a:95:82:f5:7c:6c:23:bf:fa:2a:93:90:97:
        b8:02:63:61:7d:1b:c2:0d:de:92:a6:ee:b1:6d:56:66:ec:fc:
        94:ef:60:d9

-1044675133 | 2024-05-11T19:31:32.426518

1337 / tcp

HTTP/1.1 200 OK
content-type: application/json
Date: Sat, 11 May 2024 19:31:32 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 30

Invalid token syntax (url:'/')

46.248.186.12

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1122055230 | 2024-05-02T18:50:37.949832
22 / tcp

OpenSSH7.9p1 Debian 10+deb10u2

1280035240 | 2024-04-29T14:17:12.176742
80 / tcp

1107245023 | 2024-05-14T19:45:27.151773
81 / tcp

nginx1.18.0

-1250504565 | 2024-04-30T11:54:24.824250
82 / tcp

1877923141 | 2024-05-14T04:35:35.811687
88 / tcp

-1253220820 | 2024-05-05T07:25:23.003650
111 / tcp

-96473662 | 2024-05-11T23:36:50.868351
111 / udp

1674065309 | 2024-05-10T22:16:19.725217
443 / tcp

nginx1.18.0

-1044675133 | 2024-05-11T19:31:32.426518
1337 / tcp

Products

Pricing

Contact Us

46.248.186.12

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1122055230 | 2024-05-02T18:50:37.949832 22 / tcp

OpenSSH7.9p1 Debian 10+deb10u2

1280035240 | 2024-04-29T14:17:12.176742 80 / tcp

1107245023 | 2024-05-14T19:45:27.151773 81 / tcp

nginx1.18.0

-1250504565 | 2024-04-30T11:54:24.824250 82 / tcp

1877923141 | 2024-05-14T04:35:35.811687 88 / tcp

-1253220820 | 2024-05-05T07:25:23.003650 111 / tcp

-96473662 | 2024-05-11T23:36:50.868351 111 / udp

1674065309 | 2024-05-10T22:16:19.725217 443 / tcp

nginx1.18.0

-1044675133 | 2024-05-11T19:31:32.426518 1337 / tcp

Products

Pricing

Contact Us

1122055230 | 2024-05-02T18:50:37.949832
22 / tcp

1280035240 | 2024-04-29T14:17:12.176742
80 / tcp

1107245023 | 2024-05-14T19:45:27.151773
81 / tcp

-1250504565 | 2024-04-30T11:54:24.824250
82 / tcp

1877923141 | 2024-05-14T04:35:35.811687
88 / tcp

-1253220820 | 2024-05-05T07:25:23.003650
111 / tcp

-96473662 | 2024-05-11T23:36:50.868351
111 / udp

1674065309 | 2024-05-10T22:16:19.725217
443 / tcp

-1044675133 | 2024-05-11T19:31:32.426518
1337 / tcp