GeneralInformation

Hostnames	ool-2f17633b.static.optonline.net dev2.tocr.com
Domains	optonline.net tocr.com
Country	United States
City	Ramsey
Organization	Cablevision Systems Corp.
ISP	Cablevision Systems Corp.
ASN	AS6128

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

22 80 443

-196777481 | 2024-04-10T16:12:40.357756

22 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.7
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCfXTLpAqddb4KgPJqG6hfBW8crt7l5YgkJCrzthxFLSfy5
R++pcIPECvgO/bCERPxpQnHi+Iy3gm16rkL6Qp8vjUtJTjtmt1fIxG8+DssHqiEpxqn/gkDHXc8I
KH/admxrYRGeWsFzyrCy1HDM/T1Wcy8FSQWt3e3KiCj45YXHlFYrDBSYTgx9Uik2pHX/9LjlVPQb
CGcgLYZ2sVvGTxW7ZF0tzdjT0ni1LIGqM+vxpUzLbwohbNUNivdhmd0Jvme+1j0riu0ZEqUWLrYv
6AFmNdC2jZuhNOKuO19yDKNmFYaFQ+ApC27lv/yOeQSlZHTd2Ft0n6nb2ADWGZeXWj61
Fingerprint: da:c2:ce:84:01:b9:f1:03:df:3b:47:b6:d9:99:63:ce

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-613259682 | 2024-04-20T16:44:12.706173

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.17.3
Date: Sat, 20 Apr 2024 16:44:12 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://dev2.tocr.com/

-701849974 | 2024-04-20T17:43:53.725089

443 / tcp

HTTP/1.1 502 Bad Gateway
Server: nginx/1.17.3
Date: Sat, 20 Apr 2024 17:43:53 GMT
Content-Type: text/html
Content-Length: 559
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:7c:38:32:14:cd:3c:9e:ab:fa:44:d4:98:d6:69:00:0b:07
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 10 09:12:47 2024 GMT
            Not After : Jun  8 09:12:46 2024 GMT
        Subject: CN=dev2.tocr.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ad:94:86:3d:74:04:7d:67:76:f8:e6:ba:3f:99:
                    94:8f:f8:f5:1d:23:56:4b:39:5d:09:e0:44:2a:bc:
                    41:9e:c7:65:94:31:73:39:1d:e4:5c:1b:47:33:50:
                    2e:7c:dc:ea:a7:2b:4a:50:9b:93:0b:1e:b1:5d:ab:
                    e6:3e:52:2d:33:8e:24:d8:b7:fa:65:87:d8:18:84:
                    33:22:3d:f9:17:5f:d3:12:49:6d:a1:0c:56:a0:2f:
                    02:91:6f:8b:43:04:37:3b:30:7a:1d:72:cf:a0:55:
                    11:fb:7a:6d:ad:d8:f1:03:61:c2:b5:46:8e:d6:5e:
                    df:24:12:0f:5a:a0:88:76:37:c4:94:0c:ec:6a:9c:
                    40:70:4e:6d:5c:c1:79:95:0e:4a:65:2f:bc:04:3e:
                    24:a5:a4:e5:ee:31:10:fb:a0:b3:1a:0c:e4:51:e6:
                    3b:10:14:cc:ec:26:38:5a:95:c2:8a:a7:92:10:b8:
                    1f:2e:7d:12:ed:c8:37:c1:f7:45:3f:6f:29:3a:6f:
                    51:c5:2a:c0:91:08:72:cd:fb:75:5d:bf:bc:52:d7:
                    a2:15:4d:04:ca:e1:90:81:40:60:b3:b0:17:42:84:
                    61:36:c6:63:60:a9:c2:83:6a:0a:a7:9b:9e:e8:39:
                    25:61:7b:60:0b:e2:09:ad:3c:84:6c:e2:0e:ab:0d:
                    11:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                E5:C4:3D:83:D0:21:5B:34:6C:56:05:D4:11:FE:2A:22:92:66:9B:D1
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:dev2.tocr.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 10 10:12:47.369 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:29:C8:3F:77:BB:20:59:33:00:70:46:E1:
                                06:7B:97:F3:C1:C7:06:0D:1A:64:E2:D8:DF:EA:70:BB:
                                54:57:10:28:02:21:00:E0:A0:75:AA:F7:9F:2F:DC:71:
                                29:E3:B1:23:9E:B9:04:43:30:22:DA:B9:8F:DA:BF:2D:
                                DF:7A:59:BB:CD:03:69
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 10 10:12:47.356 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:50:44:2D:3E:21:50:42:69:6F:AE:1C:0B:
                                73:2E:8E:23:71:D8:1A:84:3F:44:24:6E:9E:79:DE:B4:
                                BF:9E:9C:D4:02:20:11:D6:83:61:25:02:AF:48:0A:0B:
                                EC:9F:7A:12:C2:C7:CA:26:ED:99:CE:EB:0C:27:48:E8:
                                45:D4:84:9E:E4:56
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        51:4e:52:fa:f9:f5:96:19:b0:b0:06:4d:f2:de:f6:50:41:db:
        5e:fb:e7:e0:00:d7:42:a0:23:fe:76:88:0f:1d:23:84:ee:d6:
        d5:d0:8f:14:93:33:ed:95:39:32:77:79:d4:bf:f3:d5:5b:42:
        51:df:a7:c3:74:b3:05:fd:ec:c9:8c:dd:7d:45:d4:97:b9:18:
        9e:51:5f:4c:35:2d:da:a1:fe:62:fc:5b:de:95:b5:f3:0e:62:
        8a:64:7c:22:08:aa:a6:5f:a0:99:46:3e:32:6f:ed:27:45:7b:
        af:f7:ce:1d:3b:2b:76:e1:58:1a:a9:a5:14:a3:d9:ce:41:1d:
        c8:24:c3:f2:7a:83:75:f9:9e:f2:78:51:03:f9:0e:b8:4e:99:
        46:09:39:46:06:bb:30:96:6e:ba:2c:b1:b4:83:54:50:85:7b:
        22:f9:65:d6:de:5f:c2:23:90:f2:f0:d6:72:26:6e:6b:79:91:
        c9:be:ab:bd:de:e1:0d:89:c3:8e:3f:47:ae:f9:7b:77:33:32:
        f0:4d:52:0f:b6:7e:f8:8c:e6:f6:cb:d3:49:cc:2c:1a:40:b1:
        73:ce:e9:2f:7c:56:89:62:a6:cf:5e:44:e2:ed:d5:c4:f5:3f:
        46:f2:45:87:58:d2:bc:4f:cc:72:d0:53:9d:8d:5d:3a:ab:f1:
        28:09:de:29

47.23.99.59

Last Seen: 2024-04-20

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-196777481 | 2024-04-10T16:12:40.357756
22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.7

-613259682 | 2024-04-20T16:44:12.706173
80 / tcp

nginx1.17.3

-701849974 | 2024-04-20T17:43:53.725089
443 / tcp

nginx1.17.3

Products

Pricing

Contact Us

47.23.99.59

Last Seen: 2024-04-20

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-196777481 | 2024-04-10T16:12:40.357756 22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.7

-613259682 | 2024-04-20T16:44:12.706173 80 / tcp

nginx1.17.3

-701849974 | 2024-04-20T17:43:53.725089 443 / tcp

nginx1.17.3

Products

Pricing

Contact Us

-196777481 | 2024-04-10T16:12:40.357756
22 / tcp

-613259682 | 2024-04-20T16:44:12.706173
80 / tcp

-701849974 | 2024-04-20T17:43:53.725089
443 / tcp